Jump to content

Trojan Zeroaccess!inf4 in services.exe cannot be removed/quarantined


Recommended Posts

We ran the process you mentioned in post 114116 and am copying the results of the frst64.exe and search.txt below. Please let me know if there is a way to remove the trojan.

The computer is a HP Pavillion g series computer, operating system Windows 7.

HP told my husband the hard drive was compromised. If you can help us clear this threat, we would be ever grateful.

frst.txt

Scan result of Farbar Recovery Scan Tool Version: 23-08-2012 02

Ran by SYSTEM at 23-08-2012 21:06:33

Running from H:\Recovery

Windows 7 Home Premium (X64) OS Language: English(US)

The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)

HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1425408 1999-12-31] (IDT, Inc.)

HKLM-x32\...\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)

HKLM-x32\...\Run: [] [x]

HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-09-05] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-30] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)

HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-17] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)

HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-11-12] (Apple Inc.)

HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1107552 2012-07-01] ()

HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [630912 2012-02-09] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKU\Sam\...\Run: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000 [67456 2011-08-18] (Uniblue Systems Limited)

HKU\Sam\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6497592 2011-11-23] (Yahoo! Inc.)

HKU\Sam\...\Run: [Google Update] "C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-14] (Google Inc.)

HKU\Sam\...\Run: [Facebook Update] "C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-12] (Facebook Inc.)

HKU\Sam\...\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [44544 2009-07-13] (Microsoft Corporation)

HKU\Sam\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5661056 2012-07-09] (SUPERAntiSpyware.com)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)

2 DiskDoctorService; C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-29] (Symantec Corporation)

3 hpCMSrv; "C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe" [1071160 2011-02-15] (Hewlett-Packard Development Company L.P.)

2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\diMaster.dll" /prefetch:1 [309688 2012-04-12] (Symantec Corporation)

2 SpeedDiskService; C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-29] (Symantec Corporation)

2 vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [935008 2012-07-01] ()

========================== Drivers (Whitelisted) =============

2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120811.003\BHDrvx64.sys [1385120 2012-08-10] (Symantec Corporation)

1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)

1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)

3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-16] (Symantec Corporation)

1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20120822.001\IDSvia64.sys [512672 2012-08-21] (Symantec Corporation)

3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120822.034\ENG64.SYS [125600 2012-08-23] (Symantec Corporation)

3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120822.034\EX64.SYS [2084000 2012-08-23] (Symantec Corporation)

1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

1 SRTSP; C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)

1 SRTSPX; C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)

3 SWDUMon; C:\Windows\System32\Drivers\SWDUMon.sys [15672 2012-08-23] ()

0 SymDS; C:\Windows\System32\drivers\NISx64\1308000.00E\SYMDS64.SYS [451192 2012-03-28] (Symantec Corporation)

3 SymDSMon; C:\Windows\System32\Drivers\SymDSMon.sys [191232 2010-11-29] (Symantec Corporation)

0 SymEFA; C:\Windows\System32\drivers\NISx64\1308000.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)

3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-07-17] (Symantec Corporation)

1 SymIRON; C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)

1 SymNetS; C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)

3 SYMSpeedDisk; C:\Windows\System32\Drivers\SYMSpeedDisk.sys [163384 2010-11-29] (Symantec Corporation)

3 SYMSpeedDisk; C:\Windows\SysWow64\Drivers\SYMSpeedDisk.sys [108800 2010-11-29] (Symantec Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-08-23 21:06 - 2012-08-23 21:06 - 00000000 ____D C:\FRST

2012-08-23 10:44 - 2012-08-23 10:49 - 01805736 ____A (Symantec Corporation) C:\Users\Sam\Downloads\FixZeroAccess.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2012-08-21 15:24 - 2012-08-21 15:24 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2012-08-21 15:21 - 2012-08-21 15:21 - 00000000 ____D C:\Users\All Users\McAfee

2012-08-21 13:45 - 2012-08-21 13:45 - 02841104 ____A (Symantec Corporation) C:\Users\Sam\Downloads\NPE (1).exe

2012-08-21 11:48 - 2012-08-23 16:59 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-08-21 11:48 - 2012-08-23 16:31 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-08-21 11:48 - 2012-08-21 11:48 - 00001808 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2012-08-21 04:19 - 2012-08-21 14:43 - 00000000 ____D C:\Users\Sam\AppData\Local\NPE

2012-08-21 04:14 - 2012-08-21 04:19 - 02841104 ____A (Symantec Corporation) C:\Users\Sam\Downloads\NPE.exe

2012-08-21 04:14 - 2012-08-21 04:14 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%

2012-08-21 04:06 - 2012-08-21 04:06 - 333219710 ____A C:\Windows\MEMORY.DMP

2012-08-21 04:06 - 2012-08-21 04:06 - 00274680 ____A C:\Windows\Minidump\082112-28470-01.dmp

2012-08-21 04:06 - 2012-08-21 04:06 - 00000000 ____D C:\Windows\Minidump

2012-08-17 15:12 - 2012-08-21 11:48 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2012-08-17 15:12 - 2012-08-17 15:12 - 00000000 ____D C:\Users\Sam\AppData\Roaming\SUPERAntiSpyware.com

2012-08-17 15:12 - 2012-08-17 15:12 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com

2012-08-17 06:13 - 2012-08-23 10:50 - 00027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys

2012-08-16 03:34 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-08-16 03:34 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-08-16 03:34 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-08-16 03:34 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-08-16 03:34 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-08-16 03:34 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-08-16 03:34 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-08-16 03:34 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-08-16 03:34 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-08-16 03:34 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-08-16 03:34 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-08-16 03:34 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-08-16 03:34 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-08-16 03:34 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-08-16 03:34 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-08-16 03:34 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-08-16 03:34 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-08-16 03:34 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-08-16 03:34 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-08-16 03:34 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-08-16 03:34 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-08-16 03:34 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-08-16 03:34 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-08-16 03:34 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-08-16 03:34 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-08-16 03:34 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-08-16 03:34 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-08-16 03:34 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-08-15 09:57 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2012-08-15 09:57 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll

2012-08-15 09:57 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll

2012-08-15 09:57 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2012-08-15 09:57 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2012-08-15 09:57 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll

2012-08-15 09:56 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-08-11 09:39 - 2012-08-11 09:39 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Mozilla

============ 3 Months Modified Files ========================

2012-08-23 17:03 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-08-23 17:03 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-08-23 17:02 - 2012-07-01 05:51 - 00000414 ____A C:\Windows\Tasks\DriverUpdate Startup.job

2012-08-23 17:02 - 2011-10-29 17:04 - 00000340 ____A C:\Windows\Tasks\RegistryBooster.job

2012-08-23 16:59 - 2012-08-21 11:48 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-08-23 16:59 - 2012-07-01 05:51 - 00015672 ____A C:\Windows\System32\Drivers\SWDUMon.sys

2012-08-23 16:59 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-08-23 16:59 - 2009-07-13 20:51 - 00054388 ____A C:\Windows\setupact.log

2012-08-23 16:51 - 2011-08-01 16:59 - 01899382 ____A C:\Windows\WindowsUpdate.log

2012-08-23 16:37 - 2011-12-14 16:56 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001UA.job

2012-08-23 16:32 - 2011-10-25 11:06 - 00000256 ____A C:\Windows\Tasks\NUSchedule.job

2012-08-23 16:31 - 2012-08-21 11:48 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-08-23 16:31 - 2012-03-13 10:56 - 00000920 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001UA.job

2012-08-23 14:14 - 2009-07-13 21:13 - 00726270 ____A C:\Windows\System32\PerfStringBackup.INI

2012-08-23 10:51 - 2010-11-20 19:47 - 00026890 ____A C:\Windows\PFRO.log

2012-08-23 10:50 - 2012-08-17 06:13 - 00027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys

2012-08-23 10:49 - 2012-08-23 10:44 - 01805736 ____A (Symantec Corporation) C:\Users\Sam\Downloads\FixZeroAccess.exe

2012-08-23 05:40 - 2012-03-13 10:56 - 00000898 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001Core.job

2012-08-23 05:12 - 2011-12-14 16:56 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001Core.job

2012-08-23 03:53 - 2011-10-18 08:11 - 00022713 ____A C:\Users\Sam\Documents\Internet.xlsx

2012-08-23 03:44 - 2011-10-21 13:48 - 00029684 ____A C:\Users\Sam\Documents\Bills.xlsx

2012-08-21 15:24 - 2012-08-21 15:24 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2012-08-21 15:24 - 2012-08-21 15:24 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2012-08-21 15:24 - 2012-08-21 15:24 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2012-08-21 15:24 - 2011-04-21 15:35 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2012-08-21 13:45 - 2012-08-21 13:45 - 02841104 ____A (Symantec Corporation) C:\Users\Sam\Downloads\NPE (1).exe

2012-08-21 11:48 - 2012-08-21 11:48 - 00001808 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2012-08-21 04:19 - 2012-08-21 04:14 - 02841104 ____A (Symantec Corporation) C:\Users\Sam\Downloads\NPE.exe

2012-08-21 04:06 - 2012-08-21 04:06 - 333219710 ____A C:\Windows\MEMORY.DMP

2012-08-21 04:06 - 2012-08-21 04:06 - 00274680 ____A C:\Windows\Minidump\082112-28470-01.dmp

2012-08-17 13:49 - 2011-09-02 08:00 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log

2012-08-16 03:40 - 2012-07-06 15:26 - 00000324 ____A C:\Windows\Tasks\HPCeeScheduleForSam.job

2012-08-16 03:40 - 2011-08-25 16:17 - 00002501 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk

2012-08-16 03:40 - 2009-07-13 20:45 - 00415744 ____A C:\Windows\System32\FNTCACHE.DAT

2012-08-16 03:28 - 2011-10-21 12:39 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2012-08-15 18:36 - 2011-12-16 16:16 - 00003072 ____A C:\Windows\SysWOW64\Cache.db

2012-08-11 04:32 - 2012-04-07 08:04 - 00031486 ____A C:\Users\Sam\Documents\meds.xlsx

2012-08-01 13:27 - 2011-11-22 09:54 - 00000193 ____A C:\Users\Sam\Desktop\Facebook.url

2012-07-27 10:21 - 2012-05-25 11:01 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt

2012-07-18 10:15 - 2012-08-15 09:56 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-07-18 09:38 - 2012-07-18 09:38 - 00001398 ____A C:\Windows\IE9_main.log

2012-07-17 14:57 - 2011-08-01 17:17 - 00175736 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS

2012-07-17 14:57 - 2011-08-01 17:17 - 00007488 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT

2012-07-04 14:16 - 2012-08-15 09:57 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2012-07-04 14:13 - 2012-08-15 09:57 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll

2012-07-04 14:13 - 2012-08-15 09:57 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll

2012-07-04 13:16 - 2012-08-15 09:57 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2012-07-04 13:14 - 2012-08-15 09:57 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2012-07-01 05:51 - 2012-07-01 05:51 - 00002469 ____A C:\Users\Public\Desktop\DriverUpdate.lnk

2012-06-28 20:55 - 2012-08-16 03:34 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-06-28 20:09 - 2012-08-16 03:34 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-06-28 19:56 - 2012-08-16 03:34 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-06-28 19:49 - 2012-08-16 03:34 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-06-28 19:49 - 2012-08-16 03:34 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-06-28 19:48 - 2012-08-16 03:34 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-06-28 19:47 - 2012-08-16 03:34 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-06-28 19:45 - 2012-08-16 03:34 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-06-28 19:44 - 2012-08-16 03:34 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-06-28 19:43 - 2012-08-16 03:34 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-06-28 19:42 - 2012-08-16 03:34 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-06-28 19:40 - 2012-08-16 03:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-06-28 19:39 - 2012-08-16 03:34 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-06-28 19:35 - 2012-08-16 03:34 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-06-28 16:52 - 2012-08-16 03:34 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-06-28 16:27 - 2012-08-16 03:34 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-06-28 16:16 - 2012-08-16 03:34 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-06-28 16:09 - 2012-08-16 03:34 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-06-28 16:09 - 2012-08-16 03:34 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-06-28 16:08 - 2012-08-16 03:34 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-06-28 16:07 - 2012-08-16 03:34 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-06-28 16:06 - 2012-08-16 03:34 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-06-28 16:04 - 2012-08-16 03:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-06-28 16:04 - 2012-08-16 03:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-06-28 16:01 - 2012-08-16 03:34 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-06-28 16:01 - 2012-08-16 03:34 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-06-28 16:00 - 2012-08-16 03:34 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-06-28 15:57 - 2012-08-16 03:34 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-06-08 21:43 - 2012-07-11 05:22 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2012-06-08 20:41 - 2012-07-11 05:22 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2012-06-06 04:49 - 2012-06-06 04:49 - 01070152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX

2012-06-05 22:06 - 2012-07-11 05:22 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2012-06-05 22:06 - 2012-07-11 05:22 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll

2012-06-05 22:02 - 2012-07-11 05:22 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll

2012-06-05 21:05 - 2012-07-11 05:22 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2012-06-05 21:05 - 2012-07-11 05:22 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2012-06-05 21:03 - 2012-07-11 05:22 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2012-06-02 14:19 - 2012-06-21 03:51 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll

2012-06-02 14:19 - 2012-06-21 03:51 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll

2012-06-02 14:19 - 2012-06-21 03:51 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe

2012-06-02 14:19 - 2012-06-21 03:51 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll

2012-06-02 14:19 - 2012-06-21 03:51 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll

2012-06-02 14:15 - 2012-06-21 03:51 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll

2012-06-02 14:15 - 2012-06-21 03:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll

2012-06-02 11:19 - 2012-06-21 03:51 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll

2012-06-02 11:15 - 2012-06-21 03:51 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

2012-06-01 21:50 - 2012-07-11 05:22 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys

2012-06-01 21:48 - 2012-07-11 05:22 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys

2012-06-01 21:48 - 2012-07-11 05:22 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2012-06-01 21:45 - 2012-07-11 05:22 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll

2012-06-01 21:44 - 2012-07-11 05:22 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

2012-06-01 20:40 - 2012-07-11 05:22 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2012-06-01 20:40 - 2012-07-11 05:22 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2012-06-01 20:39 - 2012-07-11 05:22 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2012-06-01 20:34 - 2012-07-11 05:22 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

ZeroAccess:

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\@

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\L

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\U

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\L\00000004.@

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\L\201d3dde

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\U\00000008.@

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\U\80000032.@

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\U\80000064.@

ZeroAccess:

C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}

C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\@

C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\L

C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\U

ZeroAccess:

C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:

C:\Windows\assembly\GAC_64\Desktop.ini

========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 18%

Total physical RAM: 3690.9 MB

Available physical RAM: 2998.98 MB

Total Pagefile: 3689.05 MB

Available Pagefile: 2988.01 MB

Total Virtual: 8192 MB

Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:450.76 GB) (Free:410.95 GB) NTFS ==>[system with boot components (obtained from reading drive)]

2 Drive e: (RECOVERY) (Fixed) (Total:14.71 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from reading drive)]

3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

5 Drive h: (TOSHIBA) (Removable) (Total:3.73 GB) (Free:3.37 GB) FAT32

6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS

7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 465 GB 0 B

Disk 1 Online 3822 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 199 MB 1024 KB

Partition 2 Primary 450 GB 200 MB

Partition 3 Primary 14 GB 450 GB

Partition 4 Primary 103 MB 465 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy

==================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 450 GB Healthy

==================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 E RECOVERY NTFS Partition 14 GB Healthy

==================================================================================

Disk: 0

Partition 4

Type : 0C

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy

==================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 3818 MB 4032 KB

==================================================================================

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 5 H TOSHIBA FAT32 Removable 3818 MB Healthy

==================================================================================

Last Boot: 2012-08-03 05:11

======================= End Of Log ==========================

search.txt

Farbar Recovery Scan Tool Version: 23-08-2012 02

Ran by SYSTEM at 2012-08-23 21:08:48

Running from H:\Recovery

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe

[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

Link to post
Share on other sites

:welcome: I am TheDarkKnight and will be assisting you. Please ask questions if anything is unclear. :)

Please open Notepad. Copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt.


C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}
C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

On Windows XP: Now please boot into the BartPE CD.

Run FRST64 and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

==========

Then, please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.

==========

In your reply please provide the following:

  • Fixlog.txt.
  • ComboFix.txt.

How is the computer currently running?

Link to post
Share on other sites

I am copying the fixlog info below. However, the combofix scan does not seem to be running correctly. The first time I ran it, it hung after completing stage for. After about 30 minutes, I cancelled it. At that point, very few of my programs/shortcuts worked. I received a message that they could not be opened because of a registry number that had been scheduled for deletion. I restored the computer to the pre-scan backup and started combofix again. I went back to the instruction pages I printed and noted that they said the clock would be changed. I compared the provided diagram with my screen...no "Combofix has changed your clock settings..." It is again running stage 5 (not completed) and not continued the stages. Also, even though I disabled the Norton Smart Firewall and Antivirus scan until reboot, I got a message from Combofix that Norton was still activated. Please let me know if I missed a step or there is more I need to do to get the Combofix to run.

Prior to beginning this stage of the fix, explorer would not stay on the opened pages and would skip to another random site. Also, the computer would spontaneously shut down.

Thank you again for your assistance.

Kate

fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 23-08-2012 02

Ran by SYSTEM at 2012-08-28 20:53:23 Run:1

Running from H:\Recovery

==============================================

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}C:\Windows\assembly\GAC_32\Desktop.iniC:\Windows\assembly\GAC_64\Desktop.iniReplace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe not found.

Could not find C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}C:\Windows\assembly\GAC_32\Desktop.iniC:\Windows\assembly\GAC_64\Desktop.iniC:\Windows\System32\services.exe.

Could not find C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}C:\Windows\assembly\GAC_32\Desktop.iniC:\Windows\assembly\GAC_64\Desktop.iniC:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe .

==== End of Fixlog ====

Link to post
Share on other sites

Hello brookerk. :)

The fix for FRST didn't work last time so please do the following. Hopefully ComboFix will run after FRST takes out the rest of ZA. :)

Please download the attached fixlist.txt.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

On Windows XP: Now please boot into the BartPE CD.

Run FRST64 and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

==========

Then, please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.

==========

In your reply please provide the following:

  • Fixlog.txt.
  • ComboFix.txt.

How is the computer currently running?

fixlist.txt

Link to post
Share on other sites

fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 23-08-2012 02

Ran by SYSTEM at 2012-08-29 18:33:40 Run:2

Running from H:\Recovery

==============================================

C:\Windows\Installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a} moved successfully.

C:\Users\Sam\AppData\Local\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a} moved successfully.

C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.

C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.

C:\Windows\System32\services.exe moved successfully.

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

Combofix.txt

ComboFix 12-08-28.03 - Sam 08/29/2012 18:41:58.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3691.2171 [GMT -4:00]

Running from: c:\users\Sam\Desktop\ComboFix.exe

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Sam\GoToAssistDownloadHelper.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-29 )))))))))))))))))))))))))))))))

.

.

2012-08-29 22:53 . 2012-08-29 22:53 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-29 02:05 . 2012-08-29 02:05 -------- d-----w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

2012-08-24 05:06 . 2012-08-24 05:06 -------- d-----w- C:\FRST

2012-08-21 23:25 . 2012-08-21 23:25 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-08-21 23:24 . 2012-08-21 23:24 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-08-21 23:24 . 2012-08-21 23:24 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-08-21 23:21 . 2012-08-21 23:21 -------- d-----w- c:\programdata\McAfee

2012-08-21 12:19 . 2012-08-21 22:43 -------- d-----w- c:\users\Sam\AppData\Local\NPE

2012-08-21 12:14 . 2012-08-21 12:14 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-08-17 23:12 . 2012-08-17 23:12 -------- d-----w- c:\users\Sam\AppData\Roaming\SUPERAntiSpyware.com

2012-08-17 23:12 . 2012-08-21 19:48 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-08-17 23:12 . 2012-08-17 23:12 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-08-17 14:13 . 2012-08-23 18:50 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys

2012-08-15 20:18 . 2012-08-16 11:39 -------- d-----w- c:\windows\system32\drivers\NISx64\1308000.00E

2012-08-15 17:57 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-15 17:57 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-08-15 17:57 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-08-15 17:57 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-08-15 17:57 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-08-15 17:56 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-29 22:55 . 2012-07-01 13:51 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2012-08-21 23:24 . 2011-04-21 23:35 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-08-16 11:28 . 2011-10-21 20:39 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-07-17 22:57 . 2011-08-02 01:17 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2012-07-17 21:38 . 2011-09-30 22:28 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2012-07-17 21:28 . 2011-10-13 01:24 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-07-17 21:27 . 2011-09-11 00:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2012-07-17 21:27 . 2011-10-13 01:22 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-06-25 22:40 . 2011-09-11 00:08 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2012-06-18 20:58 . 2011-09-11 00:07 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2012-06-18 20:57 . 2011-09-29 21:38 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-06-18 20:57 . 2011-09-11 00:06 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-06-09 05:43 . 2012-07-11 13:22 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 12:49 . 2012-06-06 12:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06 . 2012-07-11 13:22 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 13:22 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-11 13:22 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 13:22 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 13:22 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-11 13:22 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-21 11:51 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 11:51 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 11:51 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 11:51 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 11:51 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 11:51 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 11:51 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-21 11:51 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-21 11:51 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-11 13:22 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 13:22 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-11 13:22 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-11 13:22 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 13:22 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 13:22 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 13:22 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 13:22 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 13:22 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-07-01 13:52 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-01 2074208]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-11-24 6497592]

"Facebook Update"="c:\users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]

"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 5661056]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-09-05 35736]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]

"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-18 318520]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-13 421736]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-01 1107552]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-10 630912]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"EnableShellExecuteHooks"= 1 (0x1)

.

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 136176]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 136176]

R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-08-29 15672]

R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys [2010-11-30 191232]

R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys [2010-11-30 163384]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-26 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2000-01-01 79488]

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2000-01-01 40064]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS [2012-03-29 451192]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS [2012-05-22 1129120]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120823.007\BHDrvx64.sys [2012-06-19 1161376]

S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys [2012-06-07 167072]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20120828.001\IDSvia64.sys [2012-08-22 512672]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS [2012-04-18 190072]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS [2012-04-18 405624]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-02-28 203776]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-10 361984]

S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]

S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2010-11-30 1029480]

S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]

S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]

S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2010-11-30 1037672]

S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-01 935008]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-02-28 9079296]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-02-28 299520]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2000-01-01 95248]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-16 138912]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-07-19 1492992]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2000-01-01 56448]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-29 c:\windows\Tasks\DriverUpdate Startup.job

- c:\program files (x86)\DriverUpdate\DriverUpdate.exe [2012-05-16 18:06]

.

2012-08-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001Core.job

- c:\users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-13 13:35]

.

2012-08-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001UA.job

- c:\users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-13 13:35]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 19:48]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 19:48]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001Core.job

- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 00:56]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4257847427-1901848096-2054134169-1001UA.job

- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 00:56]

.

2012-08-25 c:\windows\Tasks\HPCeeScheduleForSam.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

2012-08-27 c:\windows\Tasks\NUSchedule.job

- c:\program files (x86)\Norton Utilities 15\nu.exe [2011-10-25 00:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2000-01-01 1425408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/?ilc=1

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

Trusted Zone: silverlight.com

TCP: DhcpNameServer = 192.168.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe

AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\ezSharedSvcHost.exe

c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe

c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe

c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe

.

**************************************************************************

.

Completion time: 2012-08-29 19:01:50 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-29 23:01

.

Pre-Run: 438,307,053,568 bytes free

Post-Run: 437,924,483,072 bytes free

.

- - End Of File - - C1D981E9AB6CE3A0A9B1A137CBE91E70

Ran Superantispyware and Norton...both only found 2 tracking cookies. Now running full scans. Thank you so much.

Link to post
Share on other sites

Okay...so not quite there. On full Norton scan, the Trojan Zeroaccess!inf4 is still on the computer. Below are the scan results.

Scan Statistics:

Scan Time: 7,003 seconds

Scan Targets: Entire computer

Counts:

Total items scanned: 753,877

- Files & Directories: 747,400

- Registry Entries: 669

- Processes & Start-up Items: 5,012

- Network & Browser Items: 784

- Other: 4

- Trusted Files: 10,552

- Skipped Files: 16,601

Total security risks detected: 3

Total items resolved: 2

Total items that require attention: 1

Resolved Threats:

Trojan.Gen.2

Type: Anomaly

Risk: High (High Stealth, High Removal, High Performance, High Privacy)

Categories: Virus

Status: Fully Resolved

-----------

4 Files

c:\qoobox\quarantine\c\windows\installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\u\00000004.@.vir - Deleted

c:\qoobox\quarantine\c\windows\installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\u\000000cb.@.vir - Deleted

c:\qoobox\quarantine\c\windows\installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\u\80000032.@.vir - Deleted

c:\qoobox\quarantine\c\windows\installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\u\80000064.@.vir - Deleted

1 Browser Cache

Trojan.Zeroaccess.B

Type: Anomaly

Risk: High (High Stealth, High Removal, High Performance, High Privacy)

Categories: Virus

Status: Fully Resolved

-----------

4 Registry Entries

HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 - Repaired

HKEY_USERS\S-1-5-21-4257847427-1901848096-2054134169-1001\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 - Repaired

HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32->ThreadingModel:Apartment - Repaired

HKEY_USERS\S-1-5-21-4257847427-1901848096-2054134169-1001\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32->ThreadingModel:Apartment - Repaired

1 File

c:\qoobox\quarantine\c\windows\installer\{455864e6-c1f3-7a53-3551-5ec7cf4d6b8a}\u\80000000.@.vir - Deleted

1 Browser Cache

Unresolved Threats:

Trojan.Zeroaccess!inf4

Type: Anomaly

Risk: High (High Stealth, High Removal, High Performance, High Privacy)

Categories: Spyware

Status: Review

-----------

1 File

c:\qoobox\quarantine\c\windows\system32\services.exe.vir - Failed

1 Browser Cache

Link to post
Share on other sites

Hello brookerk. :)

The results from Norton are mainly from ComboFix's quarantine, which is good.

Please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.

Link to post
Share on other sites

21:40:03.0060 3248 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

21:40:05.0078 3248 ============================================================

21:40:05.0078 3248 Current date / time: 2012/08/30 21:40:05.0078

21:40:05.0078 3248 SystemInfo:

21:40:05.0078 3248

21:40:05.0079 3248 OS Version: 6.1.7601 ServicePack: 1.0

21:40:05.0079 3248 Product type: Workstation

21:40:05.0079 3248 ComputerName: SAM-HP

21:40:05.0080 3248 UserName: Sam

21:40:05.0080 3248 Windows directory: C:\Windows

21:40:05.0080 3248 System windows directory: C:\Windows

21:40:05.0080 3248 Running under WOW64

21:40:05.0080 3248 Processor architecture: Intel x64

21:40:05.0080 3248 Number of processors: 2

21:40:05.0080 3248 Page size: 0x1000

21:40:05.0080 3248 Boot type: Normal boot

21:40:05.0080 3248 ============================================================

21:40:06.0011 3248 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:40:06.0023 3248 ============================================================

21:40:06.0023 3248 \Device\Harddisk0\DR0:

21:40:06.0024 3248 MBR partitions:

21:40:06.0024 3248 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

21:40:06.0024 3248 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38585000

21:40:06.0024 3248 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x385E9000, BlocksNum 0x1D69000

21:40:06.0024 3248 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

21:40:06.0024 3248 ============================================================

21:40:06.0064 3248 C: <-> \Device\Harddisk0\DR0\Partition2

21:40:06.0111 3248 D: <-> \Device\Harddisk0\DR0\Partition3

21:40:06.0111 3248 ============================================================

21:40:06.0111 3248 Initialize success

21:40:06.0112 3248 ============================================================

21:40:22.0610 3252 ============================================================

21:40:22.0610 3252 Scan started

21:40:22.0610 3252 Mode: Manual;

21:40:22.0610 3252 ============================================================

21:40:22.0986 3252 ================ Scan system memory ========================

21:40:22.0986 3252 System memory - ok

21:40:22.0988 3252 ================ Scan services =============================

21:40:23.0115 3252 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

21:40:23.0120 3252 !SASCORE - ok

21:40:23.0401 3252 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

21:40:23.0409 3252 1394ohci - ok

21:40:23.0474 3252 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

21:40:23.0484 3252 ACPI - ok

21:40:23.0534 3252 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

21:40:23.0540 3252 AcpiPmi - ok

21:40:23.0695 3252 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:40:23.0698 3252 AdobeARMservice - ok

21:40:23.0790 3252 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

21:40:23.0808 3252 adp94xx - ok

21:40:23.0884 3252 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

21:40:23.0910 3252 adpahci - ok

21:40:23.0983 3252 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

21:40:23.0990 3252 adpu320 - ok

21:40:24.0043 3252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

21:40:24.0046 3252 AeLookupSvc - ok

21:40:24.0125 3252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

21:40:24.0135 3252 AFD - ok

21:40:24.0192 3252 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

21:40:24.0198 3252 agp440 - ok

21:40:24.0226 3252 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

21:40:24.0232 3252 ALG - ok

21:40:24.0310 3252 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

21:40:24.0315 3252 aliide - ok

21:40:24.0389 3252 [ 7842F4961F28022A881F85BB7494AC6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

21:40:24.0401 3252 AMD External Events Utility - ok

21:40:24.0478 3252 AMD FUEL Service - ok

21:40:24.0531 3252 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

21:40:24.0536 3252 amdide - ok

21:40:24.0590 3252 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys

21:40:24.0591 3252 amdiox64 - ok

21:40:24.0657 3252 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

21:40:24.0664 3252 AmdK8 - ok

21:40:24.0962 3252 [ CF5FC8D37F10C9C374AE6D990C9D2CD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

21:40:25.0200 3252 amdkmdag - ok

21:40:25.0303 3252 [ 2BD89CB34B67EDC64E741AA3864D8C1A ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

21:40:25.0308 3252 amdkmdap - ok

21:40:25.0363 3252 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

21:40:25.0365 3252 AmdPPM - ok

21:40:25.0409 3252 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

21:40:25.0414 3252 amdsata - ok

21:40:25.0472 3252 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

21:40:25.0479 3252 amdsbs - ok

21:40:25.0512 3252 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

21:40:25.0514 3252 amdxata - ok

21:40:25.0548 3252 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys

21:40:25.0550 3252 amd_sata - ok

21:40:25.0573 3252 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys

21:40:25.0576 3252 amd_xata - ok

21:40:25.0635 3252 [ D7253A1A7A49FA40EF0BA1955AAFB346 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

21:40:25.0637 3252 AODDriver4.1 - ok

21:40:25.0707 3252 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

21:40:25.0713 3252 AppID - ok

21:40:25.0736 3252 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

21:40:25.0739 3252 AppIDSvc - ok

21:40:25.0764 3252 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

21:40:25.0767 3252 Appinfo - ok

21:40:25.0849 3252 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:40:25.0851 3252 Apple Mobile Device - ok

21:40:25.0902 3252 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

21:40:25.0917 3252 arc - ok

21:40:25.0952 3252 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

21:40:25.0957 3252 arcsas - ok

21:40:25.0997 3252 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

21:40:26.0000 3252 AsyncMac - ok

21:40:26.0028 3252 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

21:40:26.0032 3252 atapi - ok

21:40:26.0093 3252 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

21:40:26.0095 3252 AtiHDAudioService - ok

21:40:26.0131 3252 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

21:40:26.0146 3252 AtiHdmiService - ok

21:40:26.0221 3252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:40:26.0230 3252 AudioEndpointBuilder - ok

21:40:26.0249 3252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

21:40:26.0257 3252 AudioSrv - ok

21:40:26.0320 3252 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

21:40:26.0325 3252 AxInstSV - ok

21:40:26.0388 3252 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

21:40:26.0403 3252 b06bdrv - ok

21:40:26.0473 3252 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

21:40:26.0482 3252 b57nd60a - ok

21:40:26.0595 3252 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

21:40:26.0603 3252 BBSvc - ok

21:40:26.0687 3252 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

21:40:26.0721 3252 BCM43XX - ok

21:40:26.0763 3252 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

21:40:26.0768 3252 BDESVC - ok

21:40:26.0827 3252 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

21:40:26.0829 3252 Beep - ok

21:40:26.0914 3252 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

21:40:26.0925 3252 BFE - ok

21:40:27.0154 3252 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120823.007\BHDrvx64.sys

21:40:27.0177 3252 BHDrvx64 - ok

21:40:27.0270 3252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

21:40:27.0273 3252 blbdrive - ok

21:40:27.0363 3252 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

21:40:27.0374 3252 Bonjour Service - ok

21:40:27.0440 3252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

21:40:27.0445 3252 bowser - ok

21:40:27.0508 3252 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

21:40:27.0515 3252 BrFiltLo - ok

21:40:27.0554 3252 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

21:40:27.0558 3252 BrFiltUp - ok

21:40:27.0638 3252 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

21:40:27.0642 3252 BridgeMP - ok

21:40:27.0684 3252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

21:40:27.0686 3252 Browser - ok

21:40:27.0711 3252 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

21:40:27.0719 3252 Brserid - ok

21:40:27.0737 3252 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

21:40:27.0742 3252 BrSerWdm - ok

21:40:27.0799 3252 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

21:40:27.0804 3252 BrUsbMdm - ok

21:40:27.0819 3252 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

21:40:27.0823 3252 BrUsbSer - ok

21:40:27.0846 3252 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

21:40:27.0851 3252 BTHMODEM - ok

21:40:27.0909 3252 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

21:40:27.0915 3252 bthserv - ok

21:40:27.0948 3252 catchme - ok

21:40:28.0040 3252 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys

21:40:28.0047 3252 ccSet_NIS - ok

21:40:28.0096 3252 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

21:40:28.0101 3252 cdfs - ok

21:40:28.0170 3252 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

21:40:28.0175 3252 cdrom - ok

21:40:28.0227 3252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

21:40:28.0231 3252 CertPropSvc - ok

21:40:28.0272 3252 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

21:40:28.0276 3252 circlass - ok

21:40:28.0312 3252 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

21:40:28.0321 3252 CLFS - ok

21:40:28.0418 3252 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:40:28.0436 3252 clr_optimization_v2.0.50727_32 - ok

21:40:28.0491 3252 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:40:28.0504 3252 clr_optimization_v2.0.50727_64 - ok

21:40:28.0605 3252 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:40:28.0610 3252 clr_optimization_v4.0.30319_32 - ok

21:40:28.0677 3252 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:40:28.0682 3252 clr_optimization_v4.0.30319_64 - ok

21:40:28.0747 3252 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys

21:40:28.0749 3252 clwvd - ok

21:40:28.0794 3252 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

21:40:28.0797 3252 CmBatt - ok

21:40:28.0826 3252 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

21:40:28.0830 3252 cmdide - ok

21:40:28.0902 3252 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

21:40:28.0922 3252 CNG - ok

21:40:28.0981 3252 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

21:40:28.0984 3252 Compbatt - ok

21:40:29.0052 3252 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

21:40:29.0055 3252 CompositeBus - ok

21:40:29.0089 3252 COMSysApp - ok

21:40:29.0106 3252 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

21:40:29.0112 3252 crcdisk - ok

21:40:29.0167 3252 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

21:40:29.0171 3252 CryptSvc - ok

21:40:29.0243 3252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

21:40:29.0254 3252 DcomLaunch - ok

21:40:29.0312 3252 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

21:40:29.0319 3252 defragsvc - ok

21:40:29.0337 3252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

21:40:29.0341 3252 DfsC - ok

21:40:29.0399 3252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

21:40:29.0404 3252 Dhcp - ok

21:40:29.0429 3252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

21:40:29.0431 3252 discache - ok

21:40:29.0498 3252 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

21:40:29.0501 3252 Disk - ok

21:40:29.0624 3252 [ 7C85CC5570BF718D2B9AD9F53B1B5B55 ] DiskDoctorService C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe

21:40:29.0638 3252 DiskDoctorService - ok

21:40:29.0693 3252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

21:40:29.0697 3252 Dnscache - ok

21:40:29.0737 3252 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

21:40:29.0761 3252 dot3svc - ok

21:40:29.0784 3252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

21:40:29.0788 3252 DPS - ok

21:40:29.0847 3252 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

21:40:29.0851 3252 drmkaud - ok

21:40:29.0896 3252 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

21:40:29.0910 3252 DXGKrnl - ok

21:40:29.0930 3252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

21:40:29.0933 3252 EapHost - ok

21:40:30.0047 3252 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

21:40:30.0102 3252 ebdrv - ok

21:40:30.0212 3252 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

21:40:30.0218 3252 eeCtrl - ok

21:40:30.0243 3252 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

21:40:30.0247 3252 EFS - ok

21:40:30.0347 3252 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

21:40:30.0389 3252 ehRecvr - ok

21:40:30.0434 3252 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

21:40:30.0438 3252 ehSched - ok

21:40:30.0505 3252 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

21:40:30.0516 3252 elxstor - ok

21:40:30.0615 3252 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

21:40:30.0618 3252 EraserUtilRebootDrv - ok

21:40:30.0650 3252 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

21:40:30.0654 3252 ErrDev - ok

21:40:30.0745 3252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

21:40:30.0753 3252 EventSystem - ok

21:40:30.0807 3252 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

21:40:30.0814 3252 exfat - ok

21:40:30.0830 3252 ezSharedSvc - ok

21:40:30.0863 3252 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

21:40:30.0868 3252 fastfat - ok

21:40:30.0942 3252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

21:40:30.0958 3252 Fax - ok

21:40:31.0001 3252 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

21:40:31.0005 3252 fdc - ok

21:40:31.0045 3252 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

21:40:31.0048 3252 fdPHost - ok

21:40:31.0075 3252 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

21:40:31.0077 3252 FDResPub - ok

21:40:31.0107 3252 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

21:40:31.0110 3252 FileInfo - ok

21:40:31.0153 3252 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

21:40:31.0157 3252 Filetrace - ok

21:40:31.0190 3252 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

21:40:31.0194 3252 flpydisk - ok

21:40:31.0246 3252 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

21:40:31.0253 3252 FltMgr - ok

21:40:31.0323 3252 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

21:40:31.0337 3252 FontCache - ok

21:40:31.0380 3252 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:40:31.0390 3252 FontCache3.0.0.0 - ok

21:40:31.0419 3252 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

21:40:31.0422 3252 FsDepends - ok

21:40:31.0453 3252 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

21:40:31.0454 3252 Fs_Rec - ok

21:40:31.0502 3252 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

21:40:31.0508 3252 fvevol - ok

21:40:31.0546 3252 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

21:40:31.0550 3252 gagp30kx - ok

21:40:31.0619 3252 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

21:40:31.0632 3252 GamesAppService - ok

21:40:31.0662 3252 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:40:31.0664 3252 GEARAspiWDM - ok

21:40:31.0709 3252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

21:40:31.0721 3252 gpsvc - ok

21:40:31.0847 3252 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:40:31.0851 3252 gupdate - ok

21:40:31.0886 3252 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:40:31.0889 3252 gupdatem - ok

21:40:31.0919 3252 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

21:40:31.0922 3252 hcw85cir - ok

21:40:31.0986 3252 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:40:31.0994 3252 HdAudAddService - ok

21:40:32.0036 3252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

21:40:32.0039 3252 HDAudBus - ok

21:40:32.0069 3252 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

21:40:32.0074 3252 HidBatt - ok

21:40:32.0091 3252 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

21:40:32.0096 3252 HidBth - ok

21:40:32.0130 3252 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

21:40:32.0146 3252 HidIr - ok

21:40:32.0193 3252 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

21:40:32.0197 3252 hidserv - ok

21:40:32.0244 3252 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

21:40:32.0247 3252 HidUsb - ok

21:40:32.0300 3252 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

21:40:32.0305 3252 hkmsvc - ok

21:40:32.0334 3252 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

21:40:32.0340 3252 HomeGroupListener - ok

21:40:32.0368 3252 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

21:40:32.0377 3252 HomeGroupProvider - ok

21:40:32.0482 3252 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

21:40:32.0484 3252 HP Support Assistant Service - ok

21:40:32.0562 3252 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

21:40:32.0568 3252 HPClientSvc - ok

21:40:32.0693 3252 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

21:40:32.0715 3252 hpCMSrv - ok

21:40:32.0766 3252 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

21:40:32.0768 3252 HPDrvMntSvc.exe - ok

21:40:32.0836 3252 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

21:40:32.0846 3252 hpqwmiex - ok

21:40:32.0901 3252 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

21:40:32.0906 3252 HpSAMD - ok

21:40:32.0958 3252 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

21:40:32.0960 3252 HPWMISVC - ok

21:40:33.0001 3252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

21:40:33.0014 3252 HTTP - ok

21:40:33.0035 3252 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

21:40:33.0037 3252 hwpolicy - ok

21:40:33.0106 3252 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

21:40:33.0109 3252 i8042prt - ok

21:40:33.0149 3252 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

21:40:33.0169 3252 iaStorV - ok

21:40:33.0295 3252 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

21:40:33.0322 3252 IconMan_R - ok

21:40:33.0369 3252 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:40:33.0398 3252 idsvc - ok

21:40:33.0486 3252 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20120829.001\IDSvia64.sys

21:40:33.0498 3252 IDSVia64 - ok

21:40:33.0535 3252 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

21:40:33.0542 3252 iirsp - ok

21:40:33.0627 3252 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

21:40:33.0646 3252 IKEEXT - ok

21:40:33.0698 3252 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

21:40:33.0703 3252 intelide - ok

21:40:33.0756 3252 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

21:40:33.0763 3252 intelppm - ok

21:40:33.0794 3252 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

21:40:33.0800 3252 IPBusEnum - ok

21:40:33.0818 3252 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:40:33.0824 3252 IpFilterDriver - ok

21:40:33.0927 3252 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

21:40:33.0943 3252 iphlpsvc - ok

21:40:33.0973 3252 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

21:40:33.0979 3252 IPMIDRV - ok

21:40:34.0019 3252 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

21:40:34.0024 3252 IPNAT - ok

21:40:34.0123 3252 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:40:34.0142 3252 iPod Service - ok

21:40:34.0185 3252 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

21:40:34.0188 3252 IRENUM - ok

21:40:34.0202 3252 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

21:40:34.0207 3252 isapnp - ok

21:40:34.0245 3252 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

21:40:34.0252 3252 iScsiPrt - ok

21:40:34.0290 3252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

21:40:34.0292 3252 kbdclass - ok

21:40:34.0346 3252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

21:40:34.0349 3252 kbdhid - ok

21:40:34.0369 3252 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

21:40:34.0373 3252 KeyIso - ok

21:40:34.0407 3252 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

21:40:34.0411 3252 KSecDD - ok

21:40:34.0450 3252 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

21:40:34.0454 3252 KSecPkg - ok

21:40:34.0489 3252 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

21:40:34.0492 3252 ksthunk - ok

21:40:34.0555 3252 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

21:40:34.0572 3252 KtmRm - ok

21:40:34.0637 3252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

21:40:34.0649 3252 LanmanServer - ok

21:40:34.0689 3252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:40:34.0699 3252 LanmanWorkstation - ok

21:40:34.0769 3252 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

21:40:34.0772 3252 lltdio - ok

21:40:34.0856 3252 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

21:40:34.0870 3252 lltdsvc - ok

21:40:34.0893 3252 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

21:40:34.0898 3252 lmhosts - ok

21:40:34.0972 3252 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

21:40:34.0979 3252 LSI_FC - ok

21:40:35.0009 3252 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

21:40:35.0016 3252 LSI_SAS - ok

21:40:35.0037 3252 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

21:40:35.0045 3252 LSI_SAS2 - ok

21:40:35.0063 3252 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

21:40:35.0069 3252 LSI_SCSI - ok

21:40:35.0116 3252 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

21:40:35.0119 3252 luafv - ok

21:40:35.0182 3252 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

21:40:35.0200 3252 Mcx2Svc - ok

21:40:35.0222 3252 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

21:40:35.0226 3252 megasas - ok

21:40:35.0262 3252 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

21:40:35.0269 3252 MegaSR - ok

21:40:35.0366 3252 Microsoft SharePoint Workspace Audit Service - ok

21:40:35.0420 3252 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

21:40:35.0427 3252 MMCSS - ok

21:40:35.0459 3252 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

21:40:35.0464 3252 Modem - ok

21:40:35.0512 3252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

21:40:35.0514 3252 monitor - ok

21:40:35.0542 3252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

21:40:35.0545 3252 mouclass - ok

21:40:35.0583 3252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

21:40:35.0601 3252 mouhid - ok

21:40:35.0641 3252 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

21:40:35.0645 3252 mountmgr - ok

21:40:35.0681 3252 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

21:40:35.0686 3252 mpio - ok

21:40:35.0704 3252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

21:40:35.0708 3252 mpsdrv - ok

21:40:35.0812 3252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

21:40:35.0828 3252 MpsSvc - ok

21:40:35.0850 3252 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

21:40:35.0856 3252 MRxDAV - ok

21:40:35.0895 3252 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

21:40:35.0899 3252 mrxsmb - ok

21:40:35.0918 3252 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:40:35.0926 3252 mrxsmb10 - ok

21:40:35.0952 3252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:40:35.0956 3252 mrxsmb20 - ok

21:40:35.0988 3252 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

21:40:35.0991 3252 msahci - ok

21:40:36.0004 3252 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

21:40:36.0012 3252 msdsm - ok

21:40:36.0044 3252 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

21:40:36.0050 3252 MSDTC - ok

21:40:36.0083 3252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

21:40:36.0085 3252 Msfs - ok

21:40:36.0101 3252 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

21:40:36.0103 3252 mshidkmdf - ok

21:40:36.0140 3252 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

21:40:36.0142 3252 msisadrv - ok

21:40:36.0199 3252 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

21:40:36.0221 3252 MSiSCSI - ok

21:40:36.0234 3252 msiserver - ok

21:40:36.0262 3252 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

21:40:36.0266 3252 MSKSSRV - ok

21:40:36.0289 3252 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

21:40:36.0292 3252 MSPCLOCK - ok

21:40:36.0303 3252 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

21:40:36.0305 3252 MSPQM - ok

21:40:36.0359 3252 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

21:40:36.0366 3252 MsRPC - ok

21:40:36.0399 3252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

21:40:36.0401 3252 mssmbios - ok

21:40:36.0447 3252 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

21:40:36.0450 3252 MSTEE - ok

21:40:36.0502 3252 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

21:40:36.0507 3252 MTConfig - ok

21:40:36.0532 3252 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

21:40:36.0534 3252 Mup - ok

21:40:36.0585 3252 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

21:40:36.0598 3252 napagent - ok

21:40:36.0674 3252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

21:40:36.0685 3252 NativeWifiP - ok

21:40:36.0781 3252 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120829.024\ENG64.SYS

21:40:36.0787 3252 NAVENG - ok

21:40:36.0903 3252 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120829.024\EX64.SYS

21:40:36.0945 3252 NAVEX15 - ok

21:40:37.0026 3252 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

21:40:37.0050 3252 NDIS - ok

21:40:37.0104 3252 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

21:40:37.0110 3252 NdisCap - ok

21:40:37.0162 3252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

21:40:37.0165 3252 NdisTapi - ok

21:40:37.0187 3252 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

21:40:37.0193 3252 Ndisuio - ok

21:40:37.0226 3252 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

21:40:37.0232 3252 NdisWan - ok

21:40:37.0263 3252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

21:40:37.0267 3252 NDProxy - ok

21:40:37.0290 3252 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

21:40:37.0294 3252 NetBIOS - ok

21:40:37.0329 3252 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

21:40:37.0338 3252 NetBT - ok

21:40:37.0398 3252 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

21:40:37.0403 3252 Netlogon - ok

21:40:37.0470 3252 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

21:40:37.0482 3252 Netman - ok

21:40:37.0530 3252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

21:40:37.0540 3252 netprofm - ok

21:40:37.0637 3252 [ A98071E3E1E5E503462CC9E0DED91A36 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys

21:40:37.0660 3252 netr28x - ok

21:40:37.0691 3252 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:40:37.0697 3252 NetTcpPortSharing - ok

21:40:37.0770 3252 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

21:40:37.0783 3252 nfrd960 - ok

21:40:37.0877 3252 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe

21:40:37.0881 3252 NIS - ok

21:40:37.0949 3252 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

21:40:37.0961 3252 NlaSvc - ok

21:40:38.0008 3252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

21:40:38.0013 3252 Npfs - ok

21:40:38.0047 3252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

21:40:38.0051 3252 nsi - ok

21:40:38.0072 3252 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

21:40:38.0075 3252 nsiproxy - ok

21:40:38.0146 3252 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

21:40:38.0174 3252 Ntfs - ok

21:40:38.0197 3252 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

21:40:38.0199 3252 Null - ok

21:40:38.0253 3252 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys

21:40:38.0264 3252 NVENETFD - ok

21:40:38.0318 3252 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

21:40:38.0326 3252 nvraid - ok

21:40:38.0343 3252 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

21:40:38.0351 3252 nvstor - ok

21:40:38.0376 3252 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

21:40:38.0381 3252 nv_agp - ok

21:40:38.0418 3252 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

21:40:38.0423 3252 ohci1394 - ok

21:40:38.0504 3252 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:40:38.0519 3252 ose - ok

21:40:38.0745 3252 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:40:38.0968 3252 osppsvc - ok

21:40:39.0036 3252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

21:40:39.0045 3252 p2pimsvc - ok

21:40:39.0088 3252 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

21:40:39.0098 3252 p2psvc - ok

21:40:39.0126 3252 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

21:40:39.0130 3252 Parport - ok

21:40:39.0190 3252 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:40:39.0193 3252 partmgr - ok

21:40:39.0223 3252 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

21:40:39.0230 3252 PcaSvc - ok

21:40:39.0260 3252 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

21:40:39.0265 3252 pci - ok

21:40:39.0297 3252 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

21:40:39.0301 3252 pciide - ok

21:40:39.0343 3252 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

21:40:39.0350 3252 pcmcia - ok

21:40:39.0381 3252 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

21:40:39.0383 3252 pcw - ok

21:40:39.0422 3252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:40:39.0435 3252 PEAUTH - ok

21:40:39.0541 3252 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

21:40:39.0547 3252 PerfHost - ok

21:40:39.0629 3252 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

21:40:39.0658 3252 pla - ok

21:40:39.0723 3252 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:40:39.0735 3252 PlugPlay - ok

21:40:39.0755 3252 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

21:40:39.0762 3252 PNRPAutoReg - ok

21:40:39.0791 3252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

21:40:39.0799 3252 PNRPsvc - ok

21:40:39.0842 3252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:40:39.0852 3252 PolicyAgent - ok

21:40:39.0889 3252 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

21:40:39.0896 3252 Power - ok

21:40:39.0959 3252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:40:39.0963 3252 PptpMiniport - ok

21:40:39.0995 3252 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

21:40:39.0999 3252 Processor - ok

21:40:40.0033 3252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

21:40:40.0039 3252 ProfSvc - ok

21:40:40.0060 3252 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:40:40.0063 3252 ProtectedStorage - ok

21:40:40.0103 3252 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

21:40:40.0107 3252 Psched - ok

21:40:40.0184 3252 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

21:40:40.0209 3252 ql2300 - ok

21:40:40.0246 3252 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

21:40:40.0250 3252 ql40xx - ok

21:40:40.0289 3252 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

21:40:40.0297 3252 QWAVE - ok

21:40:40.0329 3252 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:40:40.0333 3252 QWAVEdrv - ok

21:40:40.0351 3252 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:40:40.0354 3252 RasAcd - ok

21:40:40.0393 3252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

21:40:40.0395 3252 RasAgileVpn - ok

21:40:40.0437 3252 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

21:40:40.0443 3252 RasAuto - ok

21:40:40.0464 3252 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:40:40.0467 3252 Rasl2tp - ok

21:40:40.0525 3252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

21:40:40.0532 3252 RasMan - ok

21:40:40.0553 3252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:40:40.0556 3252 RasPppoe - ok

21:40:40.0573 3252 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:40:40.0576 3252 RasSstp - ok

21:40:40.0597 3252 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:40:40.0605 3252 rdbss - ok

21:40:40.0625 3252 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

21:40:40.0628 3252 rdpbus - ok

21:40:40.0649 3252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:40:40.0651 3252 RDPCDD - ok

21:40:40.0691 3252 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:40:40.0693 3252 RDPENCDD - ok

21:40:40.0712 3252 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

21:40:40.0714 3252 RDPREFMP - ok

21:40:40.0764 3252 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:40:40.0771 3252 RDPWD - ok

21:40:40.0791 3252 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

21:40:40.0795 3252 rdyboost - ok

21:40:40.0857 3252 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:40:40.0864 3252 RemoteAccess - ok

21:40:40.0895 3252 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:40:40.0903 3252 RemoteRegistry - ok

21:40:40.0970 3252 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

21:40:40.0979 3252 RoxioNow Service - ok

21:40:41.0008 3252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

21:40:41.0012 3252 RpcEptMapper - ok

21:40:41.0034 3252 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

21:40:41.0040 3252 RpcLocator - ok

21:40:41.0067 3252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

21:40:41.0077 3252 RpcSs - ok

21:40:41.0149 3252 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys

21:40:41.0158 3252 RSPCIESTOR - ok

21:40:41.0196 3252 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:40:41.0199 3252 rspndr - ok

21:40:41.0267 3252 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

21:40:41.0277 3252 RTL8167 - ok

21:40:41.0302 3252 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

21:40:41.0306 3252 SamSs - ok

21:40:41.0387 3252 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

21:40:41.0389 3252 SASDIFSV - ok

21:40:41.0420 3252 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

21:40:41.0422 3252 SASKUTIL - ok

21:40:41.0470 3252 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:40:41.0476 3252 sbp2port - ok

21:40:41.0513 3252 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:40:41.0526 3252 SCardSvr - ok

21:40:41.0557 3252 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

21:40:41.0562 3252 scfilter - ok

21:40:41.0616 3252 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

21:40:41.0637 3252 Schedule - ok

21:40:41.0671 3252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

21:40:41.0674 3252 SCPolicySvc - ok

21:40:41.0707 3252 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

21:40:41.0711 3252 sdbus - ok

21:40:41.0742 3252 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:40:41.0750 3252 SDRSVC - ok

21:40:41.0807 3252 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

21:40:41.0813 3252 SeaPort - ok

21:40:41.0866 3252 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:40:41.0869 3252 secdrv - ok

21:40:41.0898 3252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

21:40:41.0906 3252 seclogon - ok

21:40:41.0944 3252 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

21:40:41.0952 3252 SENS - ok

21:40:42.0018 3252 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

21:40:42.0026 3252 SensrSvc - ok

21:40:42.0057 3252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

21:40:42.0062 3252 Serenum - ok

21:40:42.0097 3252 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

21:40:42.0103 3252 Serial - ok

21:40:42.0141 3252 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

21:40:42.0146 3252 sermouse - ok

21:40:42.0215 3252 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

21:40:42.0226 3252 SessionEnv - ok

21:40:42.0253 3252 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:40:42.0259 3252 sffdisk - ok

21:40:42.0282 3252 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:40:42.0288 3252 sffp_mmc - ok

21:40:42.0306 3252 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:40:42.0310 3252 sffp_sd - ok

21:40:42.0338 3252 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

21:40:42.0342 3252 sfloppy - ok

21:40:42.0434 3252 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

21:40:42.0444 3252 SharedAccess - ok

21:40:42.0492 3252 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:40:42.0502 3252 ShellHWDetection - ok

21:40:42.0542 3252 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

21:40:42.0546 3252 SiSRaid2 - ok

21:40:42.0576 3252 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

21:40:42.0581 3252 SiSRaid4 - ok

21:40:42.0613 3252 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:40:42.0618 3252 Smb - ok

21:40:42.0698 3252 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:40:42.0704 3252 SNMPTRAP - ok

21:40:42.0823 3252 [ A8493E43F9D4B22BBED2D424D03ED273 ] SpeedDiskService C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe

21:40:42.0837 3252 SpeedDiskService - ok

21:40:42.0870 3252 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

21:40:42.0872 3252 spldr - ok

21:40:42.0923 3252 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe

21:40:42.0936 3252 Spooler - ok

21:40:43.0049 3252 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

21:40:43.0089 3252 sppsvc - ok

21:40:43.0110 3252 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

21:40:43.0118 3252 sppuinotify - ok

21:40:43.0197 3252 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS

21:40:43.0207 3252 SRTSP - ok

21:40:43.0236 3252 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS

21:40:43.0240 3252 SRTSPX - ok

21:40:43.0278 3252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

21:40:43.0287 3252 srv - ok

21:40:43.0327 3252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:40:43.0336 3252 srv2 - ok

21:40:43.0398 3252 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

21:40:43.0406 3252 SrvHsfHDA - ok

21:40:43.0452 3252 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

21:40:43.0477 3252 SrvHsfV92 - ok

21:40:43.0510 3252 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

21:40:43.0528 3252 SrvHsfWinac - ok

21:40:43.0560 3252 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:40:43.0578 3252 srvnet - ok

21:40:43.0653 3252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:40:43.0663 3252 SSDPSRV - ok

21:40:43.0695 3252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:40:43.0701 3252 SstpSvc - ok

21:40:43.0817 3252 [ 6CD0118F9663045E5F5EE9C83F06DDB7 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

21:40:43.0826 3252 STacSV - ok

21:40:43.0863 3252 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

21:40:43.0866 3252 stexstor - ok

21:40:43.0928 3252 [ 4626777CA516512F6BB4D0166FBC6666 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

21:40:43.0939 3252 STHDA - ok

21:40:44.0001 3252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

21:40:44.0017 3252 stisvc - ok

21:40:44.0095 3252 [ E350135736D696BF279705E139376E1E ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys

21:40:44.0098 3252 SWDUMon - ok

21:40:44.0127 3252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

21:40:44.0129 3252 swenum - ok

21:40:44.0190 3252 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

21:40:44.0210 3252 swprv - ok

21:40:44.0266 3252 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS

21:40:44.0275 3252 SymDS - ok

21:40:44.0320 3252 [ E7B1BCB70355A84D6DFEE12702B588D0 ] SymDSMon C:\Windows\system32\drivers\SymDSMon.sys

21:40:44.0334 3252 SymDSMon - ok

21:40:44.0401 3252 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS

21:40:44.0429 3252 SymEFA - ok

21:40:44.0486 3252 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

21:40:44.0497 3252 SymEvent - ok

21:40:44.0542 3252 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS

21:40:44.0546 3252 SymIRON - ok

21:40:44.0574 3252 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS

21:40:44.0579 3252 SymNetS - ok

21:40:44.0606 3252 [ F0268941519D73658199ECB1BB712BE1 ] SYMSpeedDisk C:\Windows\system32\drivers\SymSpeedDisk.sys

21:40:44.0611 3252 SYMSpeedDisk - ok

21:40:44.0703 3252 [ 08425CD92972C6430F350A9697F4A553 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

21:40:44.0724 3252 SynTP - ok

21:40:44.0812 3252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

21:40:44.0847 3252 SysMain - ok

21:40:44.0867 3252 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:40:44.0872 3252 TabletInputService - ok

21:40:44.0899 3252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:40:44.0908 3252 TapiSrv - ok

21:40:44.0924 3252 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

21:40:44.0929 3252 TBS - ok

21:40:45.0024 3252 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:40:45.0053 3252 Tcpip - ok

21:40:45.0116 3252 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

21:40:45.0137 3252 TCPIP6 - ok

21:40:45.0183 3252 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:40:45.0186 3252 tcpipreg - ok

21:40:45.0209 3252 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:40:45.0213 3252 TDPIPE - ok

21:40:45.0230 3252 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:40:45.0233 3252 TDTCP - ok

21:40:45.0280 3252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:40:45.0285 3252 tdx - ok

21:40:45.0307 3252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

21:40:45.0309 3252 TermDD - ok

21:40:45.0352 3252 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

21:40:45.0368 3252 TermService - ok

21:40:45.0390 3252 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

21:40:45.0395 3252 Themes - ok

21:40:45.0426 3252 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

21:40:45.0430 3252 THREADORDER - ok

21:40:45.0472 3252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

21:40:45.0478 3252 TrkWks - ok

21:40:45.0545 3252 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:40:45.0563 3252 TrustedInstaller - ok

21:40:45.0612 3252 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:40:45.0616 3252 tssecsrv - ok

21:40:45.0663 3252 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

21:40:45.0667 3252 TsUsbFlt - ok

21:40:45.0685 3252 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

21:40:45.0690 3252 TsUsbGD - ok

21:40:45.0741 3252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:40:45.0745 3252 tunnel - ok

21:40:45.0770 3252 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

21:40:45.0775 3252 uagp35 - ok

21:40:45.0810 3252 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:40:45.0819 3252 udfs - ok

21:40:45.0862 3252 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:40:45.0869 3252 UI0Detect - ok

21:40:45.0902 3252 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:40:45.0907 3252 uliagpkx - ok

21:40:45.0943 3252 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

21:40:45.0946 3252 umbus - ok

21:40:45.0968 3252 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

21:40:45.0972 3252 UmPass - ok

21:40:46.0007 3252 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

21:40:46.0019 3252 upnphost - ok

21:40:46.0071 3252 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

21:40:46.0075 3252 USBAAPL64 - ok

21:40:46.0143 3252 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

21:40:46.0149 3252 usbaudio - ok

21:40:46.0188 3252 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:40:46.0192 3252 usbccgp - ok

21:40:46.0234 3252 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:40:46.0239 3252 usbcir - ok

21:40:46.0269 3252 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

21:40:46.0273 3252 usbehci - ok

21:40:46.0303 3252 [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

21:40:46.0306 3252 usbfilter - ok

21:40:46.0336 3252 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

21:40:46.0344 3252 usbhub - ok

21:40:46.0365 3252 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

21:40:46.0369 3252 usbohci - ok

21:40:46.0383 3252 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

21:40:46.0387 3252 usbprint - ok

21:40:46.0434 3252 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:40:46.0439 3252 USBSTOR - ok

21:40:46.0498 3252 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

21:40:46.0503 3252 usbuhci - ok

21:40:46.0572 3252 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

21:40:46.0579 3252 usbvideo - ok

21:40:46.0623 3252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

21:40:46.0628 3252 UxSms - ok

21:40:46.0650 3252 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

21:40:46.0654 3252 VaultSvc - ok

21:40:46.0672 3252 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

21:40:46.0674 3252 vdrvroot - ok

21:40:46.0707 3252 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

21:40:46.0734 3252 vds - ok

21:40:46.0760 3252 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:40:46.0763 3252 vga - ok

Link to post
Share on other sites

21:40:46.0786 3252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

21:40:46.0789 3252 VgaSave - ok

21:40:46.0828 3252 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

21:40:46.0835 3252 vhdmp - ok

21:40:46.0854 3252 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

21:40:46.0858 3252 viaide - ok

21:40:46.0891 3252 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:40:46.0894 3252 volmgr - ok

21:40:46.0922 3252 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:40:46.0930 3252 volmgrx - ok

21:40:46.0974 3252 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:40:46.0981 3252 volsnap - ok

21:40:47.0027 3252 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

21:40:47.0033 3252 vsmraid - ok

21:40:47.0096 3252 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

21:40:47.0128 3252 VSS - ok

21:40:47.0236 3252 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe

21:40:47.0256 3252 vToolbarUpdater11.2.0 - ok

21:40:47.0280 3252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

21:40:47.0283 3252 vwifibus - ok

21:40:47.0345 3252 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

21:40:47.0348 3252 vwififlt - ok

21:40:47.0410 3252 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

21:40:47.0413 3252 vwifimp - ok

21:40:47.0487 3252 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

21:40:47.0502 3252 W32Time - ok

21:40:47.0535 3252 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

21:40:47.0540 3252 WacomPen - ok

21:40:47.0588 3252 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

21:40:47.0592 3252 WANARP - ok

21:40:47.0604 3252 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:40:47.0606 3252 Wanarpv6 - ok

21:40:47.0708 3252 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

21:40:47.0747 3252 WatAdminSvc - ok

21:40:47.0821 3252 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

21:40:47.0853 3252 wbengine - ok

21:40:47.0878 3252 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

21:40:47.0888 3252 WbioSrvc - ok

21:40:47.0909 3252 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:40:47.0925 3252 wcncsvc - ok

21:40:47.0949 3252 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:40:47.0958 3252 WcsPlugInService - ok

21:40:47.0990 3252 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

21:40:47.0995 3252 Wd - ok

21:40:48.0046 3252 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:40:48.0059 3252 Wdf01000 - ok

21:40:48.0083 3252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:40:48.0089 3252 WdiServiceHost - ok

21:40:48.0103 3252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:40:48.0109 3252 WdiSystemHost - ok

21:40:48.0157 3252 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

21:40:48.0166 3252 WebClient - ok

21:40:48.0189 3252 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:40:48.0199 3252 Wecsvc - ok

21:40:48.0219 3252 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:40:48.0226 3252 wercplsupport - ok

21:40:48.0276 3252 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

21:40:48.0283 3252 WerSvc - ok

21:40:48.0321 3252 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

21:40:48.0323 3252 WfpLwf - ok

21:40:48.0339 3252 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

21:40:48.0342 3252 WIMMount - ok

21:40:48.0474 3252 WinDefend - ok

21:40:48.0489 3252 WinHttpAutoProxySvc - ok

21:40:48.0602 3252 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:40:48.0609 3252 Winmgmt - ok

21:40:48.0710 3252 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

21:40:48.0763 3252 WinRM - ok

21:40:48.0864 3252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

21:40:48.0877 3252 Wlansvc - ok

21:40:48.0942 3252 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:40:48.0957 3252 wlcrasvc - ok

21:40:49.0100 3252 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:40:49.0133 3252 wlidsvc - ok

21:40:49.0164 3252 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

21:40:49.0166 3252 WmiAcpi - ok

21:40:49.0210 3252 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:40:49.0215 3252 wmiApSrv - ok

21:40:49.0262 3252 WMPNetworkSvc - ok

21:40:49.0326 3252 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:40:49.0332 3252 WPCSvc - ok

21:40:49.0355 3252 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:40:49.0362 3252 WPDBusEnum - ok

21:40:49.0398 3252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:40:49.0401 3252 ws2ifsl - ok

21:40:49.0450 3252 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

21:40:49.0456 3252 wscsvc - ok

21:40:49.0467 3252 WSearch - ok

21:40:49.0669 3252 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

21:40:49.0730 3252 wuauserv - ok

21:40:49.0777 3252 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

21:40:49.0781 3252 WudfPf - ok

21:40:49.0830 3252 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:40:49.0836 3252 WUDFRd - ok

21:40:49.0876 3252 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:40:49.0882 3252 wudfsvc - ok

21:40:49.0901 3252 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

21:40:49.0911 3252 WwanSvc - ok

21:40:50.0037 3252 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

21:40:50.0053 3252 YahooAUService - ok

21:40:50.0091 3252 ================ Scan global ===============================

21:40:50.0126 3252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

21:40:50.0167 3252 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:40:50.0188 3252 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:40:50.0218 3252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

21:40:50.0256 3252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

21:40:50.0265 3252 [Global] - ok

21:40:50.0266 3252 ================ Scan MBR ==================================

21:40:50.0282 3252 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

21:40:50.0678 3252 \Device\Harddisk0\DR0 - ok

21:40:50.0680 3252 ================ Scan VBR ==================================

21:40:50.0690 3252 [ DB5C0F14B7F21718B7AC6988134F9DD3 ] \Device\Harddisk0\DR0\Partition1

21:40:50.0696 3252 \Device\Harddisk0\DR0\Partition1 - ok

21:40:50.0729 3252 [ 5FC585F549B6F82027BEF76E73D28840 ] \Device\Harddisk0\DR0\Partition2

21:40:50.0735 3252 \Device\Harddisk0\DR0\Partition2 - ok

21:40:50.0767 3252 [ 2A17F02AF3DC00A482B136429B9C0181 ] \Device\Harddisk0\DR0\Partition3

21:40:50.0772 3252 \Device\Harddisk0\DR0\Partition3 - ok

21:40:50.0794 3252 [ 57AE465343DF4598EDDCF1668AD373C2 ] \Device\Harddisk0\DR0\Partition4

21:40:50.0798 3252 \Device\Harddisk0\DR0\Partition4 - ok

21:40:50.0808 3252 ============================================================

21:40:50.0808 3252 Scan finished

21:40:50.0808 3252 ============================================================

21:40:50.0856 5556 Detected object count: 0

21:40:50.0856 5556 Actual detected object count: 0

21:41:17.0428 3048 ============================================================

21:41:17.0428 3048 Scan started

21:41:17.0428 3048 Mode: Manual;

21:41:17.0428 3048 ============================================================

21:41:17.0727 3048 ================ Scan system memory ========================

21:41:17.0727 3048 System memory - ok

21:41:17.0729 3048 ================ Scan services =============================

21:41:17.0823 3048 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

21:41:17.0828 3048 !SASCORE - ok

21:41:18.0010 3048 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

21:41:18.0015 3048 1394ohci - ok

21:41:18.0049 3048 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

21:41:18.0057 3048 ACPI - ok

21:41:18.0087 3048 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

21:41:18.0088 3048 AcpiPmi - ok

21:41:18.0172 3048 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:41:18.0176 3048 AdobeARMservice - ok

21:41:18.0222 3048 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

21:41:18.0233 3048 adp94xx - ok

21:41:18.0290 3048 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

21:41:18.0298 3048 adpahci - ok

21:41:18.0326 3048 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

21:41:18.0329 3048 adpu320 - ok

21:41:18.0374 3048 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

21:41:18.0376 3048 AeLookupSvc - ok

21:41:18.0412 3048 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

21:41:18.0421 3048 AFD - ok

21:41:18.0457 3048 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

21:41:18.0459 3048 agp440 - ok

21:41:18.0480 3048 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

21:41:18.0482 3048 ALG - ok

21:41:18.0520 3048 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

21:41:18.0521 3048 aliide - ok

21:41:18.0553 3048 [ 7842F4961F28022A881F85BB7494AC6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

21:41:18.0557 3048 AMD External Events Utility - ok

21:41:18.0588 3048 AMD FUEL Service - ok

21:41:18.0614 3048 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

21:41:18.0616 3048 amdide - ok

21:41:18.0632 3048 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys

21:41:18.0634 3048 amdiox64 - ok

21:41:18.0655 3048 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

21:41:18.0657 3048 AmdK8 - ok

21:41:18.0919 3048 [ CF5FC8D37F10C9C374AE6D990C9D2CD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

21:41:19.0013 3048 amdkmdag - ok

21:41:19.0069 3048 [ 2BD89CB34B67EDC64E741AA3864D8C1A ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

21:41:19.0074 3048 amdkmdap - ok

21:41:19.0105 3048 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

21:41:19.0107 3048 AmdPPM - ok

21:41:19.0141 3048 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

21:41:19.0144 3048 amdsata - ok

21:41:19.0171 3048 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

21:41:19.0174 3048 amdsbs - ok

21:41:19.0211 3048 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

21:41:19.0213 3048 amdxata - ok

21:41:19.0247 3048 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys

21:41:19.0249 3048 amd_sata - ok

21:41:19.0273 3048 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys

21:41:19.0274 3048 amd_xata - ok

21:41:19.0312 3048 [ D7253A1A7A49FA40EF0BA1955AAFB346 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

21:41:19.0313 3048 AODDriver4.1 - ok

21:41:19.0351 3048 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

21:41:19.0353 3048 AppID - ok

21:41:19.0379 3048 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

21:41:19.0381 3048 AppIDSvc - ok

21:41:19.0405 3048 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

21:41:19.0407 3048 Appinfo - ok

21:41:19.0481 3048 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:41:19.0483 3048 Apple Mobile Device - ok

21:41:19.0512 3048 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

21:41:19.0514 3048 arc - ok

21:41:19.0541 3048 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

21:41:19.0543 3048 arcsas - ok

21:41:19.0563 3048 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

21:41:19.0564 3048 AsyncMac - ok

21:41:19.0583 3048 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

21:41:19.0584 3048 atapi - ok

21:41:19.0625 3048 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

21:41:19.0627 3048 AtiHDAudioService - ok

21:41:19.0663 3048 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

21:41:19.0666 3048 AtiHdmiService - ok

21:41:19.0710 3048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:41:19.0718 3048 AudioEndpointBuilder - ok

21:41:19.0737 3048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

21:41:19.0745 3048 AudioSrv - ok

21:41:19.0774 3048 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

21:41:19.0777 3048 AxInstSV - ok

21:41:19.0829 3048 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

21:41:19.0835 3048 b06bdrv - ok

21:41:19.0860 3048 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

21:41:19.0864 3048 b57nd60a - ok

21:41:19.0927 3048 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

21:41:19.0930 3048 BBSvc - ok

21:41:19.0988 3048 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

21:41:20.0003 3048 BCM43XX - ok

21:41:20.0027 3048 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

21:41:20.0030 3048 BDESVC - ok

21:41:20.0060 3048 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

21:41:20.0061 3048 Beep - ok

21:41:20.0101 3048 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

21:41:20.0110 3048 BFE - ok

21:41:20.0320 3048 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120823.007\BHDrvx64.sys

21:41:20.0344 3048 BHDrvx64 - ok

21:41:20.0393 3048 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

21:41:20.0395 3048 blbdrive - ok

21:41:20.0475 3048 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

21:41:20.0485 3048 Bonjour Service - ok

21:41:20.0518 3048 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

21:41:20.0521 3048 bowser - ok

21:41:20.0553 3048 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

21:41:20.0555 3048 BrFiltLo - ok

21:41:20.0589 3048 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

21:41:20.0590 3048 BrFiltUp - ok

21:41:20.0628 3048 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

21:41:20.0630 3048 BridgeMP - ok

21:41:20.0674 3048 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

21:41:20.0677 3048 Browser - ok

21:41:20.0701 3048 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

21:41:20.0707 3048 Brserid - ok

21:41:20.0738 3048 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

21:41:20.0740 3048 BrSerWdm - ok

21:41:20.0779 3048 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

21:41:20.0780 3048 BrUsbMdm - ok

21:41:20.0794 3048 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

21:41:20.0795 3048 BrUsbSer - ok

21:41:20.0814 3048 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

21:41:20.0816 3048 BTHMODEM - ok

21:41:20.0865 3048 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

21:41:20.0867 3048 bthserv - ok

21:41:20.0876 3048 catchme - ok

21:41:20.0951 3048 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys

21:41:20.0953 3048 ccSet_NIS - ok

21:41:20.0986 3048 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

21:41:20.0989 3048 cdfs - ok

21:41:21.0037 3048 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

21:41:21.0041 3048 cdrom - ok

21:41:21.0061 3048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

21:41:21.0064 3048 CertPropSvc - ok

21:41:21.0095 3048 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

21:41:21.0096 3048 circlass - ok

21:41:21.0135 3048 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

21:41:21.0142 3048 CLFS - ok

21:41:21.0218 3048 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:41:21.0222 3048 clr_optimization_v2.0.50727_32 - ok

21:41:21.0280 3048 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:41:21.0283 3048 clr_optimization_v2.0.50727_64 - ok

21:41:21.0350 3048 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:41:21.0355 3048 clr_optimization_v4.0.30319_32 - ok

21:41:21.0400 3048 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:41:21.0406 3048 clr_optimization_v4.0.30319_64 - ok

21:41:21.0436 3048 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys

21:41:21.0439 3048 clwvd - ok

21:41:21.0461 3048 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

21:41:21.0463 3048 CmBatt - ok

21:41:21.0493 3048 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

21:41:21.0494 3048 cmdide - ok

21:41:21.0546 3048 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

21:41:21.0556 3048 CNG - ok

21:41:21.0577 3048 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

21:41:21.0579 3048 Compbatt - ok

21:41:21.0620 3048 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

21:41:21.0621 3048 CompositeBus - ok

21:41:21.0632 3048 COMSysApp - ok

21:41:21.0649 3048 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

21:41:21.0650 3048 crcdisk - ok

21:41:21.0702 3048 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

21:41:21.0705 3048 CryptSvc - ok

21:41:21.0755 3048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

21:41:21.0765 3048 DcomLaunch - ok

21:41:21.0802 3048 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

21:41:21.0807 3048 defragsvc - ok

21:41:21.0827 3048 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

21:41:21.0830 3048 DfsC - ok

21:41:21.0856 3048 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

21:41:21.0861 3048 Dhcp - ok

21:41:21.0885 3048 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

21:41:21.0887 3048 discache - ok

21:41:21.0922 3048 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

21:41:21.0923 3048 Disk - ok

21:41:22.0009 3048 [ 7C85CC5570BF718D2B9AD9F53B1B5B55 ] DiskDoctorService C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe

21:41:22.0023 3048 DiskDoctorService - ok

21:41:22.0060 3048 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

21:41:22.0065 3048 Dnscache - ok

21:41:22.0105 3048 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

21:41:22.0110 3048 dot3svc - ok

21:41:22.0141 3048 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

21:41:22.0145 3048 DPS - ok

21:41:22.0182 3048 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

21:41:22.0183 3048 drmkaud - ok

21:41:22.0230 3048 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

21:41:22.0244 3048 DXGKrnl - ok

21:41:22.0265 3048 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

21:41:22.0270 3048 EapHost - ok

21:41:22.0392 3048 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

21:41:22.0442 3048 ebdrv - ok

21:41:22.0502 3048 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

21:41:22.0508 3048 eeCtrl - ok

21:41:22.0534 3048 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

21:41:22.0537 3048 EFS - ok

21:41:22.0599 3048 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

21:41:22.0607 3048 ehRecvr - ok

21:41:22.0625 3048 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

21:41:22.0627 3048 ehSched - ok

21:41:22.0673 3048 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

21:41:22.0680 3048 elxstor - ok

21:41:22.0705 3048 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

21:41:22.0708 3048 EraserUtilRebootDrv - ok

21:41:22.0740 3048 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

21:41:22.0741 3048 ErrDev - ok

21:41:22.0801 3048 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

21:41:22.0807 3048 EventSystem - ok

21:41:22.0830 3048 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

21:41:22.0834 3048 exfat - ok

21:41:22.0844 3048 ezSharedSvc - ok

21:41:22.0875 3048 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

21:41:22.0879 3048 fastfat - ok

21:41:22.0924 3048 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

21:41:22.0933 3048 Fax - ok

21:41:22.0959 3048 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

21:41:22.0960 3048 fdc - ok

21:41:22.0979 3048 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

21:41:22.0981 3048 fdPHost - ok

21:41:22.0997 3048 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

21:41:23.0000 3048 FDResPub - ok

21:41:23.0031 3048 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

21:41:23.0033 3048 FileInfo - ok

21:41:23.0055 3048 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

21:41:23.0056 3048 Filetrace - ok

21:41:23.0081 3048 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

21:41:23.0083 3048 flpydisk - ok

21:41:23.0110 3048 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

21:41:23.0114 3048 FltMgr - ok

21:41:23.0178 3048 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

21:41:23.0192 3048 FontCache - ok

21:41:23.0237 3048 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:41:23.0239 3048 FontCache3.0.0.0 - ok

21:41:23.0265 3048 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

21:41:23.0267 3048 FsDepends - ok

21:41:23.0298 3048 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

21:41:23.0299 3048 Fs_Rec - ok

21:41:23.0326 3048 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

21:41:23.0336 3048 fvevol - ok

21:41:23.0360 3048 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

21:41:23.0362 3048 gagp30kx - ok

21:41:23.0410 3048 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

21:41:23.0413 3048 GamesAppService - ok

21:41:23.0442 3048 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:41:23.0444 3048 GEARAspiWDM - ok

21:41:23.0489 3048 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

21:41:23.0500 3048 gpsvc - ok

21:41:23.0583 3048 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:41:23.0587 3048 gupdate - ok

21:41:23.0603 3048 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:41:23.0607 3048 gupdatem - ok

21:41:23.0644 3048 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

21:41:23.0645 3048 hcw85cir - ok

21:41:23.0689 3048 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:41:23.0694 3048 HdAudAddService - ok

21:41:23.0716 3048 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

21:41:23.0719 3048 HDAudBus - ok

21:41:23.0749 3048 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

21:41:23.0751 3048 HidBatt - ok

21:41:23.0770 3048 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

21:41:23.0773 3048 HidBth - ok

21:41:23.0799 3048 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

21:41:23.0801 3048 HidIr - ok

21:41:23.0840 3048 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

21:41:23.0842 3048 hidserv - ok

21:41:23.0869 3048 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

21:41:23.0870 3048 HidUsb - ok

21:41:23.0903 3048 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

21:41:23.0907 3048 hkmsvc - ok

21:41:23.0948 3048 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

21:41:23.0954 3048 HomeGroupListener - ok

21:41:23.0982 3048 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

21:41:23.0987 3048 HomeGroupProvider - ok

21:41:24.0062 3048 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

21:41:24.0064 3048 HP Support Assistant Service - ok

21:41:24.0120 3048 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

21:41:24.0125 3048 HPClientSvc - ok

21:41:24.0217 3048 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

21:41:24.0239 3048 hpCMSrv - ok

21:41:24.0280 3048 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

21:41:24.0283 3048 HPDrvMntSvc.exe - ok

21:41:24.0328 3048 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

21:41:24.0339 3048 hpqwmiex - ok

21:41:24.0360 3048 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

21:41:24.0362 3048 HpSAMD - ok

21:41:24.0405 3048 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

21:41:24.0407 3048 HPWMISVC - ok

21:41:24.0460 3048 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

21:41:24.0471 3048 HTTP - ok

21:41:24.0494 3048 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

21:41:24.0495 3048 hwpolicy - ok

21:41:24.0531 3048 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

21:41:24.0534 3048 i8042prt - ok

21:41:24.0575 3048 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

21:41:24.0581 3048 iaStorV - ok

21:41:24.0689 3048 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

21:41:24.0717 3048 IconMan_R - ok

21:41:24.0779 3048 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:41:24.0796 3048 idsvc - ok

21:41:24.0878 3048 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20120829.001\IDSvia64.sys

21:41:24.0889 3048 IDSVia64 - ok

21:41:24.0916 3048 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

21:41:24.0919 3048 iirsp - ok

21:41:24.0985 3048 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

21:41:25.0004 3048 IKEEXT - ok

21:41:25.0045 3048 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

21:41:25.0047 3048 intelide - ok

21:41:25.0074 3048 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

21:41:25.0076 3048 intelppm - ok

21:41:25.0104 3048 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

21:41:25.0108 3048 IPBusEnum - ok

21:41:25.0133 3048 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:41:25.0135 3048 IpFilterDriver - ok

21:41:25.0170 3048 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

21:41:25.0179 3048 iphlpsvc - ok

21:41:25.0208 3048 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

21:41:25.0210 3048 IPMIDRV - ok

21:41:25.0233 3048 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

21:41:25.0236 3048 IPNAT - ok

21:41:25.0288 3048 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:41:25.0299 3048 iPod Service - ok

21:41:25.0322 3048 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

21:41:25.0323 3048 IRENUM - ok

21:41:25.0339 3048 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

21:41:25.0341 3048 isapnp - ok

21:41:25.0382 3048 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

21:41:25.0387 3048 iScsiPrt - ok

21:41:25.0404 3048 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

21:41:25.0406 3048 kbdclass - ok

21:41:25.0438 3048 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

21:41:25.0440 3048 kbdhid - ok

21:41:25.0462 3048 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

21:41:25.0465 3048 KeyIso - ok

21:41:25.0500 3048 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

21:41:25.0502 3048 KSecDD - ok

21:41:25.0521 3048 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

21:41:25.0523 3048 KSecPkg - ok

21:41:25.0541 3048 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

21:41:25.0543 3048 ksthunk - ok

21:41:25.0578 3048 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

21:41:25.0586 3048 KtmRm - ok

21:41:25.0628 3048 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

21:41:25.0635 3048 LanmanServer - ok

21:41:25.0691 3048 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:41:25.0697 3048 LanmanWorkstation - ok

21:41:25.0727 3048 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

21:41:25.0729 3048 lltdio - ok

21:41:25.0758 3048 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

21:41:25.0764 3048 lltdsvc - ok

21:41:25.0786 3048 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

21:41:25.0789 3048 lmhosts - ok

21:41:25.0830 3048 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

21:41:25.0833 3048 LSI_FC - ok

21:41:25.0855 3048 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

21:41:25.0857 3048 LSI_SAS - ok

21:41:25.0874 3048 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

21:41:25.0875 3048 LSI_SAS2 - ok

21:41:25.0892 3048 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

21:41:25.0895 3048 LSI_SCSI - ok

21:41:25.0920 3048 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

21:41:25.0922 3048 luafv - ok

21:41:25.0953 3048 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

21:41:25.0957 3048 Mcx2Svc - ok

21:41:25.0993 3048 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

21:41:25.0995 3048 megasas - ok

21:41:26.0033 3048 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

21:41:26.0037 3048 MegaSR - ok

21:41:26.0115 3048 Microsoft SharePoint Workspace Audit Service - ok

21:41:26.0148 3048 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

21:41:26.0155 3048 MMCSS - ok

21:41:26.0186 3048 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

21:41:26.0188 3048 Modem - ok

21:41:26.0216 3048 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

21:41:26.0219 3048 monitor - ok

21:41:26.0246 3048 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

21:41:26.0249 3048 mouclass - ok

21:41:26.0287 3048 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

21:41:26.0290 3048 mouhid - ok

21:41:26.0316 3048 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

21:41:26.0320 3048 mountmgr - ok

21:41:26.0352 3048 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

21:41:26.0355 3048 mpio - ok

21:41:26.0376 3048 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

21:41:26.0378 3048 mpsdrv - ok

21:41:26.0417 3048 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

21:41:26.0430 3048 MpsSvc - ok

21:41:26.0466 3048 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

21:41:26.0469 3048 MRxDAV - ok

21:41:26.0510 3048 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

21:41:26.0514 3048 mrxsmb - ok

21:41:26.0546 3048 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:41:26.0552 3048 mrxsmb10 - ok

21:41:26.0579 3048 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:41:26.0582 3048 mrxsmb20 - ok

21:41:26.0614 3048 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

21:41:26.0616 3048 msahci - ok

21:41:26.0634 3048 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

21:41:26.0637 3048 msdsm - ok

21:41:26.0671 3048 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

21:41:26.0676 3048 MSDTC - ok

21:41:26.0710 3048 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

21:41:26.0712 3048 Msfs - ok

21:41:26.0727 3048 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

21:41:26.0729 3048 mshidkmdf - ok

21:41:26.0767 3048 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

21:41:26.0768 3048 msisadrv - ok

21:41:26.0803 3048 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

21:41:26.0807 3048 MSiSCSI - ok

21:41:26.0819 3048 msiserver - ok

21:41:26.0844 3048 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

21:41:26.0846 3048 MSKSSRV - ok

21:41:26.0857 3048 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

21:41:26.0859 3048 MSPCLOCK - ok

21:41:26.0873 3048 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

21:41:26.0874 3048 MSPQM - ok

21:41:26.0907 3048 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

21:41:26.0918 3048 MsRPC - ok

21:41:26.0947 3048 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

21:41:26.0949 3048 mssmbios - ok

21:41:26.0960 3048 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

21:41:26.0961 3048 MSTEE - ok

21:41:26.0993 3048 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

21:41:26.0994 3048 MTConfig - ok

21:41:27.0013 3048 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

21:41:27.0016 3048 Mup - ok

21:41:27.0055 3048 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

21:41:27.0065 3048 napagent - ok

21:41:27.0100 3048 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

21:41:27.0105 3048 NativeWifiP - ok

21:41:27.0186 3048 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120829.024\ENG64.SYS

21:41:27.0190 3048 NAVENG - ok

21:41:27.0275 3048 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120829.024\EX64.SYS

21:41:27.0301 3048 NAVEX15 - ok

21:41:27.0346 3048 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

21:41:27.0358 3048 NDIS - ok

21:41:27.0375 3048 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

21:41:27.0376 3048 NdisCap - ok

21:41:27.0411 3048 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

21:41:27.0413 3048 NdisTapi - ok

21:41:27.0436 3048 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

21:41:27.0437 3048 Ndisuio - ok

21:41:27.0463 3048 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

21:41:27.0467 3048 NdisWan - ok

21:41:27.0490 3048 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

21:41:27.0492 3048 NDProxy - ok

21:41:27.0514 3048 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

21:41:27.0515 3048 NetBIOS - ok

21:41:27.0544 3048 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

21:41:27.0548 3048 NetBT - ok

21:41:27.0569 3048 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

21:41:27.0572 3048 Netlogon - ok

21:41:27.0606 3048 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

21:41:27.0613 3048 Netman - ok

21:41:27.0636 3048 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

21:41:27.0644 3048 netprofm - ok

21:41:27.0707 3048 [ A98071E3E1E5E503462CC9E0DED91A36 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys

21:41:27.0724 3048 netr28x - ok

21:41:27.0761 3048 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:41:27.0764 3048 NetTcpPortSharing - ok

21:41:27.0798 3048 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

21:41:27.0800 3048 nfrd960 - ok

21:41:27.0881 3048 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe

21:41:27.0883 3048 NIS - ok

21:41:27.0932 3048 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

21:41:27.0944 3048 NlaSvc - ok

21:41:27.0979 3048 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

21:41:27.0982 3048 Npfs - ok

21:41:28.0030 3048 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

21:41:28.0037 3048 nsi - ok

21:41:28.0066 3048 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

21:41:28.0069 3048 nsiproxy - ok

21:41:28.0160 3048 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

21:41:28.0195 3048 Ntfs - ok

21:41:28.0225 3048 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

21:41:28.0227 3048 Null - ok

21:41:28.0257 3048 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys

21:41:28.0263 3048 NVENETFD - ok

21:41:28.0290 3048 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

21:41:28.0293 3048 nvraid - ok

21:41:28.0326 3048 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

21:41:28.0329 3048 nvstor - ok

21:41:28.0348 3048 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

21:41:28.0351 3048 nv_agp - ok

21:41:28.0379 3048 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

21:41:28.0381 3048 ohci1394 - ok

21:41:28.0420 3048 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:41:28.0422 3048 ose - ok

21:41:28.0678 3048 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:41:28.0728 3048 osppsvc - ok

21:41:28.0775 3048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

21:41:28.0783 3048 p2pimsvc - ok

21:41:28.0815 3048 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

21:41:28.0823 3048 p2psvc - ok

21:41:28.0843 3048 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

21:41:28.0845 3048 Parport - ok

21:41:28.0884 3048 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:41:28.0886 3048 partmgr - ok

21:41:28.0916 3048 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

21:41:28.0921 3048 PcaSvc - ok

21:41:28.0955 3048 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

21:41:28.0958 3048 pci - ok

21:41:28.0992 3048 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

21:41:28.0993 3048 pciide - ok

21:41:29.0026 3048 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

21:41:29.0029 3048 pcmcia - ok

21:41:29.0064 3048 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

21:41:29.0066 3048 pcw - ok

21:41:29.0104 3048 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:41:29.0113 3048 PEAUTH - ok

21:41:29.0214 3048 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

21:41:29.0217 3048 PerfHost - ok

21:41:29.0300 3048 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

21:41:29.0322 3048 pla - ok

21:41:29.0362 3048 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:41:29.0371 3048 PlugPlay - ok

21:41:29.0395 3048 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

21:41:29.0399 3048 PNRPAutoReg - ok

21:41:29.0430 3048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

21:41:29.0437 3048 PNRPsvc - ok

21:41:29.0481 3048 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:41:29.0489 3048 PolicyAgent - ok

21:41:29.0518 3048 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

21:41:29.0524 3048 Power - ok

21:41:29.0565 3048 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:41:29.0568 3048 PptpMiniport - ok

21:41:29.0602 3048 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

21:41:29.0603 3048 Processor - ok

21:41:29.0639 3048 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

21:41:29.0645 3048 ProfSvc - ok

21:41:29.0666 3048 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:41:29.0669 3048 ProtectedStorage - ok

21:41:29.0698 3048 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

21:41:29.0701 3048 Psched - ok

21:41:29.0768 3048 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

21:41:29.0789 3048 ql2300 - ok

21:41:29.0817 3048 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

21:41:29.0819 3048 ql40xx - ok

21:41:29.0850 3048 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

21:41:29.0856 3048 QWAVE - ok

21:41:29.0891 3048 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:41:29.0893 3048 QWAVEdrv - ok

21:41:29.0913 3048 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:41:29.0914 3048 RasAcd - ok

21:41:29.0932 3048 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

21:41:29.0934 3048 RasAgileVpn - ok

21:41:29.0954 3048 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

21:41:29.0959 3048 RasAuto - ok

21:41:29.0981 3048 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:41:29.0984 3048 Rasl2tp - ok

21:41:30.0008 3048 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

21:41:30.0017 3048 RasMan - ok

21:41:30.0037 3048 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:41:30.0039 3048 RasPppoe - ok

21:41:30.0057 3048 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:41:30.0059 3048 RasSstp - ok

21:41:30.0080 3048 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:41:30.0085 3048 rdbss - ok

21:41:30.0109 3048 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

21:41:30.0111 3048 rdpbus - ok

21:41:30.0133 3048 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:41:30.0134 3048 RDPCDD - ok

21:41:30.0151 3048 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:41:30.0153 3048 RDPENCDD - ok

21:41:30.0171 3048 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

21:41:30.0172 3048 RDPREFMP - ok

21:41:30.0215 3048 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:41:30.0219 3048 RDPWD - ok

21:41:30.0241 3048 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

21:41:30.0245 3048 rdyboost - ok

21:41:30.0274 3048 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:41:30.0278 3048 RemoteAccess - ok

21:41:30.0313 3048 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:41:30.0319 3048 RemoteRegistry - ok

21:41:30.0363 3048 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

21:41:30.0369 3048 RoxioNow Service - ok

21:41:30.0392 3048 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

21:41:30.0397 3048 RpcEptMapper - ok

21:41:30.0452 3048 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

21:41:30.0455 3048 RpcLocator - ok

21:41:30.0484 3048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

21:41:30.0494 3048 RpcSs - ok

21:41:30.0531 3048 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys

21:41:30.0536 3048 RSPCIESTOR - ok

21:41:30.0569 3048 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:41:30.0571 3048 rspndr - ok

21:41:30.0617 3048 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

21:41:30.0623 3048 RTL8167 - ok

21:41:30.0642 3048 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

21:41:30.0645 3048 SamSs - ok

21:41:30.0705 3048 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

21:41:30.0707 3048 SASDIFSV - ok

21:41:30.0730 3048 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

21:41:30.0732 3048 SASKUTIL - ok

21:41:30.0777 3048 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:41:30.0780 3048 sbp2port - ok

21:41:30.0819 3048 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:41:30.0825 3048 SCardSvr - ok

21:41:30.0864 3048 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

21:41:30.0866 3048 scfilter - ok

21:41:30.0908 3048 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

21:41:30.0928 3048 Schedule - ok

21:41:30.0955 3048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

21:41:30.0957 3048 SCPolicySvc - ok

21:41:30.0971 3048 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

21:41:30.0974 3048 sdbus - ok

21:41:30.0993 3048 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:41:30.0999 3048 SDRSVC - ok

21:41:31.0057 3048 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

21:41:31.0060 3048 SeaPort - ok

21:41:31.0083 3048 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:41:31.0085 3048 secdrv - ok

21:41:31.0105 3048 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

21:41:31.0109 3048 seclogon - ok

21:41:31.0139 3048 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

21:41:31.0144 3048 SENS - ok

21:41:31.0169 3048 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

21:41:31.0173 3048 SensrSvc - ok

21:41:31.0196 3048 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

21:41:31.0198 3048 Serenum - ok

21:41:31.0225 3048 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

21:41:31.0228 3048 Serial - ok

21:41:31.0259 3048 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

21:41:31.0261 3048 sermouse - ok

21:41:31.0310 3048 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

21:41:31.0316 3048 SessionEnv - ok

21:41:31.0338 3048 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:41:31.0339 3048 sffdisk - ok

21:41:31.0367 3048 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:41:31.0368 3048 sffp_mmc - ok

21:41:31.0383 3048 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:41:31.0384 3048 sffp_sd - ok

21:41:31.0412 3048 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

21:41:31.0413 3048 sfloppy - ok

21:41:31.0452 3048 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

21:41:31.0458 3048 SharedAccess - ok

21:41:31.0498 3048 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:41:31.0506 3048 ShellHWDetection - ok

21:41:31.0527 3048 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

21:41:31.0529 3048 SiSRaid2 - ok

21:41:31.0550 3048 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

21:41:31.0552 3048 SiSRaid4 - ok

21:41:31.0587 3048 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:41:31.0589 3048 Smb - ok

21:41:31.0638 3048 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:41:31.0646 3048 SNMPTRAP - ok

21:41:31.0752 3048 [ A8493E43F9D4B22BBED2D424D03ED273 ] SpeedDiskService C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe

21:41:31.0772 3048 SpeedDiskService - ok

21:41:31.0800 3048 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

21:41:31.0802 3048 spldr - ok

21:41:31.0856 3048 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe

21:41:31.0873 3048 Spooler - ok

21:41:31.0997 3048 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

21:41:32.0042 3048 sppsvc - ok

21:41:32.0061 3048 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

21:41:32.0066 3048 sppuinotify - ok

21:41:32.0142 3048 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS

21:41:32.0157 3048 SRTSP - ok

21:41:32.0188 3048 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS

21:41:32.0189 3048 SRTSPX - ok

21:41:32.0230 3048 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

21:41:32.0237 3048 srv - ok

21:41:32.0280 3048 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:41:32.0286 3048 srv2 - ok

21:41:32.0327 3048 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

21:41:32.0333 3048 SrvHsfHDA - ok

21:41:32.0382 3048 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

21:41:32.0399 3048 SrvHsfV92 - ok

21:41:32.0451 3048 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

21:41:32.0460 3048 SrvHsfWinac - ok

21:41:32.0501 3048 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:41:32.0504 3048 srvnet - ok

21:41:32.0537 3048 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:41:32.0544 3048 SSDPSRV - ok

21:41:32.0569 3048 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:41:32.0574 3048 SstpSvc - ok

21:41:32.0680 3048 [ 6CD0118F9663045E5F5EE9C83F06DDB7 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

21:41:32.0688 3048 STacSV - ok

21:41:32.0748 3048 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

21:41:32.0751 3048 stexstor - ok

21:41:32.0794 3048 [ 4626777CA516512F6BB4D0166FBC6666 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

21:41:32.0807 3048 STHDA - ok

21:41:32.0861 3048 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

21:41:32.0879 3048 stisvc - ok

21:41:32.0914 3048 [ E350135736D696BF279705E139376E1E ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys

21:41:32.0915 3048 SWDUMon - ok

21:41:32.0945 3048 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

21:41:32.0947 3048 swenum - ok

21:41:32.0994 3048 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

21:41:33.0004 3048 swprv - ok

21:41:33.0051 3048 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS

21:41:33.0057 3048 SymDS - ok

21:41:33.0094 3048 [ E7B1BCB70355A84D6DFEE12702B588D0 ] SymDSMon C:\Windows\system32\drivers\SymDSMon.sys

21:41:33.0098 3048 SymDSMon - ok

21:41:33.0144 3048 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS

21:41:33.0157 3048 SymEFA - ok

21:41:33.0194 3048 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

21:41:33.0197 3048 SymEvent - ok

21:41:33.0239 3048 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS

21:41:33.0242 3048 SymIRON - ok

21:41:33.0281 3048 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS

21:41:33.0287 3048 SymNetS - ok

21:41:33.0314 3048 [ F0268941519D73658199ECB1BB712BE1 ] SYMSpeedDisk C:\Windows\system32\drivers\SymSpeedDisk.sys

21:41:33.0317 3048 SYMSpeedDisk - ok

21:41:33.0380 3048 [ 08425CD92972C6430F350A9697F4A553 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

21:41:33.0396 3048 SynTP - ok

21:41:33.0463 3048 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

21:41:33.0486 3048 SysMain - ok

21:41:33.0508 3048 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:41:33.0513 3048 TabletInputService - ok

21:41:33.0539 3048 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:41:33.0547 3048 TapiSrv - ok

21:41:33.0566 3048 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

21:41:33.0570 3048 TBS - ok

21:41:33.0662 3048 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:41:33.0693 3048 Tcpip - ok

21:41:33.0735 3048 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

21:41:33.0756 3048 TCPIP6 - ok

21:41:33.0791 3048 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:41:33.0793 3048 tcpipreg - ok

21:41:33.0817 3048 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:41:33.0819 3048 TDPIPE - ok

21:41:33.0838 3048 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:41:33.0839 3048 TDTCP - ok

21:41:33.0866 3048 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:41:33.0869 3048 tdx - ok

21:41:33.0881 3048 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

21:41:33.0884 3048 TermDD - ok

21:41:33.0927 3048 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

21:41:33.0938 3048 TermService - ok

21:41:33.0964 3048 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

21:41:33.0968 3048 Themes - ok

21:41:33.0999 3048 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

21:41:34.0003 3048 THREADORDER - ok

21:41:34.0045 3048 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

21:41:34.0051 3048 TrkWks - ok

21:41:34.0107 3048 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:41:34.0113 3048 TrustedInstaller - ok

21:41:34.0153 3048 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:41:34.0155 3048 tssecsrv - ok

21:41:34.0181 3048 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

21:41:34.0184 3048 TsUsbFlt - ok

21:41:34.0204 3048 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

21:41:34.0206 3048 TsUsbGD - ok

21:41:34.0237 3048 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:41:34.0240 3048 tunnel - ok

21:41:34.0266 3048 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

21:41:34.0268 3048 uagp35 - ok

21:41:34.0295 3048 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:41:34.0301 3048 udfs - ok

21:41:34.0358 3048 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:41:34.0363 3048 UI0Detect - ok

21:41:34.0398 3048 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:41:34.0400 3048 uliagpkx - ok

21:41:34.0461 3048 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

21:41:34.0463 3048 umbus - ok

21:41:34.0475 3048 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

21:41:34.0477 3048 UmPass - ok

21:41:34.0503 3048 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

21:41:34.0511 3048 upnphost - ok

21:41:34.0534 3048 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

21:41:34.0536 3048 USBAAPL64 - ok

21:41:34.0561 3048 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

21:41:34.0564 3048 usbaudio - ok

21:41:34.0595 3048 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:41:34.0598 3048 usbccgp - ok

21:41:34.0613 3048 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:41:34.0615 3048 usbcir - ok

21:41:34.0635 3048 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

21:41:34.0636 3048 usbehci - ok

21:41:34.0667 3048 [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

21:41:34.0669 3048 usbfilter - ok

21:41:34.0698 3048 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

21:41:34.0703 3048 usbhub - ok

21:41:34.0728 3048 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

21:41:34.0730 3048 usbohci - ok

21:41:34.0744 3048 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

21:41:34.0746 3048 usbprint - ok

21:41:34.0785 3048 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:41:34.0787 3048 USBSTOR - ok

21:41:34.0805 3048 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

21:41:34.0807 3048 usbuhci - ok

21:41:34.0846 3048 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

21:41:34.0850 3048 usbvideo - ok

21:41:34.0886 3048 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

21:41:34.0890 3048 UxSms - ok

21:41:34.0912 3048 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

21:41:34.0915 3048 VaultSvc - ok

21:41:34.0935 3048 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

21:41:34.0937 3048 vdrvroot - ok

21:41:34.0969 3048 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

21:41:34.0979 3048 vds - ok

21:41:35.0001 3048 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:41:35.0003 3048 vga - ok

21:41:35.0023 3048 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

21:41:35.0025 3048 VgaSave - ok

21:41:35.0057 3048 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

21:41:35.0062 3048 vhdmp - ok

21:41:35.0084 3048 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

21:41:35.0085 3048 viaide - ok

21:41:35.0120 3048 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:41:35.0122 3048 volmgr - ok

21:41:35.0150 3048 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:41:35.0156 3048 volmgrx - ok

21:41:35.0192 3048 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:41:35.0197 3048 volsnap - ok

21:41:35.0223 3048 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

21:41:35.0226 3048 vsmraid - ok

21:41:35.0290 3048 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

21:41:35.0311 3048 VSS - ok

21:41:35.0381 3048 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe

21:41:35.0400 3048 vToolbarUpdater11.2.0 - ok

21:41:35.0420 3048 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

21:41:35.0422 3048 vwifibus - ok

21:41:35.0464 3048 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

21:41:35.0466 3048 vwififlt - ok

21:41:35.0485 3048 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

21:41:35.0486 3048 vwifimp - ok

21:41:35.0538 3048 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

21:41:35.0552 3048 W32Time - ok

21:41:35.0588 3048 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

21:41:35.0590 3048 WacomPen - ok

21:41:35.0618 3048 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

21:41:35.0621 3048 WANARP - ok

21:41:35.0634 3048 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:41:35.0636 3048 Wanarpv6 - ok

21:41:35.0708 3048 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

21:41:35.0722 3048 WatAdminSvc - ok

21:41:35.0804 3048 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

21:41:35.0827 3048 wbengine - ok

21:41:35.0852 3048 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

21:41:35.0860 3048 WbioSrvc - ok

21:41:35.0878 3048 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:41:35.0888 3048 wcncsvc - ok

21:41:35.0913 3048 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:41:35.0919 3048 WcsPlugInService - ok

21:41:35.0954 3048 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

21:41:35.0956 3048 Wd - ok

21:41:36.0009 3048 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:41:36.0019 3048 Wdf01000 - ok

21:41:36.0046 3048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:41:36.0052 3048 WdiServiceHost - ok

21:41:36.0063 3048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:41:36.0070 3048 WdiSystemHost - ok

21:41:36.0109 3048 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

21:41:36.0116 3048 WebClient - ok

21:41:36.0141 3048 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:41:36.0148 3048 Wecsvc - ok

21:41:36.0171 3048 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:41:36.0177 3048 wercplsupport - ok

21:41:36.0195 3048 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

21:41:36.0200 3048 WerSvc - ok

21:41:36.0218 3048 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

21:41:36.0219 3048 WfpLwf - ok

21:41:36.0236 3048 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

21:41:36.0238 3048 WIMMount - ok

21:41:36.0260 3048 WinDefend - ok

21:41:36.0276 3048 WinHttpAutoProxySvc - ok

21:41:36.0343 3048 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:41:36.0348 3048 Winmgmt - ok

21:41:36.0426 3048 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

21:41:36.0451 3048 WinRM - ok

21:41:36.0517 3048 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

21:41:36.0531 3048 Wlansvc - ok

21:41:36.0573 3048 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:41:36.0575 3048 wlcrasvc - ok

21:41:36.0688 3048 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:41:36.0719 3048 wlidsvc - ok

21:41:36.0750 3048 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

21:41:36.0751 3048 WmiAcpi - ok

21:41:36.0795 3048 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:41:36.0799 3048 wmiApSrv - ok

21:41:36.0827 3048 WMPNetworkSvc - ok

21:41:36.0857 3048 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:41:36.0861 3048 WPCSvc - ok

21:41:36.0886 3048 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:41:36.0892 3048 WPDBusEnum - ok

21:41:36.0929 3048 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:41:36.0931 3048 ws2ifsl - ok

21:41:36.0948 3048 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

21:41:36.0953 3048 wscsvc - ok

21:41:36.0965 3048 WSearch - ok

21:41:37.0122 3048 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

21:41:37.0152 3048 wuauserv - ok

21:41:37.0175 3048 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

21:41:37.0178 3048 WudfPf - ok

21:41:37.0195 3048 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:41:37.0198 3048 WUDFRd - ok

21:41:37.0241 3048 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:41:37.0247 3048 wudfsvc - ok

21:41:37.0277 3048 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

21:41:37.0284 3048 WwanSvc - ok

21:41:37.0357 3048 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

21:41:37.0370 3048 YahooAUService - ok

21:41:37.0399 3048 ================ Scan global ===============================

21:41:37.0424 3048 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

21:41:37.0464 3048 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:41:37.0483 3048 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:41:37.0515 3048 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

21:41:37.0553 3048 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

21:41:37.0561 3048 [Global] - ok

21:41:37.0562 3048 ================ Scan MBR ==================================

21:41:37.0580 3048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

21:41:37.0911 3048 \Device\Harddisk0\DR0 - ok

21:41:37.0912 3048 ================ Scan VBR ==================================

21:41:37.0920 3048 [ DB5C0F14B7F21718B7AC6988134F9DD3 ] \Device\Harddisk0\DR0\Partition1

21:41:37.0924 3048 \Device\Harddisk0\DR0\Partition1 - ok

21:41:37.0939 3048 [ 5FC585F549B6F82027BEF76E73D28840 ] \Device\Harddisk0\DR0\Partition2

21:41:37.0943 3048 \Device\Harddisk0\DR0\Partition2 - ok

21:41:37.0978 3048 [ 2A17F02AF3DC00A482B136429B9C0181 ] \Device\Harddisk0\DR0\Partition3

21:41:37.0981 3048 \Device\Harddisk0\DR0\Partition3 - ok

21:41:38.0004 3048 [ 57AE465343DF4598EDDCF1668AD373C2 ] \Device\Harddisk0\DR0\Partition4

21:41:38.0007 3048 \Device\Harddisk0\DR0\Partition4 - ok

21:41:38.0009 3048 ============================================================

21:41:38.0009 3048 Scan finished

21:41:38.0009 3048 ============================================================

21:41:38.0035 1144 Detected object count: 0

21:41:38.0035 1144 Actual detected object count: 0

Link to post
Share on other sites

Hello brookerk. :)

Looking good. Do any issues remain on your computer?

Please run a free online scan with the ESET Online Scanner.

Note: You can use Internet Explorer or Mozilla Firefox for this scan.

  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start.
  • When asked, allow the ActiveX control to install.
  • Click Start.
  • Make sure that the option Remove found threats is unchecked and the option Scan unwanted applications is checked.
  • Click Scan.
    Wait for the scan to finish.
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Per a full Norton scan after running the previous scan, the trojan is still present.

Category: Unresolved Security Risks

Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename

2012-08-30 22:54:16,High,services.exe.vir (Trojan.Zeroaccess!inf4) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec website.,c:\qoobox\quarantine\c\windows\system32\services.exe.vir

Link to post
Share on other sites

Hello Brookerk. :)

Per a full Norton scan after running the previous scan, the trojan is still present.

Not quite. The file it detected is the one quarantined by ComboFix so the threat has actually been dealt with.

Please run a free online scan with the ESET Online Scanner.

Note: You can use Internet Explorer or Mozilla Firefox for this scan.

  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start.
  • When asked, allow the ActiveX control to install.
  • Click Start.
  • Make sure that the option Remove found threats is unchecked and the option Scan unwanted applications is checked.
  • Click Scan.
    Wait for the scan to finish.
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Hello brookerk. :)

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.