Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

lsass.exe memory usage higher than normal


  • Please log in to reply
5 replies to this topic

#1 jonkjon

jonkjon

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 23 May 2012 - 08:54 AM

I am running a Win 7 Home Premium PC with the following hardware configuration:

CPU: AMD Phenom II X3 720
RAM: 4 GB
SATA HD: 500GB/ 191GB Free
GPU: GeForce 460XT
AV: Norton Internet Security 2012 & SpyWare Blaster 4.6


I have noticed recently that the lass.exe process continues to "chew" away at my memory over the course of several days. It starts out at around 4,000K and will climb to around 100,000K. I do not believe my PC is running as well as it could either and I am suspicious of this activity.
In an effort to try and fix this, I have done the following:

Full Scan with Malwarebytes: No Threats found
Ran the sasser removal tool from Symantec: The sasser worm was not found on your system
Stoppped a variety of services (too numerous to remember which ones) and watched process explorer to see if the memory would recover.

Thanks for any help or any info you could provide on this.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 PM

Posted 24 May 2012 - 03:37 PM

Hello,lets first check for other malware.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jonkjon

jonkjon
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 24 May 2012 - 09:06 PM

Thanks for helping with this. The eset online scanner didn't find any threats. I didn't see any way to generate a report for it. I guess since there were no threats, there's nothing to list. Anyway, here are the other files you requested:

Result.txt******************************************************************

MiniToolBox by Farbar Version: 18-01-2012
Ran by Jon (administrator) on 24-05-2012 at 20:49:54
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Generic Marvell Yukon 88E8056 based Ethernet Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.1.1 publish=Yes
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="ethernet_7" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="ethernet_7" address=0.0.0.0 mask=0.0.0.0
add address name="Local Area Connection" address=192.168.1.99 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Vista-AMD
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Generic Marvell Yukon 88E8056 based Ethernet Controller
Physical Address. . . . . . . . . : 00-E0-61-10-CB-5D
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2d12:1687:295c:f4a6%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.99(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251715681
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-41-AC-6E-00-E0-61-10-CB-5D
DNS Servers . . . . . . . . . . . : 192.168.1.1
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:cd:d7a:3f57:fe9c(Preferred)
Link-local IPv6 Address . . . . . : fe80::cd:d7a:3f57:fe9c%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{3A78B203-AE8F-46B4-986D-3C3508EFBFF9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: DD-WRT
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.9
74.125.228.7
74.125.228.6
74.125.228.1
74.125.228.4
74.125.228.3
74.125.228.2
74.125.228.0
74.125.228.5
74.125.228.8
74.125.228.14


Pinging google.com [74.125.228.14] with 32 bytes of data:
Reply from 74.125.228.14: bytes=32 time=19ms TTL=54
Reply from 74.125.228.14: bytes=32 time=14ms TTL=54

Ping statistics for 74.125.228.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 19ms, Average = 16ms
Server: DD-WRT
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=101ms TTL=49
Reply from 209.191.122.70: bytes=32 time=100ms TTL=49

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 100ms, Maximum = 101ms, Average = 100ms
Server: DD-WRT
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
9...00 e0 61 10 cb 5d ......Generic Marvell Yukon 88E8056 based Ethernet Controller
1...........................Software Loopback Interface 1
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.99 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.99 276
192.168.1.99 255.255.255.255 On-link 192.168.1.99 276
192.168.1.255 255.255.255.255 On-link 192.168.1.99 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.99 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.99 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:4137:9e76:cd:d7a:3f57:fe9c/128
On-link
9 276 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::cd:d7a:3f57:fe9c/128
On-link
9 276 fe80::2d12:1687:295c:f4a6/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
9 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/24/2012 08:13:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 07:38:13 PM) (Source: Application Hang) (User: )
Description: The program X-Plane.exe version 10.0.5.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1188

Start Time: 01cd3a020cab4160

Termination Time: 202

Application Path: C:\Users\Jon\Desktop\X-Plane 10\X-Plane.exe

Report Id: 75c47aa1-a5f9-11e1-ba67-00e06110cb5d

Error: (05/24/2012 07:02:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 06:13:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 05:13:06 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 04:13:53 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 03:11:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 02:01:40 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 01:10:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/24/2012 00:14:03 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (05/24/2012 01:06:13 AM) (Source: Service Control Manager) (User: )
Description: The Dyn Updater service failed to start due to the following error:
%%2

Error: (05/23/2012 10:44:16 PM) (Source: DCOM) (User: )
Description: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

Error: (05/23/2012 10:43:45 PM) (Source: Service Control Manager) (User: )
Description: The Remote Desktop Services service terminated with the following error:
%%193

Error: (05/23/2012 10:43:29 PM) (Source: Service Control Manager) (User: )
Description: The Dyn Updater service failed to start due to the following error:
%%2

Error: (05/23/2012 10:43:20 PM) (Source: Service Control Manager) (User: )
Description: The ShowAnalyzerMaster service failed to start due to the following error:
%%2

Error: (05/23/2012 10:43:19 PM) (Source: Service Control Manager) (User: )
Description: The PlayIt Video Server Manager service failed to start due to the following error:
%%2

Error: (05/23/2012 10:43:19 PM) (Source: Service Control Manager) (User: )
Description: The NPVR Recording Service service failed to start due to the following error:
%%2

Error: (05/23/2012 10:43:17 PM) (Source: Service Control Manager) (User: )
Description: The SQL Server Active Directory Helper service terminated with service-specific error %%-1073741724.

Error: (05/23/2012 10:33:50 PM) (Source: DCOM) (User: )
Description: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

Error: (05/23/2012 10:33:19 PM) (Source: Service Control Manager) (User: )
Description: The Remote Desktop Services service terminated with the following error:
%%193


Microsoft Office Sessions:
=========================
Error: (05/24/2012 08:13:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 07:38:13 PM) (Source: Application Hang)(User: )
Description: X-Plane.exe10.0.5.1118801cd3a020cab4160202C:\Users\Jon\Desktop\X-Plane 10\X-Plane.exe75c47aa1-a5f9-11e1-ba67-00e06110cb5d

Error: (05/24/2012 07:02:26 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 06:13:36 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 05:13:06 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 04:13:53 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 03:11:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 02:01:40 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 01:10:41 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/24/2012 00:14:03 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

1-Wire Drivers Version 4.03 (Version: 4.0.3)
7-Zip 4.65
AC3Filter 1.63b (Version: 1.63b)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 2.6.0.19140)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0.1)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Community Help (Version: 3.5.23)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Media Player (Version: 1.8)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Photoshop.com Inspiration Browser (Version: 3.09)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Premiere Elements 10 Content (Version: 10.0)
Adobe Premiere Elements 10 Content 1 (Version: 10.0)
Adobe Premiere Elements 10 Content 2 (Version: 10.0)
Adobe Premiere Elements 10 Content 3 (Version: 10.0)
Adobe Premiere Elements 10 HD Content 1 (Version: 10.0)
Adobe Premiere Elements 10 HD Content 2 (Version: 10.0)
Adobe Premiere Elements 10 HD Content 3 (Version: 10.0)
Adobe Premiere Elements 7.0 (Version: 7.0)
Adobe Premiere Elements 7.0 (Version: 7.0.0.3)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Akamai NetSession Interface
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AusLogics Disk Defrag (Version: version 1.5)
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Axialis IconWorkshop 6.0
Beyond TV DVD Burning Foundation (Version: 1.0.4)
Big Fish Games: Game Manager (Version: 1.5.0.3)
Black & WhiteŽ 2 (Version: 1.00.0000)
BlackBerry Desktop Software 6.0.1 (Version: 6.0.1.18)
BlackBerry Device Software Updater (Version: 5.0.1.69)
BlackBerry Device Software v5.0.0 for the BlackBerry 9550 smartphone (Version: 5.0.0.1015 (Platform 4.2.0.442))
BlackBerry Device Software v5.0.0 for the BlackBerry 9550 smartphone (Version: 5.0.0.607 (Platform 4.2.0.275))
BlackBerry JDE 4.7.0 (Version: 4.7.0)
BlackBerry JDE 5.0.0 (Version: 5.0.0)
BlackBerry JDE Component Package 4.7.0 (Version: 4.7.0)
BlackBerry Smartphone Simulators 4.7.0.75 (9530-Verizon) (Version: 4.7.0.75)
BlackBerry Smartphone Simulators 5.0.0.517 (9550) (Version: 5.0.0.517)
BlackBerry Theme Studio 5.0 (Version: 5.0.0.0)
Bonjour (Version: 3.0.0.10)
Call of Juarez : Bound in Blood
Canon RAW Codec (Version: 1.5.0.47)
CCleaner (Version: 3.17)
Cities XL 2011
Civilization 4 Complete Bundle (Version: 1.0)
CodeBlocks (Version: 10.05)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Core Temp 1.0 RC2 (Version: 1.0)
CPUID CPU-Z 1.54
D3DX10 (Version: 15.4.2368.0902)
Debugging Tools for Windows (x86) (Version: 6.11.1.404)
DeepSkyStacker (Version: 3.2.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Demigod
Documents To Go Desktop for BlackBerry (Version: 2.0000.024)
Dungeon Defenders
Dyn Updater (Version: 4.1.10)
Elements 10 Organizer (Version: 10.0)
erLT (Version: 1.20.0137)
ESET Online Scanner v3
eWallet 7.0 (Version: 7.0)
Feedback Tool (Version: 1.1.0)
Fences
Fences (Free)
Fences (Version: 0.95)
Fences Pro
Flight Simulator X Service Pack 1
Galactic Civilizations II
GameSpy Arcade
Garmin WebUpdater (Version: 2.4.2)
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892) (Version: 9.3.4053)
GDR 4060 for SQL Server Database Services 2005 ENU (KB2494113) (Version: 9.3.4035.00)
Google Chrome (Version: 20.0.1132.11)
Google Update Helper (Version: 1.3.21.111)
GraphWeather Version 2.0.312b
HandBrake 0.9.5 (Version: 0.9.5)
Haunted House
High-Logic FontCreator 6.0
HiJackThis (Version: 1.0.0)
HP USB Disk Storage Format Tool
Hulu Desktop (Version: 0.9.14)
HuluDesktopIntegration (Version: 1.0.0.0)
iCloud (Version: 1.1.0.40)
IcoFX 1.6.4
IconPackager 4
ImagXpress (Version: 7.0.74.0)
Impulse
Impulse (Version: 1.0)
InfraRecorder
Inkscape 0.48.2 (Version: 0.48.2)
Internet TV for Windows Media Center (Version: 4.2.2.0)
IPView Pro 2.0 (Version: 1.0.1117)
ISO Recorder (Version: 3.0.0)
IsoBuster 2.6 (Version: 2.6)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
LightScribe 1.4.124.1 (Version: 1.4.124.1)
Logitech Harmony Remote Software (Version: 1.0.110307)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech SetPoint 5.20 (Version: 5.20)
LogTemp 2.24.0.92 (Version: 2.24.0.92)
MagicTune Premium (Version: 4.0.10)
Media Browser (Version: 2.5.3.0)
Media Center 15 (Version: 15)
Media Center 16 (Version: 16)
Media Center 17 (Version: 17)
MediaInfo 0.7.42 (Version: 0.7.42)
Memeo AutoSync
Memeo Send
Memeo Share (Version: 3.1.0.3265)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Expression Encoder 4 (Version: 4.0.3205.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.3205.0)
Microsoft F# Runtime for Silverlight 4 (Version: 2.0.0.0)
Microsoft Flight (Version: 1.0.0000.129)
Microsoft Flight (Version: 1.0.0002.129)
Microsoft Flight (Version: 1.0.0003.129)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Flight Simulator X: Acceleration (Version: 10.0.61637.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (Version: 14.0.5117.5000)
Microsoft Rise Of Nations
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft Silverlight 4 Toolkit April 2010 (Version: 4.0.40413.2020)
Microsoft Silverlight Tools for Visual Studio 2010 (Version: 10.0.30319.400)
Microsoft SQL Server 2005
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.51.2500.0)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.51.2500.0)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.40219)
Microsoft Visual C# 2008 Express Edition with SP1 - ENU
Microsoft Visual C# 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31124)
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Platform Installer 3.0 (Version: 3.0.5)
Microsoft Web Publishing Wizard 1.53
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.0.0)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML4 Parser (Version: 1.0.0)
MyColors Think Green Desktop
neroxml (Version: 1.0.0)
Netflix in Windows Media Center (Version: 3.3.101.0)
Norton Internet Security (Version: 19.7.1.5)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Drivers (Version: 1.10)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA Media Center Extensions (Version: 1.00.0000)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA System Monitor (Version: 6.5)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
NX Client for Windows 3.4.0-7 (Version: 3.4.0-7)
ObjectDock Plus
OCCT Perestroika 3.1.0
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
PDF Settings (Version: 1.0)
PDF Settings CS5 (Version: 10.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Plazmic CDK 4.7 for BlackBerry (Version: 4.7.0.20090227)
Plazmic Content Developer's Kit 4.7 Update Patch (Version: 1.0.0.20090806)
Plex Media Server (Version: 0.9.503)
Pocket Informant for BlackBerry (Version: 2.00)
PRE10STIInstaller (Version: 1.0)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver
RegiStax 6
RegiStax 6.1.0.8 update
Remote Control USB Driver (Version: 2.3.2.317)
Resource Tuner 1.99 R4 (Version: 1.99.4)
Rise of Nations Thrones and Patriots
Risk II
Safari (Version: 5.34.57.2)
Samsung_MonSetup (Version: 1.00.0000)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (Version: 10.51.2500.0)
SetupWizard (Version: 1.0.0624)
Sid Meier's Civilization V
Sid Meier's Railroads!
SimCity 4 Deluxe
SkinStudio 6 Professional
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 Plugin (Version: 5.70.0001)
SmartSound Quicktracks for Premiere Elements (Version: 3.11.3090)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
SpywareBlaster 4.6 (Version: 4.6.0)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Starry Night Pro Plus 6 (Version: 6.0.0.0)
Steam (Version: 1.0.0.0)
Symantec Technical Support Web Controls (Version: 3.5.3)
System Requirements Lab
System Requirements Lab (Version: 4.1.71.0)
TEDFootprints (Version: 1.3.5)
TedPwrMonUtility (Version: 1.0.0.4)
The Elder Scrolls V: Skyrim
Tweak7
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
User's Guides (Version: 1.20.0000)
Visual C++ 8.0 ATL (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual Studio 2005 Redist Package (Version: 1.0.0)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
WD Discovery Software (Version: 1.80)
WD Firewire HID Driver (Version: 1.04.0001)
Weather Display 10.37R Build 23
Weather Display Live
Web Deployment Tool (Version: 1.1.0618)
WinDirStat 1.1.2
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Resource Kit Tools (Version: 5.2.3790)
WinPatrol (Version: 20.5.2011.0)
WinPatrol (Version: 24.5.2012)
WinRAR 4.00 (32-bit) (Version: 4.00.0)
WinSCP 4.3.6 (Version: 4.3.6)
Winstep Xtreme 8.9
WXTide32
Xvid 1.2.2 final uninstall (Version: 1.2)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3327.18 MB
Available physical RAM: 2375.65 MB
Total Pagefile: 6654.36 MB
Available Pagefile: 5326.83 MB
Total Virtual: 3071.88 MB
Available Virtual: 2956.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:185.14 GB) NTFS
2 Drive d: (XPLANE10) (CDROM) (Total:6.01 GB) (Free:0 GB) CDFS
3 Drive e: (Big Momma) (Fixed) (Total:232.88 GB) (Free:36.91 GB) NTFS
4 Drive y: () (Network) (Total:465.76 GB) (Free:205.86 GB) NTFS
5 Drive z: () (Network) (Total:465.76 GB) (Free:205.86 GB) NTFS

========================= Users: ========================================

User accounts for \\VISTA-AMD

Administrator Guest Jon
Mcx1-VISTA-AMD UpdatusUser VUSR_VISTA-AMD


**** End of log ****


TDSSKiller Log******************************************************************

20:53:27.0236 1728 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
20:53:28.0156 1728 ============================================================
20:53:28.0156 1728 Current date / time: 2012/05/24 20:53:28.0156
20:53:28.0156 1728 SystemInfo:
20:53:28.0156 1728
20:53:28.0156 1728 OS Version: 6.1.7601 ServicePack: 1.0
20:53:28.0156 1728 Product type: Workstation
20:53:28.0156 1728 ComputerName: VISTA-AMD
20:53:28.0156 1728 UserName: Jon
20:53:28.0156 1728 Windows directory: C:\Windows
20:53:28.0156 1728 System windows directory: C:\Windows
20:53:28.0156 1728 Processor architecture: Intel x86
20:53:28.0156 1728 Number of processors: 3
20:53:28.0156 1728 Page size: 0x1000
20:53:28.0156 1728 Boot type: Normal boot
20:53:28.0156 1728 ============================================================
20:53:29.0888 1728 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:53:32.0914 1728 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:53:32.0945 1728 ============================================================
20:53:32.0945 1728 \Device\Harddisk1\DR1:
20:53:32.0961 1728 MBR partitions:
20:53:32.0961 1728 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
20:53:32.0961 1728 \Device\Harddisk0\DR0:
20:53:32.0976 1728 MBR partitions:
20:53:32.0976 1728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
20:53:32.0976 1728 ============================================================
20:53:33.0008 1728 C: <-> \Device\Harddisk1\DR1\Partition0
20:53:33.0054 1728 E: <-> \Device\Harddisk0\DR0\Partition0
20:53:33.0054 1728 ============================================================
20:53:33.0054 1728 Initialize success
20:53:33.0054 1728 ============================================================
20:53:49.0793 2228 ============================================================
20:53:49.0793 2228 Scan started
20:53:49.0793 2228 Mode: Manual; TDLFS;
20:53:49.0793 2228 ============================================================
20:53:50.0792 2228 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
20:53:50.0807 2228 1394ohci - ok
20:53:50.0823 2228 aa3iewil - ok
20:53:50.0885 2228 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
20:53:50.0885 2228 ACPI - ok
20:53:50.0932 2228 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
20:53:50.0948 2228 AcpiPmi - ok
20:53:51.0119 2228 AdobeActiveFileMonitor10.0 (047bd1eb681453a7fe492a71802ac9f3) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
20:53:51.0150 2228 AdobeActiveFileMonitor10.0 - ok
20:53:51.0275 2228 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:53:51.0291 2228 AdobeARMservice - ok
20:53:51.0384 2228 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:53:51.0416 2228 AdobeFlashPlayerUpdateSvc - ok
20:53:51.0494 2228 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:53:51.0494 2228 adp94xx - ok
20:53:51.0525 2228 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:53:51.0540 2228 adpahci - ok
20:53:51.0572 2228 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:53:51.0587 2228 adpu320 - ok
20:53:51.0634 2228 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:53:51.0634 2228 AeLookupSvc - ok
20:53:51.0712 2228 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
20:53:51.0712 2228 AFD - ok
20:53:51.0759 2228 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
20:53:51.0759 2228 agp440 - ok
20:53:51.0790 2228 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:53:51.0790 2228 aic78xx - ok
20:53:51.0821 2228 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:53:51.0821 2228 ALG - ok
20:53:51.0837 2228 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
20:53:51.0852 2228 aliide - ok
20:53:51.0977 2228 ALSysIO - ok
20:53:52.0024 2228 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
20:53:52.0024 2228 amdagp - ok
20:53:52.0040 2228 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
20:53:52.0040 2228 amdide - ok
20:53:52.0055 2228 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:53:52.0071 2228 AmdK8 - ok
20:53:52.0086 2228 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:53:52.0086 2228 AmdPPM - ok
20:53:52.0149 2228 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
20:53:52.0149 2228 amdsata - ok
20:53:52.0164 2228 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:53:52.0180 2228 amdsbs - ok
20:53:52.0196 2228 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
20:53:52.0196 2228 amdxata - ok
20:53:52.0211 2228 APLMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\APLMp50.sys
20:53:52.0211 2228 APLMp50 - ok
20:53:52.0289 2228 AppHostSvc (d1af38fbac0dc7e6d796b0ed01707ee0) C:\Windows\system32\inetsrv\apphostsvc.dll
20:53:52.0289 2228 AppHostSvc - ok
20:53:52.0352 2228 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
20:53:52.0352 2228 AppID - ok
20:53:52.0414 2228 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:53:52.0414 2228 AppIDSvc - ok
20:53:52.0430 2228 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
20:53:52.0430 2228 Appinfo - ok
20:53:52.0617 2228 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:53:52.0617 2228 Apple Mobile Device - ok
20:53:52.0648 2228 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:53:52.0664 2228 arc - ok
20:53:52.0679 2228 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:53:52.0679 2228 arcsas - ok
20:53:52.0788 2228 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:53:52.0835 2228 aspnet_state - ok
20:53:52.0866 2228 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:53:52.0866 2228 AsyncMac - ok
20:53:52.0898 2228 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
20:53:52.0898 2228 atapi - ok
20:53:52.0960 2228 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
20:53:52.0976 2228 atksgt - ok
20:53:53.0038 2228 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:53:53.0038 2228 AudioEndpointBuilder - ok
20:53:53.0054 2228 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:53:53.0054 2228 Audiosrv - ok
20:53:53.0116 2228 AVerFx2hbtv (f0a4e98f9af1a886eabf7f027069808b) C:\Windows\system32\drivers\AVerFx2hbtv.sys
20:53:53.0147 2228 AVerFx2hbtv - ok
20:53:53.0194 2228 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
20:53:53.0210 2228 AxInstSV - ok
20:53:53.0288 2228 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:53:53.0319 2228 b06bdrv - ok
20:53:53.0366 2228 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:53:53.0381 2228 b57nd60x - ok
20:53:53.0428 2228 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:53:53.0444 2228 BDESVC - ok
20:53:53.0459 2228 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:53:53.0459 2228 Beep - ok
20:53:53.0537 2228 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
20:53:53.0537 2228 BFE - ok
20:53:53.0834 2228 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20120517.001\BHDrvx86.sys
20:53:53.0865 2228 BHDrvx86 - ok
20:53:54.0036 2228 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
20:53:54.0068 2228 BITS - ok
20:53:54.0146 2228 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:53:54.0146 2228 blbdrive - ok
20:53:54.0286 2228 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:53:54.0286 2228 Bonjour Service - ok
20:53:54.0333 2228 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
20:53:54.0333 2228 bowser - ok
20:53:54.0348 2228 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:53:54.0348 2228 BrFiltLo - ok
20:53:54.0364 2228 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:53:54.0380 2228 BrFiltUp - ok
20:53:54.0426 2228 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
20:53:54.0426 2228 BridgeMP - ok
20:53:54.0489 2228 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
20:53:54.0489 2228 Browser - ok
20:53:54.0504 2228 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:53:54.0520 2228 Brserid - ok
20:53:54.0520 2228 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:53:54.0551 2228 BrSerWdm - ok
20:53:54.0567 2228 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:53:54.0567 2228 BrUsbMdm - ok
20:53:54.0582 2228 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:53:54.0582 2228 BrUsbSer - ok
20:53:54.0598 2228 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:53:54.0598 2228 BTHMODEM - ok
20:53:54.0645 2228 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:53:54.0645 2228 bthserv - ok
20:53:54.0738 2228 catchme - ok
20:53:54.0848 2228 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\NIS\1307010.005\ccSetx86.sys
20:53:54.0848 2228 ccSet_NIS - ok
20:53:54.0863 2228 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:53:54.0863 2228 cdfs - ok
20:53:54.0910 2228 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
20:53:54.0926 2228 cdrom - ok
20:53:54.0988 2228 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:53:55.0004 2228 CertPropSvc - ok
20:53:55.0004 2228 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:53:55.0004 2228 circlass - ok
20:53:55.0035 2228 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:53:55.0050 2228 CLFS - ok
20:53:55.0144 2228 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:53:55.0144 2228 clr_optimization_v2.0.50727_32 - ok
20:53:55.0222 2228 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:53:55.0347 2228 clr_optimization_v4.0.30319_32 - ok
20:53:55.0362 2228 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:53:55.0362 2228 CmBatt - ok
20:53:55.0409 2228 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
20:53:55.0409 2228 cmdide - ok
20:53:55.0472 2228 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
20:53:55.0503 2228 CNG - ok
20:53:55.0518 2228 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:53:55.0518 2228 Compbatt - ok
20:53:55.0550 2228 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
20:53:55.0550 2228 CompositeBus - ok
20:53:55.0565 2228 COMSysApp - ok
20:53:55.0612 2228 cpuz133 (13a0d3f9d5f39adaca0a8d3bb327eb31) C:\Windows\system32\drivers\cpuz133_x32.sys
20:53:55.0612 2228 cpuz133 - ok
20:53:55.0612 2228 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:53:55.0628 2228 crcdisk - ok
20:53:55.0674 2228 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
20:53:55.0674 2228 CryptSvc - ok
20:53:55.0737 2228 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:53:55.0737 2228 DcomLaunch - ok
20:53:55.0784 2228 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:53:55.0815 2228 defragsvc - ok
20:53:55.0846 2228 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
20:53:55.0846 2228 DfsC - ok
20:53:55.0877 2228 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
20:53:55.0877 2228 Dhcp - ok
20:53:55.0893 2228 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:53:55.0893 2228 discache - ok
20:53:55.0908 2228 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:53:55.0908 2228 Disk - ok
20:53:55.0955 2228 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
20:53:55.0955 2228 Dnscache - ok
20:53:56.0002 2228 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
20:53:56.0033 2228 dot3svc - ok
20:53:56.0080 2228 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
20:53:56.0080 2228 DPS - ok
20:53:56.0111 2228 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:53:56.0111 2228 drmkaud - ok
20:53:56.0205 2228 DropFolders (4635935fc972c582632bf45c26bfcb0e) C:\Program Files\Windows Resource Kits\Tools\SRVANY.exe
20:53:56.0220 2228 DropFolders - ok
20:53:56.0283 2228 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
20:53:56.0330 2228 DXGKrnl - ok
20:53:56.0408 2228 Dyn Updater (c3cdc19b715514200f5cec8be5b9c9a8) C:\Program Files\DynDNS Updater\DynUpSvc.exe
20:53:56.0408 2228 Dyn Updater - ok
20:53:56.0470 2228 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:53:56.0470 2228 EapHost - ok
20:53:56.0595 2228 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:53:56.0642 2228 ebdrv - ok
20:53:56.0735 2228 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:53:56.0751 2228 eeCtrl - ok
20:53:56.0891 2228 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
20:53:56.0891 2228 EFS - ok
20:53:56.0969 2228 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:53:57.0000 2228 elxstor - ok
20:53:57.0032 2228 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\Windows\system32\DRIVERS\ENTECH.sys
20:53:57.0047 2228 ENTECH - ok
20:53:57.0125 2228 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:53:57.0141 2228 EraserUtilRebootDrv - ok
20:53:57.0172 2228 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
20:53:57.0188 2228 ErrDev - ok
20:53:57.0250 2228 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:53:57.0266 2228 EventSystem - ok
20:53:57.0281 2228 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:53:57.0297 2228 exfat - ok
20:53:57.0312 2228 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:53:57.0328 2228 fastfat - ok
20:53:57.0515 2228 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
20:53:57.0531 2228 Fax - ok
20:53:57.0546 2228 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:53:57.0546 2228 fdc - ok
20:53:57.0562 2228 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:53:57.0562 2228 fdPHost - ok
20:53:57.0578 2228 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:53:57.0578 2228 FDResPub - ok
20:53:57.0593 2228 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:53:57.0593 2228 FileInfo - ok
20:53:57.0593 2228 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:53:57.0593 2228 Filetrace - ok
20:53:57.0734 2228 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:53:57.0749 2228 FLEXnet Licensing Service - ok
20:53:57.0780 2228 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:53:57.0780 2228 flpydisk - ok
20:53:57.0812 2228 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:53:57.0827 2228 FltMgr - ok
20:53:57.0905 2228 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
20:53:57.0921 2228 FontCache - ok
20:53:58.0030 2228 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:53:58.0030 2228 FontCache3.0.0.0 - ok
20:53:58.0030 2228 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:53:58.0046 2228 FsDepends - ok
20:53:58.0061 2228 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
20:53:58.0061 2228 Fs_Rec - ok
20:53:58.0170 2228 FTDIBUS (d6e3667f5e2bc6afc50308b480de2999) C:\Windows\system32\drivers\ftdibus.sys
20:53:58.0202 2228 FTDIBUS - ok
20:53:58.0248 2228 FTSER2K (e4cf4c1f9e3d57a66850f484c08e9ecf) C:\Windows\system32\drivers\ftser2k.sys
20:53:58.0248 2228 FTSER2K - ok
20:53:58.0311 2228 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
20:53:58.0326 2228 fvevol - ok
20:53:58.0358 2228 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:53:58.0358 2228 gagp30kx - ok
20:53:58.0373 2228 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:53:58.0404 2228 GEARAspiWDM - ok
20:53:58.0467 2228 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
20:53:58.0467 2228 gpsvc - ok
20:53:58.0623 2228 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
20:53:58.0654 2228 gupdate - ok
20:53:58.0654 2228 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
20:53:58.0654 2228 gupdatem - ok
20:53:58.0716 2228 hcw18bda (2edbcbf69f9a3512ddab978067be4d20) C:\Windows\system32\drivers\hcw18bda.sys
20:53:58.0716 2228 hcw18bda - ok
20:53:58.0779 2228 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
20:53:58.0779 2228 HdAudAddService - ok
20:53:58.0810 2228 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
20:53:58.0810 2228 HDAudBus - ok
20:53:58.0826 2228 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:53:58.0826 2228 HidBatt - ok
20:53:58.0857 2228 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:53:58.0857 2228 HidBth - ok
20:53:58.0872 2228 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:53:58.0888 2228 HidIr - ok
20:53:58.0919 2228 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
20:53:58.0919 2228 hidserv - ok
20:53:58.0966 2228 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
20:53:58.0982 2228 HidUsb - ok
20:53:59.0028 2228 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
20:53:59.0044 2228 hkmsvc - ok
20:53:59.0091 2228 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
20:53:59.0106 2228 HomeGroupListener - ok
20:53:59.0153 2228 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
20:53:59.0153 2228 HomeGroupProvider - ok
20:53:59.0200 2228 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
20:53:59.0216 2228 HpSAMD - ok
20:53:59.0278 2228 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
20:53:59.0278 2228 HTTP - ok
20:53:59.0340 2228 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
20:53:59.0340 2228 hwpolicy - ok
20:53:59.0387 2228 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
20:53:59.0387 2228 i8042prt - ok
20:53:59.0496 2228 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
20:53:59.0543 2228 iaStorV - ok
20:53:59.0668 2228 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:53:59.0684 2228 IDriverT - ok
20:53:59.0808 2228 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:53:59.0824 2228 idsvc - ok
20:54:00.0074 2228 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20120524.001\IDSvix86.sys
20:54:00.0089 2228 IDSVix86 - ok
20:54:00.0245 2228 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:54:00.0245 2228 iirsp - ok
20:54:00.0339 2228 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
20:54:00.0339 2228 IKEEXT - ok
20:54:00.0479 2228 IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys
20:54:00.0510 2228 IntcAzAudAddService - ok
20:54:00.0635 2228 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
20:54:00.0635 2228 intelide - ok
20:54:00.0666 2228 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:54:00.0666 2228 intelppm - ok
20:54:00.0713 2228 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:54:00.0729 2228 IPBusEnum - ok
20:54:00.0744 2228 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:54:00.0744 2228 IpFilterDriver - ok
20:54:00.0807 2228 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
20:54:00.0822 2228 iphlpsvc - ok
20:54:00.0869 2228 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
20:54:00.0869 2228 IPMIDRV - ok
20:54:00.0900 2228 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:54:00.0900 2228 IPNAT - ok
20:54:01.0010 2228 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:54:01.0025 2228 iPod Service - ok
20:54:01.0041 2228 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:54:01.0041 2228 IRENUM - ok
20:54:01.0088 2228 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
20:54:01.0088 2228 isapnp - ok
20:54:01.0134 2228 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
20:54:01.0150 2228 iScsiPrt - ok
20:54:01.0212 2228 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:54:01.0212 2228 kbdclass - ok
20:54:01.0244 2228 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
20:54:01.0244 2228 kbdhid - ok
20:54:01.0290 2228 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:54:01.0290 2228 KeyIso - ok
20:54:01.0306 2228 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
20:54:01.0306 2228 KSecDD - ok
20:54:01.0322 2228 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
20:54:01.0322 2228 KSecPkg - ok
20:54:01.0368 2228 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:54:01.0400 2228 KtmRm - ok
20:54:01.0478 2228 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
20:54:01.0478 2228 LanmanServer - ok
20:54:01.0524 2228 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
20:54:01.0524 2228 LanmanWorkstation - ok
20:54:01.0556 2228 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:54:01.0571 2228 LHidFilt - ok
20:54:01.0618 2228 libusb0 (bb90b64682d4108819947940bd7c4ea5) C:\Windows\system32\DRIVERS\libusb0.sys
20:54:01.0618 2228 libusb0 - ok
20:54:01.0712 2228 LightScribeService (6e5dac168d1ff9843e84a59d51d31107) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:54:01.0712 2228 LightScribeService - ok
20:54:01.0758 2228 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
20:54:01.0774 2228 lirsgt - ok
20:54:01.0836 2228 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:54:01.0852 2228 lltdio - ok
20:54:01.0899 2228 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:54:01.0899 2228 lltdsvc - ok
20:54:01.0914 2228 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:54:01.0914 2228 lmhosts - ok
20:54:01.0930 2228 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:54:01.0930 2228 LMouFilt - ok
20:54:01.0961 2228 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:54:01.0961 2228 LSI_FC - ok
20:54:01.0977 2228 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:54:01.0977 2228 LSI_SAS - ok
20:54:02.0008 2228 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:54:02.0008 2228 LSI_SAS2 - ok
20:54:02.0024 2228 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:54:02.0039 2228 LSI_SCSI - ok
20:54:02.0070 2228 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:54:02.0070 2228 luafv - ok
20:54:02.0133 2228 MagicTune (881dafbfcca3b27fc5a570554db05ba0) C:\Windows\system32\drivers\MTiCtwl.sys
20:54:02.0133 2228 MagicTune - ok
20:54:02.0258 2228 Media Center 15 Service (bd464de3f4a15d12dc83e4d60c9bd5ea) C:\Program Files\J River\Media Center 15\JRService.exe
20:54:02.0258 2228 Media Center 15 Service - ok
20:54:02.0382 2228 Media Center 16 Service (c3f6cf093e9fae41c3f15e859ba7a6b5) C:\Program Files\J River\Media Center 16\JRService.exe
20:54:02.0429 2228 Media Center 16 Service - ok
20:54:02.0554 2228 Media Center 17 Service (696b0df296d23e28775905dd115ce8ba) C:\Program Files\J River\Media Center 17\JRService.exe
20:54:02.0616 2228 Media Center 17 Service - ok
20:54:02.0819 2228 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:54:02.0819 2228 megasas - ok
20:54:02.0850 2228 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:54:02.0850 2228 MegaSR - ok
20:54:02.0897 2228 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:54:02.0897 2228 MMCSS - ok
20:54:02.0913 2228 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:54:02.0928 2228 Modem - ok
20:54:02.0975 2228 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:54:02.0975 2228 monitor - ok
20:54:03.0022 2228 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:54:03.0038 2228 mouclass - ok
20:54:03.0116 2228 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:54:03.0162 2228 mouhid - ok
20:54:03.0209 2228 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
20:54:03.0209 2228 mountmgr - ok
20:54:03.0256 2228 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
20:54:03.0256 2228 mpio - ok
20:54:03.0272 2228 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:54:03.0272 2228 mpsdrv - ok
20:54:03.0334 2228 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
20:54:03.0365 2228 MpsSvc - ok
20:54:03.0443 2228 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
20:54:03.0459 2228 MRxDAV - ok
20:54:03.0506 2228 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:54:03.0506 2228 mrxsmb - ok
20:54:03.0552 2228 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:54:03.0568 2228 mrxsmb10 - ok
20:54:03.0584 2228 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:54:03.0599 2228 mrxsmb20 - ok
20:54:03.0599 2228 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
20:54:03.0615 2228 msahci - ok
20:54:03.0662 2228 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
20:54:03.0677 2228 msdsm - ok
20:54:03.0708 2228 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:54:03.0708 2228 MSDTC - ok
20:54:03.0724 2228 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:54:03.0724 2228 Msfs - ok
20:54:03.0724 2228 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:54:03.0740 2228 mshidkmdf - ok
20:54:03.0755 2228 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
20:54:03.0755 2228 msisadrv - ok
20:54:03.0802 2228 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:54:03.0818 2228 MSiSCSI - ok
20:54:03.0818 2228 msiserver - ok
20:54:03.0833 2228 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:54:03.0849 2228 MSKSSRV - ok
20:54:03.0864 2228 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:54:03.0864 2228 MSPCLOCK - ok
20:54:03.0864 2228 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:54:03.0880 2228 MSPQM - ok
20:54:03.0880 2228 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:54:03.0896 2228 MsRPC - ok
20:54:03.0942 2228 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
20:54:03.0942 2228 mssmbios - ok
20:54:04.0067 2228 MSSQL$ESC - ok
20:54:04.0145 2228 MSSQL$SQLEXPRESS - ok
20:54:04.0223 2228 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:54:04.0239 2228 MSSQLServerADHelper - ok
20:54:04.0317 2228 MSSQLServerADHelper100 (8e8e74c953eb0c4f8828d99d6f27fd6f) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:54:04.0317 2228 MSSQLServerADHelper100 - ok
20:54:04.0332 2228 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:54:04.0332 2228 MSTEE - ok
20:54:04.0426 2228 msvad_simple (00c7b2306f1ca5389a1ac6d1df9c2e25) C:\Windows\system32\drivers\povrtdev.sys
20:54:04.0426 2228 msvad_simple - ok
20:54:04.0426 2228 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:54:04.0426 2228 MTConfig - ok
20:54:04.0442 2228 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:54:04.0442 2228 Mup - ok
20:54:04.0504 2228 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
20:54:04.0504 2228 napagent - ok
20:54:04.0551 2228 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:54:04.0551 2228 NativeWifiP - ok
20:54:04.0738 2228 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20120524.019\NAVENG.SYS
20:54:04.0754 2228 NAVENG - ok
20:54:04.0878 2228 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20120524.019\NAVEX15.SYS
20:54:04.0941 2228 NAVEX15 - ok
20:54:05.0128 2228 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
20:54:05.0128 2228 NDIS - ok
20:54:05.0144 2228 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:54:05.0159 2228 NdisCap - ok
20:54:05.0175 2228 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:54:05.0175 2228 NdisTapi - ok
20:54:05.0237 2228 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
20:54:05.0237 2228 Ndisuio - ok
20:54:05.0284 2228 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
20:54:05.0284 2228 NdisWan - ok
20:54:05.0331 2228 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
20:54:05.0331 2228 NDProxy - ok
20:54:05.0393 2228 Nero BackItUp Scheduler 4.0 - ok
20:54:05.0456 2228 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys
20:54:05.0471 2228 Netaapl - ok
20:54:05.0487 2228 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:54:05.0487 2228 NetBIOS - ok
20:54:05.0534 2228 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
20:54:05.0565 2228 NetBT - ok
20:54:05.0596 2228 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:54:05.0612 2228 Netlogon - ok
20:54:05.0674 2228 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:54:05.0674 2228 Netman - ok
20:54:05.0768 2228 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:54:05.0814 2228 NetMsmqActivator - ok
20:54:05.0846 2228 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:54:05.0846 2228 NetPipeActivator - ok
20:54:05.0877 2228 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:54:05.0877 2228 netprofm - ok
20:54:05.0908 2228 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:54:05.0908 2228 NetTcpActivator - ok
20:54:05.0908 2228 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:54:05.0908 2228 NetTcpPortSharing - ok
20:54:05.0955 2228 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:54:05.0955 2228 nfrd960 - ok
20:54:06.0126 2228 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
20:54:06.0126 2228 NIS - ok
20:54:06.0173 2228 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
20:54:06.0189 2228 NlaSvc - ok
20:54:06.0189 2228 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:54:06.0189 2228 Npfs - ok
20:54:06.0236 2228 NPVR Recording Service - ok
20:54:06.0267 2228 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:54:06.0267 2228 nsi - ok
20:54:06.0282 2228 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:54:06.0282 2228 nsiproxy - ok
20:54:06.0376 2228 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
20:54:06.0392 2228 Ntfs - ok
20:54:06.0548 2228 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:54:06.0548 2228 Null - ok
20:54:06.0594 2228 NVHDA (a0a9e53b4aac3c6534a063aba69bc19f) C:\Windows\system32\drivers\nvhda32v.sys
20:54:06.0594 2228 NVHDA - ok
20:54:07.0109 2228 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:54:07.0312 2228 nvlddmkm - ok
20:54:07.0499 2228 nvoclock (96c5900331bd17344f338d006888bae5) C:\Windows\system32\DRIVERS\nvoclock.sys
20:54:07.0499 2228 nvoclock - ok
20:54:07.0562 2228 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
20:54:07.0562 2228 nvraid - ok
20:54:07.0593 2228 nvsmu (02a9f366bcb94b286e34825b2094cb38) C:\Windows\system32\DRIVERS\nvsmu.sys
20:54:07.0593 2228 nvsmu - ok
20:54:07.0640 2228 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
20:54:07.0640 2228 nvstor - ok
20:54:07.0718 2228 NVSvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
20:54:07.0780 2228 NVSvc - ok
20:54:07.0967 2228 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:54:07.0983 2228 nvUpdatusService - ok
20:54:08.0061 2228 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
20:54:08.0076 2228 nv_agp - ok
20:54:08.0108 2228 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
20:54:08.0123 2228 ohci1394 - ok
20:54:08.0186 2228 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:54:08.0201 2228 ose - ok
20:54:08.0435 2228 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:54:08.0498 2228 osppsvc - ok
20:54:08.0591 2228 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:54:08.0607 2228 p2pimsvc - ok
20:54:08.0669 2228 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:54:08.0669 2228 p2psvc - ok
20:54:08.0763 2228 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:54:08.0794 2228 Parport - ok
20:54:08.0825 2228 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
20:54:08.0825 2228 partmgr - ok
20:54:08.0841 2228 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:54:08.0841 2228 Parvdm - ok
20:54:08.0872 2228 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:54:08.0872 2228 PcaSvc - ok
20:54:08.0919 2228 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
20:54:08.0934 2228 pci - ok
20:54:08.0966 2228 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
20:54:08.0981 2228 pciide - ok
20:54:08.0997 2228 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:54:08.0997 2228 pcmcia - ok
20:54:09.0044 2228 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
20:54:09.0044 2228 pcouffin - ok
20:54:09.0059 2228 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:54:09.0059 2228 pcw - ok
20:54:09.0122 2228 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:54:09.0137 2228 PEAUTH - ok
20:54:09.0168 2228 pfc (da86016f0672ada925f589ede715f185) C:\Windows\system32\drivers\pfc.sys
20:54:09.0168 2228 pfc - ok
20:54:09.0278 2228 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
20:54:09.0309 2228 pla - ok
20:54:09.0371 2228 PlayItVideoServer - ok
20:54:09.0512 2228 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
20:54:09.0527 2228 PlugPlay - ok
20:54:09.0558 2228 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:54:09.0558 2228 PNRPAutoReg - ok
20:54:09.0590 2228 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:54:09.0590 2228 PNRPsvc - ok
20:54:09.0652 2228 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
20:54:09.0668 2228 PolicyAgent - ok
20:54:09.0714 2228 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
20:54:09.0730 2228 Power - ok
20:54:09.0746 2228 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:54:09.0746 2228 PptpMiniport - ok
20:54:09.0777 2228 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:54:09.0777 2228 Processor - ok
20:54:09.0839 2228 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
20:54:09.0839 2228 ProfSvc - ok
20:54:09.0886 2228 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:54:09.0886 2228 ProtectedStorage - ok
20:54:09.0917 2228 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:54:09.0917 2228 Psched - ok
20:54:09.0933 2228 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
20:54:09.0933 2228 PxHelp20 - ok
20:54:10.0042 2228 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:54:10.0058 2228 ql2300 - ok
20:54:10.0151 2228 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:54:10.0151 2228 ql40xx - ok
20:54:10.0167 2228 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:54:10.0167 2228 QWAVE - ok
20:54:10.0182 2228 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:54:10.0198 2228 QWAVEdrv - ok
20:54:10.0198 2228 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:54:10.0198 2228 RasAcd - ok
20:54:10.0245 2228 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:54:10.0245 2228 RasAgileVpn - ok
20:54:10.0260 2228 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:54:10.0276 2228 RasAuto - ok
20:54:10.0292 2228 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:54:10.0292 2228 Rasl2tp - ok
20:54:10.0354 2228 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
20:54:10.0354 2228 RasMan - ok
20:54:10.0370 2228 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:54:10.0385 2228 RasPppoe - ok
20:54:10.0385 2228 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:54:10.0401 2228 RasSstp - ok
20:54:10.0448 2228 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
20:54:10.0448 2228 rdbss - ok
20:54:10.0463 2228 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:54:10.0463 2228 rdpbus - ok
20:54:10.0510 2228 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:54:10.0510 2228 RDPCDD - ok
20:54:10.0541 2228 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:54:10.0541 2228 RDPENCDD - ok
20:54:10.0541 2228 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:54:10.0557 2228 RDPREFMP - ok
20:54:10.0604 2228 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
20:54:10.0604 2228 RDPWD - ok
20:54:10.0650 2228 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
20:54:10.0650 2228 rdyboost - ok
20:54:10.0697 2228 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:54:10.0713 2228 RemoteAccess - ok
20:54:10.0744 2228 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:54:10.0760 2228 RemoteRegistry - ok
20:54:10.0806 2228 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\Windows\system32\Drivers\RimUsb.sys
20:54:10.0806 2228 RimUsb - ok
20:54:10.0822 2228 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
20:54:10.0838 2228 RimVSerPort - ok
20:54:10.0838 2228 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
20:54:10.0853 2228 ROOTMODEM - ok
20:54:10.0884 2228 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:54:10.0884 2228 RpcEptMapper - ok
20:54:10.0916 2228 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:54:10.0916 2228 RpcLocator - ok
20:54:10.0962 2228 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:54:10.0962 2228 RpcSs - ok
20:54:11.0040 2228 RsFx0151 (66a54bf20084400a7dd5e3b69e008799) C:\Windows\system32\DRIVERS\RsFx0151.sys
20:54:11.0056 2228 RsFx0151 - ok
20:54:11.0072 2228 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:54:11.0072 2228 rspndr - ok
20:54:11.0134 2228 SaiH0461 (dcefb50994bc5fb6d83be1977edbf897) C:\Windows\system32\DRIVERS\SaiH0461.sys
20:54:11.0134 2228 SaiH0461 - ok
20:54:11.0181 2228 SaiH0763 (c427eec18fbdf6d69de0c8b974eb450a) C:\Windows\system32\DRIVERS\SaiH0763.sys
20:54:11.0181 2228 SaiH0763 - ok
20:54:11.0243 2228 SaiK0CCB (0f829f274ed65588e4cc4b31d27c00de) C:\Windows\system32\DRIVERS\SaiK0CCB.sys
20:54:11.0259 2228 SaiK0CCB - ok
20:54:11.0306 2228 SaiMini (646d8be92ecfbfbea9fea7682b0e579a) C:\Windows\system32\DRIVERS\SaiMini.sys
20:54:11.0321 2228 SaiMini - ok
20:54:11.0368 2228 SaiNtBus (f47b3689cb50c5ee571da6ed1d2ef3c6) C:\Windows\system32\drivers\SaiBus.sys
20:54:11.0384 2228 SaiNtBus - ok
20:54:11.0415 2228 SaiU0CCB (d1f108ab310abc483f4ad0a1060668fe) C:\Windows\system32\DRIVERS\SaiU0CCB.sys
20:54:11.0415 2228 SaiU0CCB - ok
20:54:11.0462 2228 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:54:11.0462 2228 SamSs - ok
20:54:11.0524 2228 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
20:54:11.0524 2228 sbp2port - ok
20:54:11.0571 2228 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:54:11.0571 2228 SCardSvr - ok
20:54:11.0618 2228 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
20:54:11.0618 2228 scfilter - ok
20:54:11.0680 2228 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
20:54:11.0727 2228 Schedule - ok
20:54:11.0774 2228 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:54:11.0774 2228 SCPolicySvc - ok
20:54:11.0820 2228 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
20:54:11.0820 2228 SDRSVC - ok
20:54:11.0992 2228 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:54:11.0992 2228 SeaPort - ok
20:54:12.0086 2228 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:54:12.0086 2228 secdrv - ok
20:54:12.0101 2228 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:54:12.0101 2228 seclogon - ok
20:54:12.0117 2228 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
20:54:12.0117 2228 SENS - ok
20:54:12.0164 2228 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:54:12.0164 2228 SensrSvc - ok
20:54:12.0195 2228 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:54:12.0195 2228 Serenum - ok
20:54:12.0195 2228 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:54:12.0210 2228 Serial - ok
20:54:12.0257 2228 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:54:12.0273 2228 sermouse - ok
20:54:12.0320 2228 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
20:54:12.0320 2228 SessionEnv - ok
20:54:12.0366 2228 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
20:54:12.0366 2228 sffdisk - ok
20:54:12.0382 2228 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
20:54:12.0398 2228 sffp_mmc - ok
20:54:12.0413 2228 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
20:54:12.0413 2228 sffp_sd - ok
20:54:12.0429 2228 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:54:12.0429 2228 sfloppy - ok
20:54:12.0616 2228 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:54:12.0647 2228 SharedAccess - ok
20:54:12.0725 2228 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
20:54:12.0725 2228 ShellHWDetection - ok
20:54:12.0834 2228 ShowAnalyzerMaster - ok
20:54:12.0866 2228 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
20:54:12.0881 2228 sisagp - ok
20:54:12.0897 2228 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:54:12.0897 2228 SiSRaid2 - ok
20:54:12.0912 2228 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:54:12.0912 2228 SiSRaid4 - ok
20:54:12.0928 2228 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:54:12.0928 2228 Smb - ok
20:54:12.0990 2228 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:54:12.0990 2228 SNMPTRAP - ok
20:54:13.0006 2228 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:54:13.0006 2228 spldr - ok
20:54:13.0068 2228 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
20:54:13.0068 2228 Spooler - ok
20:54:13.0240 2228 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
20:54:13.0302 2228 sppsvc - ok
20:54:13.0443 2228 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
20:54:13.0458 2228 sppuinotify - ok
20:54:13.0583 2228 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
20:54:13.0614 2228 sptd - ok
20:54:13.0802 2228 SQLAgent$SQLEXPRESS (230c6aa1091190d2fdb40766cbd3dbbd) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:54:13.0880 2228 SQLAgent$SQLEXPRESS - ok
20:54:13.0942 2228 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:54:13.0958 2228 SQLBrowser - ok
20:54:14.0004 2228 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:54:14.0004 2228 SQLWriter - ok
20:54:14.0160 2228 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\NIS\1307010.005\SRTSP.SYS
20:54:14.0160 2228 SRTSP - ok
20:54:14.0176 2228 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\NIS\1307010.005\SRTSPX.SYS
20:54:14.0207 2228 SRTSPX - ok
20:54:14.0270 2228 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
20:54:14.0270 2228 srv - ok
20:54:14.0301 2228 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
20:54:14.0316 2228 srv2 - ok
20:54:14.0348 2228 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
20:54:14.0348 2228 srvnet - ok
20:54:14.0410 2228 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:54:14.0410 2228 SSDPSRV - ok
20:54:14.0426 2228 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:54:14.0426 2228 SstpSvc - ok
20:54:14.0504 2228 Steam Client Service - ok
20:54:14.0628 2228 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:54:14.0675 2228 Stereo Service - ok
20:54:14.0722 2228 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:54:14.0722 2228 stexstor - ok
20:54:14.0800 2228 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
20:54:14.0816 2228 StiSvc - ok
20:54:14.0847 2228 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
20:54:14.0847 2228 swenum - ok
20:54:15.0018 2228 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:54:15.0050 2228 SwitchBoard - ok
20:54:15.0112 2228 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:54:15.0128 2228 swprv - ok
20:54:15.0221 2228 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
20:54:15.0252 2228 Symantec RemoteAssist - ok
20:54:15.0424 2228 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1307010.005\SYMDS.SYS
20:54:15.0455 2228 SymDS - ok
20:54:15.0533 2228 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\NIS\1307010.005\SYMEFA.SYS
20:54:15.0549 2228 SymEFA - ok
20:54:15.0596 2228 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:54:15.0596 2228 SymEvent - ok
20:54:15.0596 2228 SYMFW - ok
20:54:15.0642 2228 SymIM (6e3ad51710cb4a27ea70adf685fca4ca) C:\Windows\system32\DRIVERS\SymIMv.sys
20:54:15.0642 2228 SymIM - ok
20:54:15.0689 2228 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\NIS\1307010.005\Ironx86.SYS
20:54:15.0689 2228 SymIRON - ok
20:54:15.0705 2228 SYMNDISV - ok
20:54:15.0736 2228 SymNetS (3ee215d6fe821e3edf0f7134d9ae905a) C:\Windows\System32\Drivers\NIS\1307010.005\SYMNETS.SYS
20:54:15.0752 2228 SymNetS - ok
20:54:15.0845 2228 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
20:54:15.0861 2228 SysMain - ok
20:54:15.0923 2228 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
20:54:15.0939 2228 TabletInputService - ok
20:54:15.0970 2228 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
20:54:15.0986 2228 TapiSrv - ok
20:54:16.0017 2228 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:54:16.0032 2228 TBS - ok
20:54:16.0188 2228 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
20:54:16.0204 2228 Tcpip - ok
20:54:16.0376 2228 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
20:54:16.0376 2228 TCPIP6 - ok
20:54:16.0485 2228 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
20:54:16.0485 2228 tcpipreg - ok
20:54:16.0532 2228 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
20:54:16.0532 2228 TDPIPE - ok
20:54:16.0578 2228 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
20:54:16.0578 2228 TDTCP - ok
20:54:16.0625 2228 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
20:54:16.0625 2228 tdx - ok
20:54:16.0750 2228 TEDService (0f1423fee44de4e4b0a683f268c467c4) C:\Program Files\EnergyInc\TEDFootprints\TEDService.exe
20:54:16.0844 2228 TEDService - ok
20:54:16.0890 2228 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
20:54:16.0890 2228 TermDD - ok
20:54:16.0937 2228 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:54:16.0953 2228 TermService - ok
20:54:16.0984 2228 Themes (59cfda4eacb3788f8b17f87b49b0ac0e) C:\Windows\system32\themeservice.dll
20:54:16.0984 2228 Themes - ok
20:54:17.0031 2228 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:54:17.0031 2228 THREADORDER - ok
20:54:17.0078 2228 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:54:17.0078 2228 TrkWks - ok
20:54:17.0140 2228 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
20:54:17.0156 2228 TrustedInstaller - ok
20:54:17.0187 2228 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:54:17.0202 2228 tssecsrv - ok
20:54:17.0234 2228 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
20:54:17.0234 2228 TsUsbFlt - ok
20:54:17.0296 2228 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
20:54:17.0312 2228 tunnel - ok
20:54:17.0343 2228 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:54:17.0343 2228 uagp35 - ok
20:54:17.0405 2228 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
20:54:17.0405 2228 udfs - ok
20:54:17.0436 2228 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:54:17.0436 2228 UI0Detect - ok
20:54:17.0483 2228 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
20:54:17.0483 2228 uliagpkx - ok
20:54:17.0577 2228 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
20:54:17.0624 2228 umbus - ok
20:54:17.0733 2228 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:54:17.0764 2228 UmPass - ok
20:54:17.0795 2228 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:54:17.0811 2228 upnphost - ok
20:54:17.0858 2228 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
20:54:17.0873 2228 USBAAPL - ok
20:54:17.0920 2228 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
20:54:17.0920 2228 usbccgp - ok
20:54:17.0951 2228 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
20:54:17.0967 2228 usbcir - ok
20:54:17.0998 2228 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
20:54:18.0029 2228 usbehci - ok
20:54:18.0092 2228 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
20:54:18.0107 2228 usbhub - ok
20:54:18.0107 2228 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
20:54:18.0123 2228 usbohci - ok
20:54:18.0123 2228 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:54:18.0138 2228 usbprint - ok
20:54:18.0170 2228 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:54:18.0185 2228 USBSTOR - ok
20:54:18.0216 2228 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
20:54:18.0232 2228 usbuhci - ok
20:54:18.0248 2228 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:54:18.0263 2228 UxSms - ok
20:54:18.0294 2228 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:54:18.0310 2228 VaultSvc - ok
20:54:18.0341 2228 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys
20:54:18.0341 2228 VClone - ok
20:54:18.0372 2228 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
20:54:18.0372 2228 vdrvroot - ok
20:54:18.0450 2228 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
20:54:18.0466 2228 vds - ok
20:54:18.0482 2228 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:54:18.0482 2228 vga - ok
20:54:18.0497 2228 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:54:18.0497 2228 VgaSave - ok
20:54:18.0528 2228 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
20:54:18.0528 2228 vhdmp - ok
20:54:18.0591 2228 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
20:54:18.0591 2228 viaagp - ok
20:54:18.0606 2228 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:54:18.0606 2228 ViaC7 - ok
20:54:18.0622 2228 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
20:54:18.0622 2228 viaide - ok
20:54:18.0794 2228 Visual Studio Analyzer RPC bridge (b5ba71eadeed0773d2e0978f962e1bf3) C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
20:54:18.0809 2228 Visual Studio Analyzer RPC bridge - ok
20:54:18.0856 2228 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
20:54:18.0856 2228 volmgr - ok
20:54:18.0872 2228 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:54:18.0887 2228 volmgrx - ok
20:54:18.0934 2228 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
20:54:18.0950 2228 volsnap - ok
20:54:18.0950 2228 vpnva - ok
20:54:18.0996 2228 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:54:18.0996 2228 vsmraid - ok
20:54:19.0090 2228 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
20:54:19.0137 2228 VSS - ok
20:54:19.0152 2228 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
20:54:19.0168 2228 vwifibus - ok
20:54:19.0215 2228 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:54:19.0215 2228 W32Time - ok
20:54:19.0324 2228 W3SVC (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll
20:54:19.0355 2228 W3SVC - ok
20:54:19.0355 2228 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:54:19.0355 2228 WacomPen - ok
20:54:19.0418 2228 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:54:19.0433 2228 WANARP - ok
20:54:19.0433 2228 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:54:19.0433 2228 Wanarpv6 - ok
20:54:19.0449 2228 WAS (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll
20:54:19.0449 2228 WAS - ok
20:54:19.0527 2228 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
20:54:19.0558 2228 WatAdminSvc - ok
20:54:19.0714 2228 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
20:54:19.0745 2228 wbengine - ok
20:54:19.0776 2228 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:54:19.0776 2228 WbioSrvc - ok
20:54:19.0839 2228 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
20:54:19.0839 2228 wcncsvc - ok
20:54:19.0839 2228 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:54:19.0854 2228 WcsPlugInService - ok
20:54:19.0901 2228 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:54:19.0917 2228 Wd - ok
20:54:19.0948 2228 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:54:19.0948 2228 Wdf01000 - ok
20:54:19.0964 2228 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:54:19.0964 2228 WdiServiceHost - ok
20:54:19.0979 2228 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:54:19.0979 2228 WdiSystemHost - ok
20:54:20.0026 2228 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
20:54:20.0042 2228 WebClient - ok
20:54:20.0057 2228 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:54:20.0057 2228 Wecsvc - ok
20:54:20.0057 2228 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:54:20.0073 2228 wercplsupport - ok
20:54:20.0104 2228 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:54:20.0120 2228 WerSvc - ok
20:54:20.0120 2228 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:54:20.0120 2228 WfpLwf - ok
20:54:20.0135 2228 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:54:20.0151 2228 WIMMount - ok
20:54:20.0291 2228 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:54:20.0307 2228 WinDefend - ok
20:54:20.0307 2228 WinHttpAutoProxySvc - ok
20:54:20.0400 2228 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:54:20.0400 2228 Winmgmt - ok
20:54:20.0494 2228 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
20:54:20.0525 2228 WinRM - ok
20:54:20.0588 2228 Winstep Xtreme Service - ok
20:54:20.0681 2228 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
20:54:20.0697 2228 WinUsb - ok
20:54:20.0775 2228 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:54:20.0790 2228 Wlansvc - ok
20:54:20.0946 2228 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:54:20.0962 2228 wlidsvc - ok
20:54:21.0134 2228 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
20:54:21.0134 2228 WmiAcpi - ok
20:54:21.0180 2228 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:54:21.0196 2228 wmiApSrv - ok
20:54:21.0336 2228 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:54:21.0399 2228 WMPNetworkSvc - ok
20:54:21.0477 2228 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:54:21.0477 2228 WPCSvc - ok
20:54:21.0524 2228 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
20:54:21.0539 2228 WPDBusEnum - ok
20:54:21.0570 2228 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:54:21.0586 2228 ws2ifsl - ok
20:54:21.0617 2228 WsAudio_DeviceS(1) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
20:54:21.0648 2228 WsAudio_DeviceS(1) - ok
20:54:21.0680 2228 WsAudio_DeviceS(2) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
20:54:21.0680 2228 WsAudio_DeviceS(2) - ok
20:54:21.0711 2228 WsAudio_DeviceS(3) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
20:54:21.0726 2228 WsAudio_DeviceS(3) - ok
20:54:21.0742 2228 WsAudio_DeviceS(4) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
20:54:21.0742 2228 WsAudio_DeviceS(4) - ok
20:54:21.0773 2228 WsAudio_DeviceS(5) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
20:54:21.0773 2228 WsAudio_DeviceS(5) - ok
20:54:21.0804 2228 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
20:54:21.0804 2228 wscsvc - ok
20:54:21.0820 2228 WSearch - ok
20:54:22.0023 2228 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
20:54:22.0070 2228 wuauserv - ok
20:54:22.0210 2228 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
20:54:22.0210 2228 WudfPf - ok
20:54:22.0272 2228 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:54:22.0272 2228 WUDFRd - ok
20:54:22.0350 2228 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
20:54:22.0350 2228 wudfsvc - ok
20:54:22.0382 2228 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:54:22.0382 2228 WwanSvc - ok
20:54:22.0444 2228 xusb21 (276842a27953be204a2507096f09b1f3) C:\Windows\system32\DRIVERS\xusb21.sys
20:54:22.0444 2228 xusb21 - ok
20:54:22.0522 2228 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
20:54:22.0522 2228 yukonw7 - ok
20:54:22.0553 2228 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
20:54:22.0850 2228 \Device\Harddisk1\DR1 - ok
20:54:22.0865 2228 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:54:22.0912 2228 \Device\Harddisk0\DR0 - ok
20:54:22.0912 2228 Boot (0x1200) (79e987e59336be66d12d4ad5ed83b844) \Device\Harddisk1\DR1\Partition0
20:54:22.0912 2228 \Device\Harddisk1\DR1\Partition0 - ok
20:54:22.0943 2228 Boot (0x1200) (2ce135aefd5c5932655cfade68603581) \Device\Harddisk0\DR0\Partition0
20:54:22.0943 2228 \Device\Harddisk0\DR0\Partition0 - ok
20:54:22.0943 2228 ============================================================
20:54:22.0943 2228 Scan finished
20:54:22.0943 2228 ============================================================
20:54:22.0959 4620 Detected object count: 0
20:54:22.0959 4620 Actual detected object count: 0
20:55:37.0871 2992 Deinitialize success

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 PM

Posted 25 May 2012 - 07:07 PM

Hello and thanks. It appears that its not malware, Please start a topic in WIN 7 so they can test other points.

Edited by boopme, 25 May 2012 - 09:32 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jonkjon

jonkjon
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 02 July 2012 - 03:49 PM

I solved this! Just wanted to update this post. I discovered that the problem actually was with another app on my network that used to reside on this machine. It's called mediabrowser. The app itself is fine, it's just that I built a dedicated htpc and decided to copy the mediabrowser folder over to the new htpc to preserve my settings. Somewhere in that folder, there is something that has a reference path to the machine that it originated from. Each night, the htpc does a refresh and that's when the lsass memory usage on this pc increased. The app also has a host of plugins available but I removed all of them, one by one, to no avail. The only way I could fix the issue was to do a clean install of mediabrowser on the htpc. After doing that, no more lsass memory usage issue.
Again, I wanted to update the information here as you have been a tremendous help in getting to the bottom of the problem.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 PM

Posted 02 July 2012 - 07:43 PM

We (BleepingComputer) and the next person in need of this solution appreciate your posting of it. :thumbup2:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users