Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Google Redirect Virus


  • Please log in to reply
17 replies to this topic

#1 homerdog_99

homerdog_99

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 05 June 2013 - 12:31 PM

Hello,

         Just this morning my browser started redirecting me to various sites whenever I performed a search using either Google or Yahoo.   It doesn't happen everytime and does go away, but starts happening again once I reboot the computer.  I ran Securty Check 317, MiniToolBox, and  MalWareBytes.  Logs are posted below.  I appreciate any help that might be provided.

 

Operating System: Windows 7 Home Premium (64-bit)

Antivirus: Symantec Endpoint protection version 12.1.2015.2015

Browser:  Internet Explorer 9

 

 

 

Security Check 317 Log:

Results of screen317's Security Check version 0.99.64 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
Symantec Endpoint Protection  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 JavaFX 2.1.1   
 Java™ 7 Update 5 
 Java version out of Date!
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Google Chrome 26.0.1410.64 
 Google Chrome 27.0.1453.94 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

 

 

 

 

 

Malwarebytes Log:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Michael Smith :: MICHAELSMITH-HP [limited]

Protection: Enabled

6/5/2013 1:16:21 PM
mbam-log-2013-06-05 (13-16-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216828
Time elapsed: 6 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

MiniToolBox Log:

MiniToolBox by Farbar  Version:21-04-2013
Ran by Michael Smith (administrator) on 05-06-2013 at 13:13:24
Running from "C:\Users\Michael Smith\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/05/2013 00:37:14 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:michael [email protected]/ by: Scheduled scan.  Action: Delete succeeded.  Action Description: The file was deleted successfully.

Error: (06/05/2013 11:15:20 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16483, time stamp: 0x515df825
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0003bc24
Faulting process id: 0x27b8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/05/2013 10:35:23 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2013 10:35:23 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/05/2013 10:35:22 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (06/05/2013 10:35:22 AM) (Source: ESENT) (User: )
Description: Windows (6812) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00128.log.

System errors:
=============
Error: (06/05/2013 00:44:43 PM) (Source: Service Control Manager) (User: )
Description: The lxefCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (06/05/2013 00:44:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the lxefCATSCustConnectService service to connect.

Error: (06/05/2013 11:04:28 AM) (Source: DCOM) (User: MichaelSmith-HP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MichaelSmith-HPMichael SmithS-1-5-21-268074573-3381272204-1465506851-1001LocalHost (Using LRPC)

Error: (06/05/2013 11:04:14 AM) (Source: DCOM) (User: MichaelSmith-HP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MichaelSmith-HPMichael SmithS-1-5-21-268074573-3381272204-1465506851-1001LocalHost (Using LRPC)

Error: (06/05/2013 11:04:14 AM) (Source: DCOM) (User: MichaelSmith-HP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MichaelSmith-HPMichael SmithS-1-5-21-268074573-3381272204-1465506851-1001LocalHost (Using LRPC)

Error: (06/05/2013 11:04:09 AM) (Source: DCOM) (User: MichaelSmith-HP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MichaelSmith-HPMichael SmithS-1-5-21-268074573-3381272204-1465506851-1001LocalHost (Using LRPC)

Error: (06/05/2013 10:36:36 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (06/05/2013 10:36:36 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.

Error: (06/05/2013 10:36:07 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (06/05/2013 10:36:07 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.

Microsoft Office Sessions:
=========================
Error: (06/05/2013 00:37:14 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:michael [email protected]/ by: Scheduled scan.  Action: Delete succeeded.  Action Description: The file was deleted successfully.

Error: (06/05/2013 11:15:20 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825ole32.dll6.1.7601.175144ce7b96fc00000050003bc2427b801ce61fb1df556e9C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\syswow64\ole32.dllbc4f0160-cdf2-11e2-9992-e840f273819a

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service)(User: )
Description:
Details:
 The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
 The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (06/05/2013 10:35:27 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/05/2013 10:35:23 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (06/05/2013 10:35:23 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/05/2013 10:35:22 AM) (Source: Windows Search Service)(User: )
Description:
Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (06/05/2013 10:35:22 AM) (Source: ESENT)(User: )
Description: Windows6812Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00128.log-1811

CodeIntegrity Errors:
===================================
  Date: 2013-01-17 19:44:07.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 19:34:14.412
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 19:18:27.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 19:05:33.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 18:40:44.484
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 17:20:13.977
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 16:49:45.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 16:39:06.738
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 16:25:49.681
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-17 16:12:32.068
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe AIR (Version: 3.7.0.1530)
Adobe Connect Add-in
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Airport Mania (Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Media Foundation Decoders (Version: 1.0.60629.2348)
AMD VISION Engine Control Center (Version: 2011.0630.16.41755)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Azteca (Version: 2.2.0.97)
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.0.610.0)
Bing Maps 3D (Version: 4.0.903.16005)
Blio (Version: 2.2.6699)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.97)
Build-a-lot (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0630.16.41755)
Catalyst Control Center InstallProxy (Version: 2011.0630.16.41755)
Catalyst Control Center Localization All (Version: 2011.0630.16.41755)
CCC Help Chinese Standard (Version: 2011.0630.0015.41755)
CCC Help Chinese Traditional (Version: 2011.0630.0015.41755)
CCC Help Czech (Version: 2011.0630.0015.41755)
CCC Help Danish (Version: 2011.0630.0015.41755)
CCC Help Dutch (Version: 2011.0630.0015.41755)
CCC Help English (Version: 2011.0630.0015.41755)
CCC Help Finnish (Version: 2011.0630.0015.41755)
CCC Help French (Version: 2011.0630.0015.41755)
CCC Help German (Version: 2011.0630.0015.41755)
CCC Help Greek (Version: 2011.0630.0015.41755)
CCC Help Hungarian (Version: 2011.0630.0015.41755)
CCC Help Italian (Version: 2011.0630.0015.41755)
CCC Help Japanese (Version: 2011.0630.0015.41755)
CCC Help Korean (Version: 2011.0630.0015.41755)
CCC Help Norwegian (Version: 2011.0630.0015.41755)
CCC Help Polish (Version: 2011.0630.0015.41755)
CCC Help Portuguese (Version: 2011.0630.0015.41755)
CCC Help Russian (Version: 2011.0630.0015.41755)
CCC Help Spanish (Version: 2011.0630.0015.41755)
CCC Help Swedish (Version: 2011.0630.0015.41755)
CCC Help Thai (Version: 2011.0630.0015.41755)
CCC Help Turkish (Version: 2011.0630.0015.41755)
ccc-utility64 (Version: 2011.0630.16.41755)
CCleaner (Version: 4.02)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco Connect (Version: 1.4.12005.2)
D3DX10 (Version: 15.4.2368.0902)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Documents To Go Desktop for Android (Version: 3.0000.033)
Download Navigator (Version: 3.4.1)
DVD Menu Pack for HP TouchSmart Video (Version: 4.1.4412)
Epson Connect Printer Setup (Version: 1.1.1)
EPSON Connect version 1.0 (Version: 1.0)
Epson Customer Participation (Version: 1.4.0.0)
Epson Event Manager (Version: 3.01.0003)
Epson FAX Utility (Version: 1.30.00)
Epson PC-FAX Driver
EPSON Printer Software
EPSON Remote Print Uninstall
EPSON Scan
EPSON WF-3520 Series Printer Uninstall
EpsonNet Print (Version: 2.5.00)
Facebook for HP TouchSmart (Version: 1.1.0004)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.97)
Google Chrome (Version: 27.0.1453.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Calendar (Version: 5.1.4245.23508)
HP Client Services (Version: 1.1.12938.3539)
HP Clock (Version: 5.1.4281.27332)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.5)
HP LinkUp (Version: 2.01.028)
HP Magic Canvas (Version: 5.1.15.0)
HP MovieStore (Version: 1.0.057)
HP MovieStore (Version: 2.0)
HP My Display TouchSmart Edition (Version: 1.04.022)
HP Notes (Version: 5.1.4274.30382)
HP Odometer (Version: 2.10.0000)
HP Photo Canvas (Version: 5.1.4267.27011)
HP RSS (Version: 5.1.4301.21494)
HP Setup (Version: 8.7.4747.3786)
HP Setup Manager (Version: 1.1.13880.3792)
HP Support Assistant (Version: 7.0.39.15)
HP Support Information (Version: 10.1.1000)
HP Touch Browser (Version: 5.1.4227.17815)
HP TouchSmart Ben10 Comic Book Reader (Version: 4.0.0.0)
HP TouchSmart Bubble Wrap (Version: 1.0.0.0)
HP TouchSmart eBay (Version: 1.0.4098.28440)
HP TouchSmart Get Updated! (Version: 4.0.0.0)
HP TouchSmart Metric Converter (Version: 1.0.0.0)
HP TouchSmart Music (Version: 4.2.5414)
HP TouchSmart Paint Blast (Version: 4.0.0.0)
HP TouchSmart Photo (Version: 4.2.5414)
HP TouchSmart RecipeBox (Version: 3.0.3830.27730)
HP TouchSmart Spot (Version: 1.0.0.0)
HP TouchSmart Tap Tap Bear (Version: 1.0.0.0)
HP TouchSmart Tutorials (Version: 4.0.0.4)
HP TouchSmart Twitter (Version: 3.0.4276.30236)
HP TouchSmart Video (Version: 4.2.5414)
HP TouchSmart Webcam (Version: 4.2.4214)
HP Update (Version: 5.003.001.001)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
HP Weather (Version: 5.1.4295.16450)
iCloud (Version: 2.1.1.3)
IDT Audio (Version: 1.0.6370.0)
iExplorer 3.2.2.2
iTunes (Version: 11.0.3.42)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jawbone Updater (Version: 0.1)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3925)
Lexmark S800 Series
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Memeo Instant Backup (Version: 4.60.0.7946)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (Version: 4.0)
Microsoft Office Professional Plus 2013 - en-us (Version: 15.0.4505.1006)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
mIRC (Version: 7.25)
MotoCast (Version: 2.0.31)
Motorola Device Manager (Version: 2.3.9)
Motorola Device Software Update (Version: 13.02.1402)
MOTOROLA MEDIA LINK (Version: 1.9.0002.0)
Motorola Mobile Drivers Installation 6.0.0 (Version: 6.0.0)
Movie Theme Pack for HP TouchSmart Video (Version: 4.1.4412)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Mystery of Mortlake Mansion (Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4505.1006)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4505.1006)
Office 15 Click-to-Run Localization Component (Version: 15.0.4505.1006)
PC Tools Registry Mechanic 11.1 (Version: 11.1)
PDF Complete Special Edition (Version: 4.0.54)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.5331)
PressReader (Version: 5.10.1217.0)
QuickTime (Version: 7.74.80.86)
Ralink 802.11n Wireless LAN Card (Version: 4.0.3.0)
Recovery Manager (Version: 5.5.0.4222)
Remote Graphics Receiver (Version: 5.4.5)
RoxioNow Player (Version: 1.9.5.103)
Savings Bond Wizard
SDK (Version: 2.26.005)
Seagate Dashboard (Version: 1.1.0.1421)
Slingo Deluxe (Version: 2.2.0.95)
Software Update Wizard (Redistributable) 4.5 (Version: 4.5)
SplashID Safe 6.2 (Version: 6.2)
SpyHunter (Version: 4.13.6.4253)
Symantec Endpoint Protection (Version: 12.1.2015.2015)
TSHostedAppLauncher (Version: 5.1.15.0)
Twitter
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 16.5 (Version: 16.5.10096)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 3570.78 MB
Available physical RAM: 1170.16 MB
Total Pagefile: 7439.75 MB
Available Pagefile: 3719.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.5 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:916.7 GB) (Free:788.44 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:14.71 GB) (Free:1.82 GB) NTFS
5 Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:802.63 GB) NTFS

========================= Users: ========================================

User accounts for \\MICHAELSMITH-HP

Administrator            Guest                    Michael Smith           

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

 

 

 



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 05 June 2013 - 06:56 PM

Which browser is affected?

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


=============================================================================

p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


=======================================

p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#3 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 05 June 2013 - 07:39 PM

Internet Explorer 9 is the browser that is affected.  It appears to be working fine now and I've done several reboots to confirm, but I suspect it will continue to happen.  I will run the steps you provided tomorrow after work.  I have to catch some sleep since I have to be at work early tomorrow.  Thanks for the help, I really appreciate it.



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 05 June 2013 - 07:41 PM

thumbsup-thumbs-up-approve-ok-smiley-emo


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#5 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 06 June 2013 - 08:11 PM

I performed all of the requested steps and the logs are pasted in below. I did have trouble getting the computer to boot tonight. It got hung up after I typed in my password and I ended up shutting it down and it rebooted without a problem. I had to reboot twice after running Temp File Cleaner and twice after running AdwCleaner. I was also getting the Internet Browser redirect when I first logged onto the computer before performing requested steps. Several threats were identified via ESET and just in case you can't decipher, the G:/ is an external drive (Seagate) I use to backup my files. Thanks again for your help!

 

 

 

# AdwCleaner v2.301 - Logfile created 06/06/2013 at 16:55:39
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Michael Smith - MICHAELSMITH-HP
# Boot Mode : Normal
# Running from : C:\Users\Michael Smith\Downloads\adwcleaner (1).exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Registry is clean.

-\\ Google Chrome v27.0.1453.94

File : C:\Users\Michael Smith\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1437 octets] - [05/06/2013 08:58:15]
AdwCleaner[R2].txt - [1497 octets] - [05/06/2013 08:59:06]
AdwCleaner[R3].txt - [1548 octets] - [05/06/2013 09:08:34]
AdwCleaner[R4].txt - [1612 octets] - [05/06/2013 20:34:45]
AdwCleaner[R5].txt - [1672 octets] - [06/06/2013 16:54:18]
AdwCleaner[S1].txt - [411 octets] - [05/06/2013 08:59:55]
AdwCleaner[S2].txt - [1465 octets] - [06/06/2013 16:55:39]

########## EOF - C:\AdwCleaner[S2].txt - [1525 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Michael Smith on Thu 06/06/2013 at 17:07:21.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5A9F6FE2-C845-46FF-B3AD-D14E45A144F4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{5A9F6FE2-C845-46FF-B3AD-D14E45A144F4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Michael Smith\AppData\Roaming\registry mechanic"

 

~~~ Chrome

Dumping contents of C:\Users\Michael Smith\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Michael Smith\appdata\local\Google\Chrome\User Data\Default\Default\aaaaabgfdhgedddbgcddgbgbdfdcdfdj
C:\Users\Michael Smith\appdata\local\Google\Chrome\User Data\Default\Default\aaaaabgfdhgedddbgcddgbgbdfdcdfdj\background.js
C:\Users\Michael Smith\appdata\local\Google\Chrome\User Data\Default\Default\aaaaabgfdhgedddbgcddgbgbdfdcdfdj\ContentScript.js
C:\Users\Michael Smith\appdata\local\Google\Chrome\User Data\Default\Default\aaaaabgfdhgedddbgcddgbgbdfdcdfdj\manifest.json

Successfully deleted: [Folder] C:\Users\Michael Smith\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/06/2013 at 17:14:09.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

C:\Users\Michael Smith\AppData\Local\Macroplant_LLC\Programs\uwrxuv.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Michael Smith\Documents\Software\MIRC_v7.exe Win32/Adware.1ClickDownload.G application cleaned by deleting - quarantined
G:\Michael Smith_Backup\2012-06-10_19-16-54 (Old Den Sony Computer)\Memeo\2012-06-10_19-16-54\D_\Software\MIRC_v7.exe Win32/Adware.1ClickDownload.G application cleaned by deleting - quarantined
G:\Michael Smith_Backup\2013-01-09_13-15-21\Memeo\2013-01-09_13-15-21\C_\Users\Michael Smith\Documents\Software\MIRC_v7.exe Win32/Adware.1ClickDownload.G application cleaned by deleting - quarantined
Operating memory a variant of Win32/Boaxxe.AW trojan



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 06 June 2013 - 08:17 PM

How is redirection now?

 

p22002970.gif Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

 

p22002970.gif 1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

  • Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#7 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 06 June 2013 - 08:30 PM

I used Google to perform several searches, so far so good.  I was curious about the below from the ESET Scan and if it is a concern?  I'll perform the steps you list above and report back in a little bit.  Unfortunately I have to keep Adobe as it is required for one of the apps I use at work.

 

 

ESET Scan:  Operating memory a variant of Win32/Boaxxe.AW trojan



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 06 June 2013 - 08:39 PM

Please re-run Eset one more time.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#9 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 06 June 2013 - 09:11 PM

I installed Adobe and Java along with removing old versions of Java.  I looked at Uninstall Programs and still found 2 Java entries (Java 7 Update 21 and JavaFX 2.1.1)  Java 7 was the new version that installed and the other version wasn't uninstalled for some reason.  I'm guessing it's meant to be left alone.  I will rerun the ESET scan and post results tomorrow since the last scan took 3+ hours.



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 06 June 2013 - 09:13 PM

thumbsup-thumbs-up-approve-ok-smiley-emo


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#11 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 07 June 2013 - 01:28 AM

Just finished running second ESET Scan and received the results listed below. The Operating memory error came up at the very end of the scan again. Hopefully this is fixable since the scan did not delete the trojan.


ESET Scan Results:

Operating memory a variant of Win32/Boaxxe.AW trojan

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 07 June 2013 - 06:45 PM

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#13 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 07 June 2013 - 07:24 PM

I performed the requested action and the results are pasted in below. No reboot was required and TDSS did not show any infected or suspicious files during the scan.



20:18:53.0804 0204 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:18:54.0428 0204 ============================================================
20:18:54.0444 0204 Current date / time: 2013/06/07 20:18:54.0428
20:18:54.0444 0204 SystemInfo:
20:18:54.0444 0204
20:18:54.0444 0204 OS Version: 6.1.7601 ServicePack: 1.0
20:18:54.0444 0204 Product type: Workstation
20:18:54.0444 0204 ComputerName: MICHAELSMITH-HP
20:18:54.0444 0204 UserName: Michael Smith
20:18:54.0444 0204 Windows directory: C:\Windows
20:18:54.0444 0204 System windows directory: C:\Windows
20:18:54.0444 0204 Running under WOW64
20:18:54.0444 0204 Processor architecture: Intel x64
20:18:54.0444 0204 Number of processors: 2
20:18:54.0444 0204 Page size: 0x1000
20:18:54.0444 0204 Boot type: Normal boot
20:18:54.0444 0204 ============================================================
20:18:58.0718 0204 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:18:58.0796 0204 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:18:59.0155 0204 ============================================================
20:18:59.0155 0204 \Device\Harddisk0\DR0:
20:18:59.0170 0204 MBR partitions:
20:18:59.0170 0204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:18:59.0170 0204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72968000
20:18:59.0170 0204 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7299A800, BlocksNum 0x1D6B800
20:18:59.0170 0204 \Device\Harddisk2\DR2:
20:18:59.0170 0204 MBR partitions:
20:18:59.0170 0204 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
20:18:59.0170 0204 ============================================================
20:18:59.0451 0204 C: <-> \Device\Harddisk0\DR0\Partition2
20:18:59.0670 0204 D: <-> \Device\Harddisk0\DR0\Partition3
20:18:59.0794 0204 G: <-> \Device\Harddisk2\DR2\Partition1
20:19:00.0356 0204 ============================================================
20:19:00.0356 0204 Initialize success
20:19:00.0356 0204 ============================================================
20:19:09.0669 10472 ============================================================
20:19:09.0669 10472 Scan started
20:19:09.0669 10472 Mode: Manual;
20:19:09.0669 10472 ============================================================
20:19:15.0660 10472 ================ Scan system memory ========================
20:19:15.0660 10472 System memory - ok
20:19:15.0660 10472 ================ Scan services =============================
20:19:16.0455 10472 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:19:16.0455 10472 1394ohci - ok
20:19:16.0611 10472 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
20:19:16.0627 10472 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
20:19:16.0674 10472 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:19:16.0689 10472 ACPI - ok
20:19:16.0752 10472 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:19:16.0752 10472 AcpiPmi - ok
20:19:16.0845 10472 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:19:16.0861 10472 AdobeARMservice - ok
20:19:17.0220 10472 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:19:17.0235 10472 AdobeFlashPlayerUpdateSvc - ok
20:19:17.0298 10472 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:19:17.0313 10472 adp94xx - ok
20:19:17.0376 10472 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:19:17.0376 10472 adpahci - ok
20:19:17.0438 10472 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:19:17.0438 10472 adpu320 - ok
20:19:17.0500 10472 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:19:17.0500 10472 AeLookupSvc - ok
20:19:18.0046 10472 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
20:19:18.0062 10472 AESTFilters - ok
20:19:18.0124 10472 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:19:18.0140 10472 AFD - ok
20:19:18.0187 10472 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:19:18.0187 10472 agp440 - ok
20:19:18.0202 10472 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:19:18.0202 10472 ALG - ok
20:19:18.0234 10472 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:19:18.0249 10472 aliide - ok
20:19:18.0312 10472 [ 87E226C0E11182943D28E8BEC61618CD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:19:18.0312 10472 AMD External Events Utility - ok
20:19:18.0358 10472 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:19:18.0374 10472 amdide - ok
20:19:18.0436 10472 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:19:18.0546 10472 AmdK8 - ok
20:19:18.0858 10472 [ 446A1AAD34191665A8DF6092BD8EB5A8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:19:19.0029 10472 amdkmdag - ok
20:19:19.0076 10472 [ F8F8A908FDB005A65DDF7238C814EEA5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:19:19.0092 10472 amdkmdap - ok
20:19:19.0138 10472 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:19:19.0185 10472 AmdPPM - ok
20:19:19.0248 10472 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:19:19.0248 10472 amdsata - ok
20:19:19.0294 10472 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:19:19.0310 10472 amdsbs - ok
20:19:19.0357 10472 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:19:19.0357 10472 amdxata - ok
20:19:19.0404 10472 [ A4947E035B441D946422BD9A5D411C98 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
20:19:19.0404 10472 amd_sata - ok
20:19:19.0450 10472 [ 7A0E0CE7AECEE3F175CB2DAC81694499 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
20:19:19.0450 10472 amd_xata - ok
20:19:19.0513 10472 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:19:19.0513 10472 AppID - ok
20:19:19.0606 10472 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:19:20.0074 10472 AppIDSvc - ok
20:19:20.0137 10472 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:19:20.0137 10472 Appinfo - ok
20:19:20.0262 10472 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:19:20.0324 10472 Apple Mobile Device - ok
20:19:20.0371 10472 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:19:20.0371 10472 arc - ok
20:19:20.0402 10472 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:19:20.0402 10472 arcsas - ok
20:19:20.0620 10472 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:19:20.0667 10472 aspnet_state - ok
20:19:20.0714 10472 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:19:20.0730 10472 AsyncMac - ok
20:19:20.0761 10472 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:19:20.0761 10472 atapi - ok
20:19:20.0854 10472 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:19:20.0870 10472 AudioEndpointBuilder - ok
20:19:20.0886 10472 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:19:20.0886 10472 AudioSrv - ok
20:19:20.0964 10472 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:19:20.0964 10472 AxInstSV - ok
20:19:20.0995 10472 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:19:21.0166 10472 b06bdrv - ok
20:19:21.0244 10472 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:19:21.0244 10472 b57nd60a - ok
20:19:21.0338 10472 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:19:21.0338 10472 BBSvc - ok
20:19:21.0385 10472 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:19:21.0400 10472 BDESVC - ok
20:19:21.0416 10472 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:19:21.0432 10472 Beep - ok
20:19:21.0510 10472 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:19:21.0556 10472 BFE - ok
20:19:22.0399 10472 [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20130521.011\BHDrvx64.sys
20:19:22.0446 10472 BHDrvx64 - ok
20:19:22.0524 10472 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:19:22.0586 10472 BITS - ok
20:19:22.0617 10472 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:19:22.0633 10472 blbdrive - ok
20:19:22.0695 10472 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:19:22.0695 10472 Bonjour Service - ok
20:19:22.0773 10472 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:19:22.0773 10472 bowser - ok
20:19:22.0804 10472 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:19:22.0804 10472 BrFiltLo - ok
20:19:22.0836 10472 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:19:22.0992 10472 BrFiltUp - ok
20:19:23.0038 10472 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:19:23.0054 10472 Browser - ok
20:19:23.0101 10472 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:19:23.0475 10472 Brserid - ok
20:19:23.0553 10472 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:19:23.0553 10472 BrSerWdm - ok
20:19:23.0600 10472 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:19:23.0600 10472 BrUsbMdm - ok
20:19:23.0678 10472 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:19:23.0678 10472 BrUsbSer - ok
20:19:23.0694 10472 BTCFilterService - ok
20:19:23.0772 10472 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:19:23.0772 10472 BTHMODEM - ok
20:19:23.0834 10472 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:19:23.0834 10472 bthserv - ok
20:19:24.0006 10472 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
20:19:24.0006 10472 CalendarSynchService - ok
20:19:24.0099 10472 [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3 C:\Windows\system32\DRIVERS\cbfs3.sys
20:19:24.0115 10472 cbfs3 - ok
20:19:24.0255 10472 [ 248C952C82DF1E23775432774CBB20F1 ] ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553} C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys
20:19:24.0302 10472 ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553} - ok
20:19:24.0333 10472 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:19:24.0614 10472 cdfs - ok
20:19:24.0692 10472 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:19:24.0708 10472 cdrom - ok
20:19:24.0754 10472 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:19:24.0754 10472 CertPropSvc - ok
20:19:24.0786 10472 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:19:24.0801 10472 circlass - ok
20:19:24.0832 10472 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:19:24.0832 10472 CLFS - ok
20:19:24.0926 10472 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:19:24.0942 10472 clr_optimization_v2.0.50727_32 - ok
20:19:25.0004 10472 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:19:25.0020 10472 clr_optimization_v2.0.50727_64 - ok
20:19:25.0160 10472 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:19:25.0222 10472 clr_optimization_v4.0.30319_32 - ok
20:19:25.0254 10472 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:19:25.0285 10472 clr_optimization_v4.0.30319_64 - ok
20:19:25.0347 10472 [ D68D9F4D53010B7E84D4E80A2E485554 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:19:25.0347 10472 clwvd - ok
20:19:25.0378 10472 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:19:25.0378 10472 CmBatt - ok
20:19:25.0410 10472 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:19:25.0425 10472 cmdide - ok
20:19:25.0472 10472 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:19:25.0503 10472 CNG - ok
20:19:25.0519 10472 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:19:25.0519 10472 Compbatt - ok
20:19:25.0566 10472 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:19:25.0566 10472 CompositeBus - ok
20:19:25.0581 10472 COMSysApp - ok
20:19:27.0250 10472 cpuz134 - ok
20:19:27.0344 10472 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:19:27.0344 10472 crcdisk - ok
20:19:27.0453 10472 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:19:27.0469 10472 CryptSvc - ok
20:19:27.0562 10472 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:19:27.0578 10472 DcomLaunch - ok
20:19:27.0656 10472 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:19:27.0656 10472 defragsvc - ok
20:19:27.0843 10472 [ 59D90B6A7FBC4CC712DD7C5868618480 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
20:19:27.0843 10472 DeviceMonitorService - ok
20:19:27.0874 10472 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:19:27.0890 10472 DfsC - ok
20:19:27.0968 10472 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:19:27.0968 10472 Dhcp - ok
20:19:27.0999 10472 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:19:27.0999 10472 discache - ok
20:19:28.0108 10472 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:19:28.0108 10472 Disk - ok
20:19:28.0155 10472 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:19:28.0171 10472 Dnscache - ok
20:19:28.0280 10472 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:19:28.0280 10472 dot3svc - ok
20:19:28.0311 10472 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:19:28.0311 10472 DPS - ok
20:19:28.0358 10472 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:19:28.0358 10472 drmkaud - ok
20:19:28.0452 10472 [ A2613B4CBB8CF4BE09B03DC1ABAD510D ] DTSRVC C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
20:19:28.0452 10472 DTSRVC - ok
20:19:28.0530 10472 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:19:28.0576 10472 DXGKrnl - ok
20:19:28.0623 10472 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:19:28.0623 10472 EapHost - ok
20:19:28.0764 10472 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:19:28.0810 10472 ebdrv - ok
20:19:29.0544 10472 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:19:29.0559 10472 eeCtrl - ok
20:19:29.0622 10472 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:19:29.0622 10472 EFS - ok
20:19:29.0918 10472 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:19:29.0934 10472 ehRecvr - ok
20:19:30.0012 10472 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:19:30.0027 10472 ehSched - ok
20:19:30.0168 10472 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:19:30.0199 10472 elxstor - ok
20:19:30.0573 10472 [ 1E0764A8A8F39BAAEB271DA597422584 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
20:19:30.0589 10472 EpsonCustomerParticipation - ok
20:19:30.0698 10472 [ 20ECD0A490A121CB34F553FAD1DBBD39 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
20:19:30.0714 10472 EpsonScanSvc - ok
20:19:30.0885 10472 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:19:30.0901 10472 EraserUtilRebootDrv - ok
20:19:30.0979 10472 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:19:30.0979 10472 ErrDev - ok
20:19:31.0072 10472 esgiguard - ok
20:19:31.0166 10472 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:19:31.0182 10472 EventSystem - ok
20:19:31.0228 10472 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:19:31.0244 10472 exfat - ok
20:19:31.0291 10472 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:19:31.0291 10472 fastfat - ok
20:19:31.0384 10472 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:19:31.0400 10472 Fax - ok
20:19:31.0431 10472 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:19:31.0587 10472 fdc - ok
20:19:31.0821 10472 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:19:31.0837 10472 fdPHost - ok
20:19:31.0884 10472 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:19:31.0899 10472 FDResPub - ok
20:19:31.0930 10472 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:19:31.0930 10472 FileInfo - ok
20:19:31.0977 10472 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:19:31.0993 10472 Filetrace - ok
20:19:32.0055 10472 [ 35DAAD359197828D3CF3965764F5D82C ] FintekCIR C:\Windows\system32\drivers\FintekCIR.sys
20:19:32.0055 10472 FintekCIR - ok
20:19:32.0086 10472 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:19:32.0102 10472 flpydisk - ok
20:19:32.0149 10472 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:19:32.0164 10472 FltMgr - ok
20:19:32.0258 10472 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:19:32.0305 10472 FontCache - ok
20:19:32.0383 10472 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:19:32.0383 10472 FontCache3.0.0.0 - ok
20:19:32.0414 10472 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:19:32.0430 10472 FsDepends - ok
20:19:32.0461 10472 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:19:32.0461 10472 Fs_Rec - ok
20:19:32.0508 10472 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:19:32.0508 10472 fvevol - ok
20:19:32.0570 10472 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:19:32.0570 10472 gagp30kx - ok
20:19:32.0679 10472 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:19:32.0695 10472 GamesAppService - ok
20:19:32.0757 10472 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:19:32.0773 10472 GEARAspiWDM - ok
20:19:32.0851 10472 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:19:32.0866 10472 gpsvc - ok
20:19:33.0054 10472 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:19:33.0054 10472 gupdate - ok
20:19:33.0069 10472 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:19:33.0069 10472 gupdatem - ok
20:19:33.0163 10472 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:19:33.0163 10472 gusvc - ok
20:19:33.0225 10472 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:19:33.0225 10472 hcw85cir - ok
20:19:33.0272 10472 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:19:33.0288 10472 HdAudAddService - ok
20:19:33.0334 10472 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:19:33.0334 10472 HDAudBus - ok
20:19:33.0366 10472 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:19:33.0366 10472 HidBatt - ok
20:19:33.0397 10472 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:19:33.0412 10472 HidBth - ok
20:19:33.0444 10472 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:19:33.0444 10472 HidIr - ok
20:19:33.0475 10472 [ 7A327F2FC6CDBC499A39D615CDC190F2 ] hidkmdf C:\Windows\system32\drivers\hidkmdf.sys
20:19:33.0568 10472 hidkmdf - ok
20:19:33.0615 10472 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:19:33.0615 10472 hidserv - ok
20:19:33.0724 10472 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:19:33.0927 10472 HidUsb - ok
20:19:34.0130 10472 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:19:34.0130 10472 hkmsvc - ok
20:19:34.0177 10472 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:19:34.0177 10472 HomeGroupListener - ok
20:19:34.0239 10472 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:19:34.0239 10472 HomeGroupProvider - ok
20:19:34.0348 10472 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:19:34.0348 10472 HP Support Assistant Service - ok
20:19:34.0426 10472 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:19:34.0426 10472 HPClientSvc - ok
20:19:34.0598 10472 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:19:34.0645 10472 hpqwmiex - ok
20:19:34.0692 10472 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:19:34.0692 10472 HpSAMD - ok
20:19:34.0754 10472 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:19:34.0770 10472 HTTP - ok
20:19:34.0816 10472 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:19:34.0816 10472 hwpolicy - ok
20:19:34.0863 10472 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:19:34.0863 10472 i8042prt - ok
20:19:34.0910 10472 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:19:34.0926 10472 iaStorV - ok
20:19:35.0019 10472 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:19:35.0019 10472 idsvc - ok
20:19:35.0362 10472 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20130606.011\IDSvia64.sys
20:19:35.0440 10472 IDSVia64 - ok
20:19:35.0799 10472 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:19:35.0955 10472 igfx - ok
20:19:36.0033 10472 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:19:36.0049 10472 iirsp - ok
20:19:36.0127 10472 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:19:36.0314 10472 IKEEXT - ok
20:19:36.0439 10472 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:19:36.0439 10472 intelide - ok
20:19:36.0470 10472 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:19:36.0470 10472 intelppm - ok
20:19:36.0532 10472 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:19:36.0532 10472 IPBusEnum - ok
20:19:36.0610 10472 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:19:36.0610 10472 IpFilterDriver - ok
20:19:36.0657 10472 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:19:36.0673 10472 iphlpsvc - ok
20:19:36.0688 10472 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:19:36.0688 10472 IPMIDRV - ok
20:19:36.0735 10472 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:19:36.0735 10472 IPNAT - ok
20:19:36.0860 10472 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:19:36.0876 10472 iPod Service - ok
20:19:36.0938 10472 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:19:36.0938 10472 IRENUM - ok
20:19:36.0985 10472 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:19:36.0985 10472 isapnp - ok
20:19:37.0032 10472 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:19:37.0032 10472 iScsiPrt - ok
20:19:37.0110 10472 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:19:37.0125 10472 kbdclass - ok
20:19:37.0172 10472 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:19:37.0188 10472 kbdhid - ok
20:19:37.0219 10472 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:19:37.0219 10472 KeyIso - ok
20:19:37.0297 10472 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:19:37.0297 10472 KSecDD - ok
20:19:37.0344 10472 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:19:37.0344 10472 KSecPkg - ok
20:19:37.0375 10472 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:19:37.0390 10472 ksthunk - ok
20:19:37.0422 10472 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:19:37.0437 10472 KtmRm - ok
20:19:37.0484 10472 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:19:37.0500 10472 LanmanServer - ok
20:19:37.0546 10472 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:19:37.0578 10472 LanmanWorkstation - ok
20:19:37.0671 10472 [ C7D21310EA0A644AA6394DE1E46E3D31 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
20:19:37.0671 10472 libusb0 - ok
20:19:37.0734 10472 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:19:37.0734 10472 lltdio - ok
20:19:37.0812 10472 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:19:37.0812 10472 lltdsvc - ok
20:19:37.0843 10472 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:19:37.0843 10472 lmhosts - ok
20:19:37.0921 10472 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:19:37.0921 10472 LSI_FC - ok
20:19:37.0968 10472 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:19:37.0983 10472 LSI_SAS - ok
20:19:38.0014 10472 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:19:38.0014 10472 LSI_SAS2 - ok
20:19:38.0077 10472 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:19:38.0124 10472 LSI_SCSI - ok
20:19:38.0186 10472 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:19:38.0186 10472 luafv - ok
20:19:38.0467 10472 [ 0C650620D4146E5EDA65B93EC659A1E5 ] lxefCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxefserv.exe
20:19:38.0748 10472 lxefCATSCustConnectService - ok
20:19:38.0763 10472 lxef_device - ok
20:19:38.0841 10472 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:19:38.0857 10472 MBAMProtector - ok
20:19:38.0919 10472 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:19:38.0919 10472 MBAMScheduler - ok
20:19:38.0950 10472 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:19:38.0966 10472 MBAMService - ok
20:19:39.0013 10472 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:19:39.0013 10472 Mcx2Svc - ok
20:19:39.0091 10472 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:19:39.0091 10472 megasas - ok
20:19:39.0122 10472 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:19:39.0138 10472 MegaSR - ok
20:19:39.0231 10472 [ 671A03CA9CD0259CCBB7B78A9CE234EC ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
20:19:39.0262 10472 MemeoBackgroundService - ok
20:19:39.0278 10472 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:19:39.0294 10472 MMCSS - ok
20:19:39.0309 10472 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:19:39.0309 10472 Modem - ok
20:19:39.0340 10472 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:19:39.0340 10472 monitor - ok
20:19:39.0340 10472 motandroidusb - ok
20:19:39.0387 10472 motccgp - ok
20:19:39.0387 10472 motccgpfl - ok
20:19:39.0403 10472 motmodem - ok
20:19:39.0574 10472 [ FDF0D78147DA8B2A93FE42D9A14C1B0B ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
20:19:39.0574 10472 Motorola Device Manager - ok
20:19:39.0590 10472 MotoSwitchService - ok
20:19:39.0606 10472 Motousbnet - ok
20:19:39.0621 10472 motusbdevice - ok
20:19:39.0668 10472 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:19:39.0684 10472 mouclass - ok
20:19:39.0746 10472 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:19:39.0746 10472 mouhid - ok
20:19:39.0840 10472 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:19:39.0840 10472 mountmgr - ok
20:19:39.0918 10472 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:19:39.0918 10472 mpio - ok
20:19:39.0964 10472 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:19:39.0964 10472 mpsdrv - ok
20:19:40.0074 10472 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:19:40.0089 10472 MpsSvc - ok
20:19:40.0152 10472 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:19:40.0152 10472 MRxDAV - ok
20:19:40.0276 10472 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:19:40.0292 10472 mrxsmb - ok
20:19:40.0370 10472 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:19:40.0370 10472 mrxsmb10 - ok
20:19:40.0432 10472 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:19:40.0448 10472 mrxsmb20 - ok
20:19:40.0526 10472 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:19:40.0526 10472 msahci - ok
20:19:40.0573 10472 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:19:40.0573 10472 msdsm - ok
20:19:40.0620 10472 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:19:40.0620 10472 MSDTC - ok
20:19:40.0651 10472 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:19:40.0666 10472 Msfs - ok
20:19:40.0682 10472 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:19:40.0698 10472 mshidkmdf - ok
20:19:40.0744 10472 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:19:40.0822 10472 msisadrv - ok
20:19:40.0916 10472 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:19:40.0932 10472 MSiSCSI - ok
20:19:40.0932 10472 msiserver - ok
20:19:40.0978 10472 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:19:40.0978 10472 MSKSSRV - ok
20:19:40.0994 10472 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:19:40.0994 10472 MSPCLOCK - ok
20:19:41.0010 10472 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:19:41.0010 10472 MSPQM - ok
20:19:41.0041 10472 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:19:41.0041 10472 MsRPC - ok
20:19:41.0072 10472 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:19:41.0072 10472 mssmbios - ok
20:19:41.0088 10472 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:19:41.0088 10472 MSTEE - ok
20:19:41.0103 10472 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:19:41.0103 10472 MTConfig - ok
20:19:41.0134 10472 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:19:41.0150 10472 Mup - ok
20:19:41.0181 10472 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:19:41.0197 10472 napagent - ok
20:19:41.0244 10472 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:19:41.0244 10472 NativeWifiP - ok
20:19:41.0446 10472 [ 56540E526B46E379A476FB5BC381B290 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20130606.039\ENG64.SYS
20:19:41.0446 10472 NAVENG - ok
20:19:41.0540 10472 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20130606.039\EX64.SYS
20:19:41.0587 10472 NAVEX15 - ok
20:19:41.0696 10472 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:19:41.0696 10472 NDIS - ok
20:19:41.0743 10472 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:19:41.0743 10472 NdisCap - ok
20:19:41.0790 10472 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:19:41.0790 10472 NdisTapi - ok
20:19:41.0883 10472 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:19:41.0899 10472 Ndisuio - ok
20:19:41.0946 10472 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:19:41.0946 10472 NdisWan - ok
20:19:42.0039 10472 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:19:42.0039 10472 NDProxy - ok
20:19:42.0102 10472 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:19:42.0117 10472 NetBIOS - ok
20:19:42.0148 10472 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:19:42.0164 10472 NetBT - ok
20:19:42.0180 10472 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:19:42.0195 10472 Netlogon - ok
20:19:42.0258 10472 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:19:42.0258 10472 Netman - ok
20:19:42.0445 10472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:42.0492 10472 NetMsmqActivator - ok
20:19:42.0507 10472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:42.0523 10472 NetPipeActivator - ok
20:19:42.0538 10472 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:19:42.0554 10472 netprofm - ok
20:19:42.0663 10472 [ 3B7DE4C730202F6F5B0CB202990AA6EF ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
20:19:42.0694 10472 netr28x - ok
20:19:42.0710 10472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:42.0710 10472 NetTcpActivator - ok
20:19:42.0726 10472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:42.0726 10472 NetTcpPortSharing - ok
20:19:42.0772 10472 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:19:42.0772 10472 nfrd960 - ok
20:19:42.0819 10472 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:19:42.0819 10472 NlaSvc - ok
20:19:42.0835 10472 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:19:42.0850 10472 Npfs - ok
20:19:42.0882 10472 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:19:42.0882 10472 nsi - ok
20:19:42.0897 10472 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:19:42.0897 10472 nsiproxy - ok
20:19:43.0053 10472 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:19:43.0178 10472 Ntfs - ok
20:19:43.0194 10472 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:19:43.0209 10472 Null - ok
20:19:43.0225 10472 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:19:43.0240 10472 nvraid - ok
20:19:43.0272 10472 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:19:43.0272 10472 nvstor - ok
20:19:43.0303 10472 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:19:43.0303 10472 nv_agp - ok
20:19:43.0381 10472 [ 2A0CEE7B76BAC14D45DB16E465E27D6D ] NWVoltron C:\Windows\system32\DRIVERS\NWVoltron.sys
20:19:43.0381 10472 NWVoltron - ok
20:19:43.0428 10472 [ 29B7F4F503EF7652024C28A3DD0E3586 ] NWWakeFilterV C:\Windows\system32\drivers\NWWakeFilterV.sys
20:19:43.0428 10472 NWWakeFilterV - ok
20:19:43.0771 10472 [ 19CC46ACD6B17CE92336B33A2018765D ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
20:19:43.0818 10472 OfficeSvc - ok
20:19:43.0864 10472 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:19:43.0864 10472 ohci1394 - ok
20:19:44.0067 10472 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:19:44.0067 10472 ose - ok
20:19:44.0348 10472 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:19:44.0457 10472 osppsvc - ok
20:19:44.0473 10472 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:19:44.0488 10472 p2pimsvc - ok
20:19:44.0520 10472 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:19:44.0535 10472 p2psvc - ok
20:19:44.0566 10472 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:19:44.0566 10472 Parport - ok
20:19:44.0613 10472 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:19:44.0613 10472 partmgr - ok
20:19:44.0629 10472 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:19:44.0644 10472 PcaSvc - ok
20:19:44.0707 10472 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:19:44.0707 10472 pci - ok
20:19:44.0738 10472 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:19:44.0738 10472 pciide - ok
20:19:44.0785 10472 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:19:44.0800 10472 pcmcia - ok
20:19:45.0034 10472 [ 4678535614BD147D1ED6F0830EA0E540 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
20:19:45.0050 10472 PCToolsSSDMonitorSvc - ok
20:19:45.0081 10472 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:19:45.0097 10472 pcw - ok
20:19:45.0112 10472 pdfcDispatcher - ok
20:19:45.0190 10472 [ C7801DEF1C78747996A52C1F4C473E6F ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
20:19:45.0190 10472 PdiService - ok
20:19:45.0362 10472 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:19:45.0409 10472 PEAUTH - ok
20:19:45.0830 10472 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:19:45.0830 10472 PerfHost - ok
20:19:45.0955 10472 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:19:46.0173 10472 pla - ok
20:19:46.0282 10472 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:19:46.0298 10472 PlugPlay - ok
20:19:46.0329 10472 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:19:46.0345 10472 PNRPAutoReg - ok
20:19:46.0376 10472 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:19:46.0376 10472 PNRPsvc - ok
20:19:46.0423 10472 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:19:46.0423 10472 PolicyAgent - ok
20:19:46.0454 10472 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:19:46.0470 10472 Power - ok
20:19:46.0485 10472 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:19:46.0485 10472 PptpMiniport - ok
20:19:46.0501 10472 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:19:46.0501 10472 Processor - ok
20:19:46.0548 10472 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:19:46.0548 10472 ProfSvc - ok
20:19:46.0563 10472 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:19:46.0563 10472 ProtectedStorage - ok
20:19:46.0579 10472 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:19:46.0579 10472 Psched - ok
20:19:46.0672 10472 [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
20:19:46.0672 10472 PST Service - ok
20:19:46.0766 10472 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:19:46.0797 10472 ql2300 - ok
20:19:46.0813 10472 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:19:46.0813 10472 ql40xx - ok
20:19:46.0860 10472 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:19:46.0860 10472 QWAVE - ok
20:19:46.0875 10472 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:19:46.0891 10472 QWAVEdrv - ok
20:19:46.0984 10472 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:19:47.0000 10472 RapiMgr - ok
20:19:47.0031 10472 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:19:47.0031 10472 RasAcd - ok
20:19:47.0062 10472 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:19:47.0062 10472 RasAgileVpn - ok
20:19:47.0094 10472 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:19:47.0094 10472 RasAuto - ok
20:19:47.0125 10472 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:19:47.0125 10472 Rasl2tp - ok
20:19:47.0172 10472 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:19:47.0172 10472 RasMan - ok
20:19:47.0187 10472 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:19:47.0203 10472 RasPppoe - ok
20:19:47.0218 10472 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:19:47.0234 10472 RasSstp - ok
20:19:47.0250 10472 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:19:47.0250 10472 rdbss - ok
20:19:47.0265 10472 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:19:47.0265 10472 rdpbus - ok
20:19:47.0281 10472 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:19:47.0281 10472 RDPCDD - ok
20:19:47.0328 10472 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:19:47.0328 10472 RDPENCDD - ok
20:19:47.0343 10472 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:19:47.0343 10472 RDPREFMP - ok
20:19:47.0390 10472 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:19:47.0406 10472 RDPWD - ok
20:19:47.0437 10472 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:19:47.0437 10472 rdyboost - ok
20:19:47.0577 10472 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:19:47.0686 10472 RemoteAccess - ok
20:19:47.0749 10472 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:19:47.0749 10472 RemoteRegistry - ok
20:19:47.0920 10472 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
20:19:47.0936 10472 RoxioNow Service - ok
20:19:47.0967 10472 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:19:47.0983 10472 RpcEptMapper - ok
20:19:48.0045 10472 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:19:48.0217 10472 RpcLocator - ok
20:19:48.0326 10472 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:19:48.0326 10472 RpcSs - ok
20:19:48.0373 10472 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:19:48.0388 10472 rspndr - ok
20:19:48.0466 10472 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:19:48.0482 10472 RTL8167 - ok
20:19:48.0498 10472 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:19:48.0513 10472 SamSs - ok
20:19:48.0576 10472 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:19:48.0576 10472 sbp2port - ok
20:19:48.0607 10472 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:19:48.0622 10472 SCardSvr - ok
20:19:48.0654 10472 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:19:48.0654 10472 scfilter - ok
20:19:48.0716 10472 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:19:48.0716 10472 Schedule - ok
20:19:48.0763 10472 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:19:48.0763 10472 SCPolicySvc - ok
20:19:48.0778 10472 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:19:48.0778 10472 SDRSVC - ok
20:19:48.0856 10472 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
20:19:48.0856 10472 SeagateDashboardService - ok
20:19:48.0950 10472 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:19:48.0950 10472 SeaPort - ok
20:19:48.0997 10472 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:19:48.0997 10472 secdrv - ok
20:19:49.0012 10472 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:19:49.0012 10472 seclogon - ok
20:19:49.0059 10472 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:19:49.0059 10472 SENS - ok
20:19:49.0106 10472 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:19:49.0106 10472 SensrSvc - ok
20:19:49.0278 10472 [ 59BAE636BD55295307296093FADEC771 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
20:19:49.0278 10472 SepMasterService - ok
20:19:49.0340 10472 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:19:49.0340 10472 Serenum - ok
20:19:49.0371 10472 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:19:49.0371 10472 Serial - ok
20:19:49.0418 10472 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:19:49.0418 10472 sermouse - ok
20:19:49.0449 10472 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:19:49.0465 10472 SessionEnv - ok
20:19:49.0496 10472 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:19:49.0496 10472 sffdisk - ok
20:19:49.0527 10472 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:19:49.0574 10472 sffp_mmc - ok
20:19:49.0652 10472 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:19:50.0136 10472 sffp_sd - ok
20:19:50.0167 10472 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:19:50.0370 10472 sfloppy - ok
20:19:50.0416 10472 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:19:50.0448 10472 SharedAccess - ok
20:19:50.0479 10472 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:19:50.0479 10472 ShellHWDetection - ok
20:19:50.0541 10472 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:19:50.0541 10472 SiSRaid2 - ok
20:19:50.0557 10472 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:19:50.0572 10472 SiSRaid4 - ok
20:19:50.0604 10472 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:19:50.0604 10472 Smb - ok
20:19:50.0947 10472 [ 014EC99CC1C892B5B6BA65776592E7B4 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
20:19:51.0118 10472 SmcService - ok
20:19:51.0243 10472 [ 88078B50B806B8E8A4A08E547C0D6492 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe
20:19:51.0259 10472 SNAC - ok
20:19:51.0337 10472 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:19:51.0337 10472 SNMPTRAP - ok
20:19:51.0384 10472 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:19:51.0384 10472 spldr - ok
20:19:51.0430 10472 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:19:51.0462 10472 Spooler - ok
20:19:51.0602 10472 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:19:51.0649 10472 sppsvc - ok
20:19:51.0696 10472 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:19:51.0711 10472 sppuinotify - ok
20:19:51.0867 10472 [ BFF91C4FF4A2FEDDB0B285EAD0AC1B7B ] SRTSP C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSP64.SYS
20:19:51.0914 10472 SRTSP - ok
20:19:52.0023 10472 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSPX64.SYS
20:19:52.0023 10472 SRTSPX - ok
20:19:52.0117 10472 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:19:52.0132 10472 srv - ok
20:19:52.0179 10472 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:19:52.0429 10472 srv2 - ok
20:19:52.0507 10472 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:19:52.0522 10472 srvnet - ok
20:19:52.0554 10472 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:19:52.0554 10472 SSDPSRV - ok
20:19:52.0569 10472 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:19:52.0585 10472 SstpSvc - ok
20:19:52.0678 10472 [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
20:19:52.0678 10472 STacSV - ok
20:19:52.0725 10472 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:19:52.0741 10472 stexstor - ok
20:19:52.0803 10472 [ 5709F6AEECC9C43AD9D550FB1D882209 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:19:52.0803 10472 STHDA - ok
20:19:52.0866 10472 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:19:52.0897 10472 stisvc - ok
20:19:52.0912 10472 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:19:52.0928 10472 swenum - ok
20:19:52.0959 10472 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:19:52.0959 10472 swprv - ok
20:19:53.0037 10472 [ 40E32C65A672CFD24C48A2FE78D239C7 ] SyDvCtrl C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys
20:19:53.0037 10472 SyDvCtrl - ok
20:19:53.0068 10472 [ 688BBE78970E639BC1D66AE733394DCF ] SymDS C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS
20:19:53.0084 10472 SymDS - ok
20:19:53.0131 10472 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS
20:19:53.0146 10472 SymEFA - ok
20:19:53.0209 10472 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:19:53.0209 10472 SymEvent - ok
20:19:53.0240 10472 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS
20:19:53.0240 10472 SymIRON - ok
20:19:53.0287 10472 [ 1605EBD8CB86AFC4430116065995279A ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS
20:19:53.0302 10472 SYMNETS - ok
20:19:53.0349 10472 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:19:53.0380 10472 SysMain - ok
20:19:53.0427 10472 [ 34ABD119A14E85322EAA69DBE159F5FA ] SysPlant C:\Windows\system32\Drivers\SysPlant.sys
20:19:53.0427 10472 SysPlant - ok
20:19:53.0458 10472 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:19:53.0458 10472 TabletInputService - ok
20:19:53.0490 10472 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:19:53.0505 10472 TapiSrv - ok
20:19:53.0568 10472 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:19:53.0880 10472 TBS - ok
20:19:53.0989 10472 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:19:54.0051 10472 Tcpip - ok
20:19:54.0098 10472 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:19:54.0098 10472 TCPIP6 - ok
20:19:54.0192 10472 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:19:54.0192 10472 tcpipreg - ok
20:19:54.0238 10472 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:19:54.0254 10472 TDPIPE - ok
20:19:54.0301 10472 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:19:54.0301 10472 TDTCP - ok
20:19:54.0348 10472 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:19:54.0348 10472 tdx - ok
20:19:54.0410 10472 [ 3978C680024C11071363933FC4CD4D54 ] Teefer2 C:\Windows\system32\DRIVERS\Teefer.sys
20:19:54.0426 10472 Teefer2 - ok
20:19:54.0457 10472 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:19:54.0457 10472 TermDD - ok
20:19:54.0691 10472 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:19:54.0784 10472 TermService - ok
20:19:54.0800 10472 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:19:54.0800 10472 Themes - ok
20:19:54.0831 10472 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:19:54.0831 10472 THREADORDER - ok
20:19:54.0862 10472 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:19:54.0878 10472 TrkWks - ok
20:19:54.0940 10472 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:19:54.0940 10472 TrustedInstaller - ok
20:19:54.0972 10472 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:19:54.0972 10472 tssecsrv - ok
20:19:55.0003 10472 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:19:55.0003 10472 TsUsbFlt - ok
20:19:55.0065 10472 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:19:55.0081 10472 TsUsbGD - ok
20:19:55.0112 10472 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:19:55.0128 10472 tunnel - ok
20:19:55.0190 10472 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:19:55.0190 10472 uagp35 - ok
20:19:55.0221 10472 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:19:55.0252 10472 udfs - ok
20:19:55.0284 10472 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:19:55.0284 10472 UI0Detect - ok
20:19:55.0299 10472 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:19:55.0299 10472 uliagpkx - ok
20:19:55.0362 10472 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:19:55.0362 10472 umbus - ok
20:19:55.0377 10472 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:19:55.0377 10472 UmPass - ok
20:19:55.0455 10472 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:19:55.0455 10472 upnphost - ok
20:19:55.0518 10472 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:19:56.0001 10472 USBAAPL64 - ok
20:19:56.0064 10472 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:19:56.0079 10472 usbaudio - ok
20:19:56.0157 10472 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:19:56.0173 10472 usbccgp - ok
20:19:56.0220 10472 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:19:56.0235 10472 usbcir - ok
20:19:56.0298 10472 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:19:56.0298 10472 usbehci - ok
20:19:56.0344 10472 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
20:19:56.0344 10472 usbfilter - ok
20:19:56.0391 10472 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:19:56.0391 10472 usbhub - ok
20:19:56.0469 10472 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:19:56.0469 10472 usbohci - ok
20:19:56.0547 10472 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:19:56.0563 10472 usbprint - ok
20:19:56.0625 10472 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:19:56.0625 10472 usbscan - ok
20:19:56.0719 10472 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:19:56.0719 10472 USBSTOR - ok
20:19:56.0766 10472 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:19:56.0766 10472 usbuhci - ok
20:19:56.0844 10472 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:19:56.0922 10472 usbvideo - ok
20:19:57.0062 10472 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:19:57.0062 10472 UxSms - ok
20:19:57.0078 10472 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:19:57.0078 10472 VaultSvc - ok
20:19:57.0124 10472 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:19:57.0124 10472 vdrvroot - ok
20:19:57.0156 10472 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:19:57.0171 10472 vds - ok
20:19:57.0171 10472 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:19:57.0187 10472 vga - ok
20:19:57.0202 10472 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:19:57.0202 10472 VgaSave - ok
20:19:57.0234 10472 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:19:57.0234 10472 vhdmp - ok
20:19:57.0265 10472 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:19:57.0265 10472 viaide - ok
20:19:57.0312 10472 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:19:57.0327 10472 volmgr - ok
20:19:57.0374 10472 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:19:57.0390 10472 volmgrx - ok
20:19:57.0405 10472 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:19:57.0421 10472 volsnap - ok
20:19:57.0468 10472 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:19:57.0483 10472 vsmraid - ok
20:19:57.0608 10472 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:19:57.0686 10472 VSS - ok
20:19:57.0733 10472 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:19:57.0733 10472 vwifibus - ok
20:19:57.0811 10472 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:19:57.0811 10472 vwififlt - ok
20:19:57.0873 10472 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:19:57.0889 10472 vwifimp - ok
20:19:57.0920 10472 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:19:57.0936 10472 W32Time - ok
20:19:57.0967 10472 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:19:57.0967 10472 WacomPen - ok
20:19:58.0014 10472 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:19:58.0029 10472 WANARP - ok
20:19:58.0045 10472 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:19:58.0045 10472 Wanarpv6 - ok
20:19:58.0154 10472 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:19:58.0185 10472 WatAdminSvc - ok
20:19:58.0294 10472 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:19:58.0466 10472 wbengine - ok
20:19:58.0528 10472 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:19:58.0528 10472 WbioSrvc - ok
20:19:58.0622 10472 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:19:58.0638 10472 WcesComm - ok
20:19:58.0669 10472 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:19:58.0684 10472 wcncsvc - ok
20:19:58.0700 10472 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:19:58.0700 10472 WcsPlugInService - ok
20:19:58.0762 10472 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:19:58.0809 10472 Wd - ok
20:19:58.0872 10472 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:19:58.0887 10472 Wdf01000 - ok
20:19:58.0903 10472 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:19:58.0918 10472 WdiServiceHost - ok
20:19:58.0918 10472 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:19:58.0918 10472 WdiSystemHost - ok
20:19:58.0950 10472 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:19:58.0965 10472 WebClient - ok
20:19:59.0558 10472 [ 6F02EC5D4F00671879F1672C107219C0 ] WebUpdate4 C:\Windows\SysWOW64\WebUpdateSvc4.exe
20:19:59.0574 10472 WebUpdate4 - ok
20:19:59.0636 10472 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:19:59.0636 10472 Wecsvc - ok
20:19:59.0698 10472 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:19:59.0698 10472 wercplsupport - ok
20:19:59.0808 10472 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:19:59.0808 10472 WerSvc - ok
20:19:59.0901 10472 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:19:59.0917 10472 WfpLwf - ok
20:19:59.0948 10472 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:19:59.0948 10472 WIMMount - ok
20:19:59.0995 10472 WinDefend - ok
20:20:00.0010 10472 WinHttpAutoProxySvc - ok
20:20:00.0120 10472 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:20:00.0120 10472 Winmgmt - ok
20:20:00.0260 10472 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:20:00.0322 10472 WinRM - ok
20:20:00.0385 10472 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:20:00.0385 10472 WinUsb - ok
20:20:00.0463 10472 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:20:00.0494 10472 Wlansvc - ok
20:20:00.0603 10472 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:20:00.0603 10472 wlcrasvc - ok
20:20:00.0837 10472 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:20:00.0868 10472 wlidsvc - ok
20:20:00.0915 10472 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:20:00.0915 10472 WmiAcpi - ok
20:20:00.0962 10472 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:20:00.0962 10472 wmiApSrv - ok
20:20:01.0024 10472 WMPNetworkSvc - ok
20:20:01.0040 10472 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:20:01.0040 10472 WPCSvc - ok
20:20:01.0056 10472 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:20:01.0056 10472 WPDBusEnum - ok
20:20:01.0087 10472 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:20:01.0087 10472 ws2ifsl - ok
20:20:01.0118 10472 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:20:01.0118 10472 wscsvc - ok
20:20:01.0165 10472 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:20:01.0180 10472 WSDPrintDevice - ok
20:20:01.0243 10472 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
20:20:01.0243 10472 WSDScan - ok
20:20:01.0258 10472 WSearch - ok
20:20:01.0555 10472 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:20:01.0602 10472 wuauserv - ok
20:20:01.0680 10472 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:20:01.0680 10472 WudfPf - ok
20:20:01.0726 10472 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:01.0742 10472 WUDFRd - ok
20:20:01.0820 10472 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:20:01.0836 10472 wudfsvc - ok
20:20:02.0117 10472 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:20:02.0132 10472 WwanSvc - ok
20:20:02.0163 10472 ================ Scan global ===============================
20:20:02.0226 10472 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:20:02.0288 10472 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:20:02.0335 10472 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:20:02.0397 10472 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:20:02.0460 10472 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:20:02.0475 10472 [Global] - ok
20:20:02.0475 10472 ================ Scan MBR ==================================
20:20:02.0491 10472 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:20:04.0082 10472 \Device\Harddisk0\DR0 - ok
20:20:04.0098 10472 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
20:20:04.0098 10472 \Device\Harddisk2\DR2 - ok
20:20:04.0098 10472 ================ Scan VBR ==================================
20:20:04.0113 10472 [ D82B060F2FF824DCBB87D07B74BEB468 ] \Device\Harddisk0\DR0\Partition1
20:20:04.0191 10472 \Device\Harddisk0\DR0\Partition1 - ok
20:20:04.0207 10472 [ C76E89BBF1840CCD433D47A814B46CCB ] \Device\Harddisk0\DR0\Partition2
20:20:04.0223 10472 \Device\Harddisk0\DR0\Partition2 - ok
20:20:04.0269 10472 [ 0A1ADD976C398CF7299053915B175D1D ] \Device\Harddisk0\DR0\Partition3
20:20:04.0285 10472 \Device\Harddisk0\DR0\Partition3 - ok
20:20:04.0301 10472 [ 03EE0DC59715B7D5BF541CCE672EF38F ] \Device\Harddisk2\DR2\Partition1
20:20:04.0301 10472 \Device\Harddisk2\DR2\Partition1 - ok
20:20:04.0301 10472 ============================================================
20:20:04.0301 10472 Scan finished
20:20:04.0301 10472 ============================================================
20:20:04.0332 10752 Detected object count: 0
20:20:04.0332 10752 Actual detected object count: 0

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 35,619 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 PM

Posted 07 June 2013 - 07:26 PM

We need to employ more advanced tools to make sure your computer is clean.

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#15 homerdog_99

homerdog_99
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 07 June 2013 - 08:04 PM

Done and new topic started. Haven't had any redirects so far today:)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users