Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I remove / Is this a virus?


  • Please log in to reply
15 replies to this topic

#1 cwallace83

cwallace83

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 04:06 PM

I've run malwarebytes and symantec and they both come up clean, but i keep getting this quarantine notification of a Trojan.Gen.2. The location of the file is no where on my computer. How can i clean / fix this? This is a snapshot of what symantec endpoint protection is giving me.

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen.2
File: C:\Windows\Installer\{872f14e1-fb83-a546-3aee-59cced5657e0}\U\80000000.@
Location: C:\Windows\Installer\{872f14e1-fb83-a546-3aee-59cced5657e0}\U
Computer: ELS-CSWALLACE
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Tuesday, June 05, 2012 10:08:50 AM

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 04:17 PM

Can you post the log from Malwarebytes? You can access it by going to the log tab in Malwarebytes.

#3 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 04:22 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
cwallace :: ELS-CSWALLACE [administrator]

6/4/2012 10:17:50 AM
mbam-log-2012-06-04 (10-17-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 343928
Time elapsed: 3 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\cwallace\Local Settings\Temporary Internet Files\Content.IE5\288SG21U\soft4[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\cwallace\Local Settings\Temporary Internet Files\Content.IE5\L1GKGOJJ\soft5[1].exe (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Users\cwallace\Local Settings\Temporary Internet Files\Content.IE5\SAO98ZU4\OurBabymaker.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

(end)

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 04:24 PM

Can you perform a complete scan with Malwarebytes?

#5 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 05:12 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
cwallace :: ELS-CSWALLACE [administrator]

6/5/2012 2:32:46 PM
mbam-log-2012-06-05 (14-32-46).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 460945
Time elapsed: 33 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 05:17 PM

I would like for you to download and run TDSS Killer. If it asks you to fix anything, then PLEASE DO NOT FIX ANYTHING. Please post the resulting log that is created in C:\ via My Computer. Please ensure all options are checked.

#7 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 05:23 PM

15:19:00.0785 6560 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
15:19:01.0215 6560 ============================================================
15:19:01.0215 6560 Current date / time: 2012/06/05 15:19:01.0215
15:19:01.0215 6560 SystemInfo:
15:19:01.0215 6560
15:19:01.0215 6560 OS Version: 6.1.7601 ServicePack: 1.0
15:19:01.0215 6560 Product type: Workstation
15:19:01.0215 6560 ComputerName: ELS-CSWALLACE
15:19:01.0215 6560 UserName: cwallace
15:19:01.0215 6560 Windows directory: C:\Windows
15:19:01.0215 6560 System windows directory: C:\Windows
15:19:01.0215 6560 Running under WOW64
15:19:01.0215 6560 Processor architecture: Intel x64
15:19:01.0215 6560 Number of processors: 4
15:19:01.0215 6560 Page size: 0x1000
15:19:01.0215 6560 Boot type: Normal boot
15:19:01.0220 6560 ============================================================
15:19:01.0796 6560 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:19:01.0806 6560 ============================================================
15:19:01.0806 6560 \Device\Harddisk0\DR0:
15:19:01.0806 6560 MBR partitions:
15:19:01.0806 6560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1680000
15:19:01.0806 6560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1694000, BlocksNum 0x23D9A000
15:19:01.0806 6560 ============================================================
15:19:01.0836 6560 C: <-> \Device\Harddisk0\DR0\Partition1
15:19:01.0836 6560 ============================================================
15:19:01.0836 6560 Initialize success
15:19:01.0836 6560 ============================================================
15:19:04.0647 6776 ============================================================
15:19:04.0647 6776 Scan started
15:19:04.0647 6776 Mode: Manual;
15:19:04.0647 6776 ============================================================
15:19:06.0042 6776 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:19:06.0092 6776 1394ohci - ok
15:19:06.0122 6776 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
15:19:06.0142 6776 Acceler - ok
15:19:06.0237 6776 accoca (ec4a5d4e36a8e49261cd823450e0ba51) C:\Program Files (x86)\ActivIdentity\ActivClient\accoca.exe
15:19:06.0252 6776 accoca - ok
15:19:06.0292 6776 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:19:06.0317 6776 ACPI - ok
15:19:06.0342 6776 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:19:06.0347 6776 AcpiPmi - ok
15:19:06.0407 6776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:19:06.0447 6776 adp94xx - ok
15:19:06.0482 6776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:19:06.0532 6776 adpahci - ok
15:19:06.0562 6776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:19:06.0607 6776 adpu320 - ok
15:19:06.0647 6776 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:19:06.0647 6776 AeLookupSvc - ok
15:19:06.0717 6776 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:19:06.0717 6776 AESTFilters - ok
15:19:06.0797 6776 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:19:06.0822 6776 AFD - ok
15:19:06.0857 6776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:19:06.0887 6776 agp440 - ok
15:19:06.0902 6776 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:19:06.0902 6776 ALG - ok
15:19:06.0922 6776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:19:06.0937 6776 aliide - ok
15:19:06.0957 6776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:19:06.0962 6776 amdide - ok
15:19:06.0972 6776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:19:06.0977 6776 AmdK8 - ok
15:19:06.0992 6776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:19:06.0997 6776 AmdPPM - ok
15:19:07.0022 6776 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:19:07.0027 6776 amdsata - ok
15:19:07.0047 6776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:19:07.0067 6776 amdsbs - ok
15:19:07.0082 6776 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:19:07.0092 6776 amdxata - ok
15:19:07.0152 6776 ApfiltrService (e4f6a272a696b6442e5c84ec470e3676) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:19:07.0192 6776 ApfiltrService - ok
15:19:07.0222 6776 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:19:07.0222 6776 AppID - ok
15:19:07.0252 6776 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:19:07.0257 6776 AppIDSvc - ok
15:19:07.0287 6776 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:19:07.0292 6776 Appinfo - ok
15:19:07.0422 6776 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:19:07.0427 6776 Apple Mobile Device - ok
15:19:07.0482 6776 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:19:07.0487 6776 AppMgmt - ok
15:19:07.0518 6776 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:19:07.0548 6776 arc - ok
15:19:07.0578 6776 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:19:07.0603 6776 arcsas - ok
15:19:07.0693 6776 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:19:07.0693 6776 aspnet_state - ok
15:19:07.0718 6776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:19:07.0718 6776 AsyncMac - ok
15:19:07.0748 6776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:19:07.0768 6776 atapi - ok
15:19:07.0843 6776 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:19:07.0878 6776 AudioEndpointBuilder - ok
15:19:07.0893 6776 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:19:07.0898 6776 AudioSrv - ok
15:19:07.0933 6776 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:19:07.0933 6776 AxInstSV - ok
15:19:07.0998 6776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:19:08.0043 6776 b06bdrv - ok
15:19:08.0083 6776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:19:08.0123 6776 b57nd60a - ok
15:19:08.0148 6776 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:19:08.0148 6776 BDESVC - ok
15:19:08.0158 6776 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:19:08.0158 6776 Beep - ok
15:19:08.0223 6776 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:19:08.0248 6776 BITS - ok
15:19:08.0273 6776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:19:08.0298 6776 blbdrive - ok
15:19:08.0413 6776 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:19:08.0433 6776 Bonjour Service - ok
15:19:08.0463 6776 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:19:08.0468 6776 bowser - ok
15:19:08.0498 6776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:19:08.0513 6776 BrFiltLo - ok
15:19:08.0528 6776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:19:08.0533 6776 BrFiltUp - ok
15:19:08.0563 6776 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:19:08.0568 6776 Browser - ok
15:19:08.0598 6776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:19:08.0613 6776 Brserid - ok
15:19:08.0628 6776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:19:08.0633 6776 BrSerWdm - ok
15:19:08.0653 6776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:19:08.0658 6776 BrUsbMdm - ok
15:19:08.0673 6776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:19:08.0683 6776 BrUsbSer - ok
15:19:08.0718 6776 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:19:08.0723 6776 BthEnum - ok
15:19:08.0738 6776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:19:08.0758 6776 BTHMODEM - ok
15:19:08.0813 6776 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:19:08.0833 6776 BthPan - ok
15:19:08.0878 6776 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
15:19:08.0908 6776 BTHPORT - ok
15:19:08.0948 6776 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:19:08.0953 6776 bthserv - ok
15:19:08.0973 6776 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
15:19:08.0993 6776 BTHUSB - ok
15:19:09.0068 6776 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
15:19:09.0113 6776 BTWAMPFL - ok
15:19:09.0158 6776 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
15:19:09.0188 6776 btwaudio - ok
15:19:09.0228 6776 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
15:19:09.0268 6776 btwavdt - ok
15:19:09.0373 6776 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:19:09.0408 6776 btwdins - ok
15:19:09.0428 6776 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:19:09.0438 6776 btwl2cap - ok
15:19:09.0448 6776 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
15:19:09.0453 6776 btwrchid - ok
15:19:09.0553 6776 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
15:19:09.0553 6776 ccEvtMgr - ok
15:19:09.0563 6776 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
15:19:09.0563 6776 ccSetMgr - ok
15:19:09.0598 6776 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:19:09.0603 6776 cdfs - ok
15:19:09.0643 6776 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:19:09.0668 6776 cdrom - ok
15:19:09.0718 6776 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:19:09.0718 6776 CertPropSvc - ok
15:19:09.0753 6776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:19:09.0768 6776 circlass - ok
15:19:09.0813 6776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:19:09.0828 6776 CLFS - ok
15:19:09.0903 6776 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:19:09.0908 6776 clr_optimization_v2.0.50727_32 - ok
15:19:09.0938 6776 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:19:09.0943 6776 clr_optimization_v2.0.50727_64 - ok
15:19:10.0013 6776 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:19:10.0023 6776 clr_optimization_v4.0.30319_32 - ok
15:19:10.0063 6776 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:19:10.0068 6776 clr_optimization_v4.0.30319_64 - ok
15:19:10.0103 6776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:19:10.0108 6776 CmBatt - ok
15:19:10.0123 6776 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:19:10.0138 6776 cmdide - ok
15:19:10.0188 6776 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:19:10.0208 6776 CNG - ok
15:19:10.0233 6776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:19:10.0238 6776 Compbatt - ok
15:19:10.0263 6776 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:19:10.0268 6776 CompositeBus - ok
15:19:10.0283 6776 COMSysApp - ok
15:19:10.0298 6776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:19:10.0308 6776 crcdisk - ok
15:19:10.0423 6776 Credential Vault Host Control Service (6e163faaf624a03a88dfd92e607de6e5) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
15:19:10.0478 6776 Credential Vault Host Control Service - ok
15:19:10.0503 6776 Credential Vault Host Storage (8884b4d345ddb029f43ad2e7add54a30) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
15:19:10.0503 6776 Credential Vault Host Storage - ok
15:19:10.0559 6776 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:19:10.0564 6776 CryptSvc - ok
15:19:10.0610 6776 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:19:10.0620 6776 CSC - ok
15:19:10.0675 6776 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:19:10.0710 6776 CscService - ok
15:19:10.0745 6776 CtClsFlt (8ce04a5bdd2ce6e62ce02a1c27093104) C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:19:10.0795 6776 CtClsFlt - ok
15:19:10.0845 6776 cvusbdrv (a84caae89b487931200b969d94018afa) C:\Windows\system32\Drivers\cvusbdrv.sys
15:19:10.0865 6776 cvusbdrv - ok
15:19:11.0435 6776 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:19:11.0445 6776 DcomLaunch - ok
15:19:11.0520 6776 dcpsysmgrsvc (3562c84415080b8b0c4d695a43372e3e) c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
15:19:11.0540 6776 dcpsysmgrsvc - ok
15:19:11.0580 6776 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:19:11.0595 6776 defragsvc - ok
15:19:11.0655 6776 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:19:11.0655 6776 DfsC - ok
15:19:11.0700 6776 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:19:11.0715 6776 Dhcp - ok
15:19:11.0730 6776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:19:11.0730 6776 discache - ok
15:19:11.0760 6776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:19:11.0775 6776 Disk - ok
15:19:11.0805 6776 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
15:19:11.0810 6776 dmvsc - ok
15:19:11.0840 6776 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:19:11.0840 6776 Dnscache - ok
15:19:11.0870 6776 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:19:11.0875 6776 dot3svc - ok
15:19:11.0895 6776 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:19:11.0900 6776 DPS - ok
15:19:11.0940 6776 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:19:11.0950 6776 drmkaud - ok
15:19:12.0015 6776 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:19:12.0045 6776 DXGKrnl - ok
15:19:12.0090 6776 e1cexpress (5db7ceb8fb44abf01614e33bad2056e0) C:\Windows\system32\DRIVERS\e1c62x64.sys
15:19:12.0095 6776 e1cexpress - ok
15:19:12.0120 6776 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:19:12.0125 6776 EapHost - ok
15:19:12.0305 6776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:19:12.0320 6776 ebdrv - ok
15:19:12.0425 6776 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:19:12.0430 6776 eeCtrl - ok
15:19:12.0525 6776 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:19:12.0525 6776 EFS - ok
15:19:12.0610 6776 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:19:12.0630 6776 ehRecvr - ok
15:19:12.0655 6776 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:19:12.0660 6776 ehSched - ok
15:19:12.0730 6776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:19:12.0755 6776 elxstor - ok
15:19:12.0865 6776 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:19:12.0870 6776 EraserUtilRebootDrv - ok
15:19:12.0885 6776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:19:12.0905 6776 ErrDev - ok
15:19:12.0950 6776 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:19:12.0970 6776 EventSystem - ok
15:19:13.0135 6776 EvtEng (5c08b9a2baaec1f33c2d50fd166deebb) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:19:13.0170 6776 EvtEng - ok
15:19:13.0285 6776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:19:13.0290 6776 exfat - ok
15:19:13.0340 6776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:19:13.0340 6776 fastfat - ok
15:19:13.0400 6776 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:19:13.0440 6776 Fax - ok
15:19:13.0455 6776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:19:13.0460 6776 fdc - ok
15:19:13.0495 6776 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:19:13.0495 6776 fdPHost - ok
15:19:13.0515 6776 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:19:13.0515 6776 FDResPub - ok
15:19:13.0535 6776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:19:13.0535 6776 FileInfo - ok
15:19:13.0546 6776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:19:13.0546 6776 Filetrace - ok
15:19:13.0551 6776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:19:13.0556 6776 flpydisk - ok
15:19:13.0581 6776 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:19:13.0586 6776 FltMgr - ok
15:19:13.0666 6776 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:19:13.0731 6776 FontCache - ok
15:19:13.0796 6776 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:19:13.0801 6776 FontCache3.0.0.0 - ok
15:19:13.0846 6776 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:19:13.0851 6776 FsDepends - ok
15:19:13.0871 6776 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:19:13.0871 6776 Fs_Rec - ok
15:19:13.0906 6776 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:19:13.0921 6776 fvevol - ok
15:19:13.0946 6776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:19:13.0956 6776 gagp30kx - ok
15:19:14.0016 6776 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:19:14.0061 6776 gpsvc - ok
15:19:14.0161 6776 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:19:14.0161 6776 gupdate - ok
15:19:14.0176 6776 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:19:14.0176 6776 gupdatem - ok
15:19:14.0221 6776 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:19:14.0221 6776 gusvc - ok
15:19:14.0236 6776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:19:14.0256 6776 hcw85cir - ok
15:19:14.0286 6776 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:19:14.0301 6776 HDAudBus - ok
15:19:14.0336 6776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:19:14.0341 6776 HidBatt - ok
15:19:14.0376 6776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:19:14.0396 6776 HidBth - ok
15:19:14.0436 6776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:19:14.0451 6776 HidIr - ok
15:19:14.0476 6776 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:19:14.0476 6776 hidserv - ok
15:19:14.0506 6776 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:19:14.0521 6776 HidUsb - ok
15:19:14.0541 6776 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:19:14.0541 6776 hkmsvc - ok
15:19:14.0566 6776 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:19:14.0581 6776 HomeGroupListener - ok
15:19:14.0621 6776 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:19:14.0636 6776 HomeGroupProvider - ok
15:19:14.0656 6776 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:19:14.0676 6776 HpSAMD - ok
15:19:14.0726 6776 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:19:14.0756 6776 HTTP - ok
15:19:14.0776 6776 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:19:14.0776 6776 hwpolicy - ok
15:19:14.0826 6776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:19:14.0856 6776 i8042prt - ok
15:19:14.0901 6776 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
15:19:14.0901 6776 iaStor - ok
15:19:14.0956 6776 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:19:14.0976 6776 iaStorV - ok
15:19:15.0086 6776 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:19:15.0131 6776 idsvc - ok
15:19:15.0661 6776 igfx (20d7fbbbbfc60f2799a42d36ad6f633e) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:19:15.0851 6776 igfx - ok
15:19:15.0961 6776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:19:15.0991 6776 iirsp - ok
15:19:16.0066 6776 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:19:16.0081 6776 IKEEXT - ok
15:19:16.0121 6776 Intel® PROSet Monitoring Service (28d387eefad7cc3a0beb9c3262e83add) C:\Windows\system32\IProsetMonitor.exe
15:19:16.0126 6776 Intel® PROSet Monitoring Service - ok
15:19:16.0151 6776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:19:16.0156 6776 intelide - ok
15:19:16.0176 6776 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:19:16.0181 6776 intelppm - ok
15:19:16.0201 6776 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:19:16.0201 6776 IPBusEnum - ok
15:19:16.0216 6776 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:19:16.0216 6776 IpFilterDriver - ok
15:19:16.0231 6776 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:19:16.0236 6776 IPMIDRV - ok
15:19:16.0261 6776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:19:16.0266 6776 IPNAT - ok
15:19:16.0281 6776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:19:16.0281 6776 IRENUM - ok
15:19:16.0291 6776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:19:16.0301 6776 isapnp - ok
15:19:16.0331 6776 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:19:16.0351 6776 iScsiPrt - ok
15:19:16.0451 6776 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
15:19:16.0466 6776 jhi_service - ok
15:19:16.0501 6776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:19:16.0516 6776 kbdclass - ok
15:19:16.0541 6776 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:19:16.0546 6776 kbdhid - ok
15:19:16.0576 6776 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:16.0581 6776 KeyIso - ok
15:19:16.0601 6776 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:19:16.0601 6776 KSecDD - ok
15:19:16.0641 6776 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:19:16.0651 6776 KSecPkg - ok
15:19:16.0656 6776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:19:16.0656 6776 ksthunk - ok
15:19:16.0711 6776 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:19:16.0726 6776 KtmRm - ok
15:19:16.0786 6776 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:19:16.0796 6776 LanmanServer - ok
15:19:16.0831 6776 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:19:16.0836 6776 LanmanWorkstation - ok
15:19:17.0076 6776 LiveUpdate (010fd2b41e75a98e3a4d23f44405f5c9) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:19:17.0136 6776 LiveUpdate - ok
15:19:17.0306 6776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:19:17.0306 6776 lltdio - ok
15:19:17.0356 6776 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:19:17.0366 6776 lltdsvc - ok
15:19:17.0381 6776 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:19:17.0386 6776 lmhosts - ok
15:19:17.0481 6776 LMS (97f9eaac985a663394cd8f54dcd3e73a) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:19:17.0496 6776 LMS - ok
15:19:17.0531 6776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:19:17.0546 6776 LSI_FC - ok
15:19:17.0566 6776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:19:17.0626 6776 LSI_SAS - ok
15:19:17.0641 6776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:19:17.0661 6776 LSI_SAS2 - ok
15:19:17.0681 6776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:19:17.0696 6776 LSI_SCSI - ok
15:19:17.0722 6776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:19:17.0727 6776 luafv - ok
15:19:17.0752 6776 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:19:17.0757 6776 Mcx2Svc - ok
15:19:17.0767 6776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:19:17.0782 6776 megasas - ok
15:19:17.0817 6776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:19:17.0837 6776 MegaSR - ok
15:19:17.0877 6776 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
15:19:17.0907 6776 MEIx64 - ok
15:19:17.0942 6776 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:19:17.0947 6776 MMCSS - ok
15:19:17.0962 6776 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:19:17.0962 6776 Modem - ok
15:19:17.0997 6776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:19:18.0002 6776 monitor - ok
15:19:18.0017 6776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:19:18.0032 6776 mouclass - ok
15:19:18.0057 6776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:19:18.0062 6776 mouhid - ok
15:19:18.0077 6776 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:19:18.0082 6776 mountmgr - ok
15:19:18.0112 6776 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:19:18.0127 6776 mpio - ok
15:19:18.0147 6776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:19:18.0147 6776 mpsdrv - ok
15:19:18.0172 6776 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:19:18.0172 6776 MRxDAV - ok
15:19:18.0207 6776 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:19:18.0212 6776 mrxsmb - ok
15:19:18.0252 6776 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:19:18.0267 6776 mrxsmb10 - ok
15:19:18.0287 6776 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:19:18.0292 6776 mrxsmb20 - ok
15:19:18.0322 6776 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:19:18.0332 6776 msahci - ok
15:19:18.0362 6776 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:19:18.0377 6776 msdsm - ok
15:19:18.0412 6776 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:19:18.0417 6776 MSDTC - ok
15:19:18.0432 6776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:19:18.0432 6776 Msfs - ok
15:19:18.0452 6776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:19:18.0457 6776 mshidkmdf - ok
15:19:18.0482 6776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:19:18.0487 6776 msisadrv - ok
15:19:18.0517 6776 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:19:18.0532 6776 MSiSCSI - ok
15:19:18.0537 6776 msiserver - ok
15:19:18.0562 6776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:19:18.0562 6776 MSKSSRV - ok
15:19:18.0572 6776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:19:18.0572 6776 MSPCLOCK - ok
15:19:18.0587 6776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:19:18.0587 6776 MSPQM - ok
15:19:18.0627 6776 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:19:18.0642 6776 MsRPC - ok
15:19:18.0657 6776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:19:18.0667 6776 mssmbios - ok
15:19:18.0682 6776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:19:18.0682 6776 MSTEE - ok
15:19:18.0692 6776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:19:18.0697 6776 MTConfig - ok
15:19:18.0722 6776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:19:18.0722 6776 Mup - ok
15:19:18.0772 6776 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:19:18.0807 6776 napagent - ok
15:19:18.0867 6776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:19:18.0882 6776 NativeWifiP - ok
15:19:19.0037 6776 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120605.002\ENG64.SYS
15:19:19.0042 6776 NAVENG - ok
15:19:19.0162 6776 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120605.002\EX64.SYS
15:19:19.0237 6776 NAVEX15 - ok
15:19:19.0387 6776 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
15:19:19.0432 6776 NDIS - ok
15:19:19.0472 6776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:19:19.0472 6776 NdisCap - ok
15:19:19.0497 6776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:19:19.0502 6776 NdisTapi - ok
15:19:19.0532 6776 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:19:19.0532 6776 Ndisuio - ok
15:19:19.0552 6776 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:19:19.0557 6776 NdisWan - ok
15:19:19.0577 6776 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:19:19.0582 6776 NDProxy - ok
15:19:19.0617 6776 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
15:19:19.0627 6776 Net Driver HPZ12 - ok
15:19:19.0637 6776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:19:19.0642 6776 NetBIOS - ok
15:19:19.0667 6776 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:19:19.0672 6776 NetBT - ok
15:19:19.0692 6776 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:19.0692 6776 Netlogon - ok
15:19:19.0747 6776 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:19:19.0767 6776 Netman - ok
15:19:19.0847 6776 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:19.0857 6776 NetMsmqActivator - ok
15:19:19.0862 6776 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:19.0867 6776 NetPipeActivator - ok
15:19:19.0917 6776 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:19:19.0917 6776 netprofm - ok
15:19:19.0922 6776 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:19.0922 6776 NetTcpActivator - ok
15:19:19.0922 6776 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:19.0927 6776 NetTcpPortSharing - ok
15:19:19.0997 6776 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys
15:19:20.0022 6776 netvsc - ok
15:19:20.0392 6776 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
15:19:20.0543 6776 NETwNs64 - ok
15:19:20.0628 6776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:19:20.0658 6776 nfrd960 - ok
15:19:20.0698 6776 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:19:20.0708 6776 NlaSvc - ok
15:19:20.0728 6776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:19:20.0728 6776 Npfs - ok
15:19:20.0743 6776 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:19:20.0743 6776 nsi - ok
15:19:20.0753 6776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:19:20.0753 6776 nsiproxy - ok
15:19:20.0858 6776 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:19:20.0883 6776 Ntfs - ok
15:19:20.0953 6776 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:19:20.0953 6776 Null - ok
15:19:21.0003 6776 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
15:19:21.0033 6776 NVHDA - ok
15:19:21.0608 6776 nvlddmkm (70e89a21827b2669af906b703c7c48b5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:19:21.0848 6776 nvlddmkm - ok
15:19:21.0918 6776 nvpciflt (4b9c0c2bf78289513101eb0d44834701) C:\Windows\system32\DRIVERS\nvpciflt.sys
15:19:21.0923 6776 nvpciflt - ok
15:19:21.0958 6776 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:19:21.0968 6776 nvraid - ok
15:19:22.0003 6776 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:19:22.0023 6776 nvstor - ok
15:19:22.0098 6776 NVSvc (e04fce1d149cf05c3449e3171f9c3e41) C:\Windows\system32\nvvsvc.exe
15:19:22.0113 6776 NVSvc - ok
15:19:22.0288 6776 nvUpdatusService (d96ddea6c699a99832e0186057801971) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:19:22.0328 6776 nvUpdatusService - ok
15:19:22.0448 6776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:19:22.0473 6776 nv_agp - ok
15:19:22.0498 6776 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe
15:19:22.0498 6776 O2FLASH - ok
15:19:22.0533 6776 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\DRIVERS\O2MDFw7x64.sys
15:19:22.0563 6776 O2MDFRDR - ok
15:19:22.0583 6776 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\drivers\O2MDRw7x64.sys
15:19:22.0608 6776 O2MDRRDR - ok
15:19:22.0683 6776 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe
15:19:22.0683 6776 O2SDIOAssist - ok
15:19:22.0708 6776 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
15:19:22.0728 6776 O2SDJRDR - ok
15:19:22.0823 6776 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:19:22.0843 6776 odserv - ok
15:19:22.0878 6776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:19:22.0888 6776 ohci1394 - ok
15:19:22.0943 6776 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:19:22.0953 6776 ose - ok
15:19:23.0233 6776 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:19:23.0328 6776 osppsvc - ok
15:19:23.0428 6776 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:19:23.0443 6776 p2pimsvc - ok
15:19:23.0498 6776 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:19:23.0518 6776 p2psvc - ok
15:19:23.0563 6776 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:19:23.0588 6776 Parport - ok
15:19:23.0603 6776 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:19:23.0603 6776 partmgr - ok
15:19:23.0628 6776 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys
15:19:23.0643 6776 PBADRV - ok
15:19:23.0668 6776 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:19:23.0668 6776 PcaSvc - ok
15:19:23.0698 6776 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:19:23.0718 6776 pci - ok
15:19:23.0743 6776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:19:23.0758 6776 pciide - ok
15:19:23.0793 6776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:19:23.0808 6776 pcmcia - ok
15:19:23.0828 6776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:19:23.0828 6776 pcw - ok
15:19:23.0878 6776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:19:23.0903 6776 PEAUTH - ok
15:19:23.0998 6776 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:19:24.0023 6776 PeerDistSvc - ok
15:19:24.0093 6776 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:19:24.0093 6776 PerfHost - ok
15:19:24.0233 6776 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:19:24.0238 6776 pla - ok
15:19:24.0293 6776 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:19:24.0313 6776 PlugPlay - ok
15:19:24.0353 6776 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
15:19:24.0383 6776 Pml Driver HPZ12 - ok
15:19:24.0403 6776 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:19:24.0403 6776 PNRPAutoReg - ok
15:19:24.0438 6776 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:19:24.0443 6776 PNRPsvc - ok
15:19:24.0483 6776 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:19:24.0503 6776 PolicyAgent - ok
15:19:24.0538 6776 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:19:24.0543 6776 Power - ok
15:19:24.0573 6776 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:19:24.0573 6776 PptpMiniport - ok
15:19:24.0603 6776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:19:24.0623 6776 Processor - ok
15:19:24.0653 6776 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:19:24.0658 6776 ProfSvc - ok
15:19:24.0688 6776 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:24.0693 6776 ProtectedStorage - ok
15:19:24.0723 6776 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:19:24.0723 6776 Psched - ok
15:19:24.0783 6776 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:19:24.0813 6776 PxHlpa64 - ok
15:19:24.0934 6776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:19:24.0999 6776 ql2300 - ok
15:19:25.0124 6776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:19:25.0149 6776 ql40xx - ok
15:19:25.0189 6776 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:19:25.0194 6776 QWAVE - ok
15:19:25.0234 6776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:19:25.0234 6776 QWAVEdrv - ok
15:19:25.0244 6776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:19:25.0244 6776 RasAcd - ok
15:19:25.0274 6776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:19:25.0279 6776 RasAgileVpn - ok
15:19:25.0304 6776 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:19:25.0304 6776 RasAuto - ok
15:19:25.0329 6776 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:19:25.0334 6776 Rasl2tp - ok
15:19:25.0374 6776 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:19:25.0394 6776 RasMan - ok
15:19:25.0419 6776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:19:25.0419 6776 RasPppoe - ok
15:19:25.0444 6776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:19:25.0444 6776 RasSstp - ok
15:19:25.0469 6776 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:19:25.0484 6776 rdbss - ok
15:19:25.0504 6776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:19:25.0514 6776 rdpbus - ok
15:19:25.0524 6776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:19:25.0524 6776 RDPCDD - ok
15:19:25.0560 6776 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:19:25.0560 6776 RDPDR - ok
15:19:25.0590 6776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:19:25.0590 6776 RDPENCDD - ok
15:19:25.0605 6776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:19:25.0605 6776 RDPREFMP - ok
15:19:25.0625 6776 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:19:25.0635 6776 RDPWD - ok
15:19:25.0675 6776 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:19:25.0690 6776 rdyboost - ok
15:19:25.0810 6776 RegSrvc (f90cc59135f2945a6ebb1670a7bbd8b3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:19:25.0865 6776 RegSrvc - ok
15:19:25.0905 6776 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:19:25.0915 6776 RemoteAccess - ok
15:19:25.0950 6776 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:19:25.0955 6776 RemoteRegistry - ok
15:19:26.0025 6776 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:19:26.0050 6776 RFCOMM - ok
15:19:26.0070 6776 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:19:26.0075 6776 RpcEptMapper - ok
15:19:26.0095 6776 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:19:26.0100 6776 RpcLocator - ok
15:19:26.0135 6776 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:19:26.0145 6776 RpcSs - ok
15:19:26.0180 6776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:19:26.0180 6776 rspndr - ok
15:19:26.0205 6776 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:19:26.0220 6776 s3cap - ok
15:19:26.0255 6776 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:26.0255 6776 SamSs - ok
15:19:26.0285 6776 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:19:26.0315 6776 sbp2port - ok
15:19:26.0345 6776 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:19:26.0360 6776 SCardSvr - ok
15:19:26.0365 6776 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:19:26.0365 6776 scfilter - ok
15:19:26.0435 6776 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:19:26.0465 6776 Schedule - ok
15:19:26.0495 6776 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:19:26.0500 6776 SCPolicySvc - ok
15:19:26.0520 6776 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:19:26.0535 6776 SDRSVC - ok
15:19:26.0595 6776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:19:26.0610 6776 secdrv - ok
15:19:26.0625 6776 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:19:26.0625 6776 seclogon - ok
15:19:26.0815 6776 SecureStorageService (f3d951071c624137430fe65a67541ef9) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
15:19:26.0880 6776 SecureStorageService - ok
15:19:26.0995 6776 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:19:27.0000 6776 SENS - ok
15:19:27.0015 6776 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:19:27.0020 6776 SensrSvc - ok
15:19:27.0070 6776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:19:27.0085 6776 Serenum - ok
15:19:27.0105 6776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:19:27.0110 6776 Serial - ok
15:19:27.0135 6776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:19:27.0140 6776 sermouse - ok
15:19:27.0155 6776 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:19:27.0155 6776 SessionEnv - ok
15:19:27.0170 6776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:19:27.0175 6776 sffdisk - ok
15:19:27.0180 6776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:19:27.0185 6776 sffp_mmc - ok
15:19:27.0200 6776 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:19:27.0205 6776 sffp_sd - ok
15:19:27.0220 6776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:19:27.0220 6776 sfloppy - ok
15:19:27.0260 6776 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:19:27.0265 6776 ShellHWDetection - ok
15:19:27.0285 6776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:19:27.0295 6776 SiSRaid2 - ok
15:19:27.0300 6776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:19:27.0310 6776 SiSRaid4 - ok
15:19:27.0330 6776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:19:27.0335 6776 Smb - ok
15:19:27.0575 6776 SmcService (ad97b711074cf27da0c00f2c26e1a62c) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
15:19:27.0590 6776 SmcService - ok
15:19:27.0720 6776 SMR250 (27f71f20e87fbf177c82ae924f9317f7) C:\Windows\system32\drivers\SMR250.SYS
15:19:27.0740 6776 SMR250 - ok
15:19:27.0800 6776 SNAC (91bd8e268d93aaf5f59aac9de84a25bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
15:19:27.0820 6776 SNAC - ok
15:19:27.0860 6776 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:19:27.0860 6776 SNMPTRAP - ok
15:19:27.0880 6776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:19:27.0880 6776 spldr - ok
15:19:27.0930 6776 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:19:27.0945 6776 Spooler - ok
15:19:28.0120 6776 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:19:28.0135 6776 sppsvc - ok
15:19:28.0215 6776 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:19:28.0220 6776 sppuinotify - ok
15:19:28.0280 6776 SRTSP (32900ac9cfdc578531279886ca16a4df) C:\Windows\system32\Drivers\SRTSP64.SYS
15:19:28.0310 6776 SRTSP - ok
15:19:28.0365 6776 SRTSPL (8929566d1f14685fd78eaf25bee3ecc7) C:\Windows\system32\Drivers\SRTSPL64.SYS
15:19:28.0390 6776 SRTSPL - ok
15:19:28.0405 6776 SRTSPX (cb2fdf47ee67f8cca5362ed9b94fe955) C:\Windows\system32\Drivers\SRTSPX64.SYS
15:19:28.0410 6776 SRTSPX - ok
15:19:28.0455 6776 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:19:28.0470 6776 srv - ok
15:19:28.0525 6776 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:19:28.0540 6776 srv2 - ok
15:19:28.0565 6776 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:19:28.0570 6776 srvnet - ok
15:19:28.0605 6776 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:19:28.0620 6776 SSDPSRV - ok
15:19:28.0650 6776 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:19:28.0655 6776 SstpSvc - ok
15:19:28.0735 6776 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
15:19:28.0740 6776 STacSV - ok
15:19:28.0785 6776 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
15:19:28.0800 6776 stdcfltn - ok
15:19:28.0895 6776 Stereo Service (479321c119b54d7f13a91e16cf7c2e9a) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:19:28.0910 6776 Stereo Service - ok
15:19:28.0940 6776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:19:28.0955 6776 stexstor - ok
15:19:28.0995 6776 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
15:19:29.0045 6776 STHDA - ok
15:19:29.0095 6776 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:19:29.0130 6776 stisvc - ok
15:19:29.0150 6776 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:19:29.0155 6776 StorSvc - ok
15:19:29.0180 6776 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:19:29.0200 6776 storvsc - ok
15:19:29.0215 6776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:19:29.0220 6776 swenum - ok
15:19:29.0270 6776 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:19:29.0315 6776 swprv - ok
15:19:29.0500 6776 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
15:19:29.0560 6776 Symantec AntiVirus - ok
15:19:29.0690 6776 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:19:29.0705 6776 SymEvent - ok
15:19:29.0735 6776 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:19:29.0750 6776 SynthVid - ok
15:19:29.0855 6776 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:19:29.0905 6776 SysMain - ok
15:19:29.0965 6776 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:19:29.0970 6776 TabletInputService - ok
15:19:30.0000 6776 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:19:30.0015 6776 TapiSrv - ok
15:19:30.0035 6776 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:19:30.0040 6776 TBS - ok
15:19:30.0185 6776 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:19:30.0220 6776 Tcpip - ok
15:19:30.0390 6776 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:19:30.0405 6776 TCPIP6 - ok
15:19:30.0490 6776 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:19:30.0490 6776 tcpipreg - ok
15:19:30.0641 6776 tcsd_win32.exe (e42d560e2163480e7b586b14abeb3386) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
15:19:30.0646 6776 tcsd_win32.exe - ok
15:19:30.0911 6776 TdmService (e76a51f32fa99be0de3b8071c9c82e8c) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
15:19:31.0001 6776 TdmService - ok
15:19:31.0106 6776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:19:31.0106 6776 TDPIPE - ok
15:19:31.0131 6776 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:19:31.0131 6776 TDTCP - ok
15:19:31.0151 6776 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:19:31.0156 6776 tdx - ok
15:19:31.0181 6776 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
15:19:31.0211 6776 TermDD - ok
15:19:31.0266 6776 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:19:31.0291 6776 TermService - ok
15:19:31.0306 6776 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:19:31.0311 6776 Themes - ok
15:19:31.0326 6776 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:19:31.0326 6776 THREADORDER - ok
15:19:31.0346 6776 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:19:31.0346 6776 TrkWks - ok
15:19:31.0386 6776 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:19:31.0391 6776 TrustedInstaller - ok
15:19:31.0411 6776 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:19:31.0411 6776 tssecsrv - ok
15:19:31.0431 6776 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:19:31.0431 6776 TsUsbFlt - ok
15:19:31.0451 6776 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:19:31.0461 6776 TsUsbGD - ok
15:19:31.0481 6776 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:19:31.0481 6776 tunnel - ok
15:19:31.0501 6776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:19:31.0511 6776 uagp35 - ok
15:19:31.0546 6776 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:19:31.0566 6776 udfs - ok
15:19:31.0601 6776 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:19:31.0601 6776 UI0Detect - ok
15:19:31.0631 6776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:19:31.0646 6776 uliagpkx - ok
15:19:31.0681 6776 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:19:31.0686 6776 umbus - ok
15:19:31.0706 6776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:19:31.0721 6776 UmPass - ok
15:19:31.0751 6776 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:19:31.0766 6776 UmRdpService - ok
15:19:31.0976 6776 UNS (a69cd6bdb82872999d2e46f9324ada83) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:19:32.0042 6776 UNS - ok
15:19:32.0147 6776 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:19:32.0167 6776 upnphost - ok
15:19:32.0252 6776 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:19:32.0267 6776 USBAAPL64 - ok
15:19:32.0297 6776 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
15:19:32.0317 6776 usbccgp - ok
15:19:32.0357 6776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:19:32.0372 6776 usbcir - ok
15:19:32.0387 6776 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:19:32.0392 6776 usbehci - ok
15:19:32.0437 6776 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
15:19:32.0467 6776 usbhub - ok
15:19:32.0487 6776 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:19:32.0492 6776 usbohci - ok
15:19:32.0512 6776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:19:32.0527 6776 usbprint - ok
15:19:32.0542 6776 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:19:32.0547 6776 USBSTOR - ok
15:19:32.0567 6776 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:19:32.0582 6776 usbuhci - ok
15:19:32.0632 6776 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:19:32.0657 6776 usbvideo - ok
15:19:32.0687 6776 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:19:32.0692 6776 UxSms - ok
15:19:32.0727 6776 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:32.0727 6776 VaultSvc - ok
15:19:32.0747 6776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:19:32.0767 6776 vdrvroot - ok
15:19:32.0812 6776 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:19:32.0832 6776 vds - ok
15:19:32.0852 6776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:19:32.0862 6776 vga - ok
15:19:32.0877 6776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:19:32.0877 6776 VgaSave - ok
15:19:32.0907 6776 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:19:32.0942 6776 vhdmp - ok
15:19:32.0957 6776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:19:32.0972 6776 viaide - ok
15:19:33.0002 6776 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:19:33.0007 6776 VMBusHID - ok
15:19:33.0027 6776 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:19:33.0047 6776 volmgr - ok
15:19:33.0082 6776 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:19:33.0102 6776 volmgrx - ok
15:19:33.0127 6776 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:19:33.0137 6776 volsnap - ok
15:19:33.0157 6776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:19:33.0167 6776 vsmraid - ok
15:19:33.0267 6776 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:19:33.0322 6776 VSS - ok
15:19:33.0452 6776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:19:33.0452 6776 vwifibus - ok
15:19:33.0492 6776 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:19:33.0492 6776 vwififlt - ok
15:19:33.0527 6776 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:19:33.0527 6776 vwifimp - ok
15:19:33.0567 6776 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:19:33.0587 6776 W32Time - ok
15:19:33.0607 6776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:19:33.0617 6776 WacomPen - ok
15:19:33.0652 6776 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:19:33.0652 6776 WANARP - ok
15:19:33.0657 6776 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:19:33.0662 6776 Wanarpv6 - ok
15:19:33.0772 6776 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:19:33.0837 6776 WatAdminSvc - ok
15:19:33.0932 6776 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:19:33.0962 6776 wbengine - ok
15:19:34.0062 6776 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:19:34.0077 6776 WbioSrvc - ok
15:19:34.0112 6776 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:19:34.0117 6776 wcncsvc - ok
15:19:34.0132 6776 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:19:34.0137 6776 WcsPlugInService - ok
15:19:34.0172 6776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:19:34.0182 6776 Wd - ok
15:19:34.0227 6776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:19:34.0252 6776 Wdf01000 - ok
15:19:34.0267 6776 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:19:34.0272 6776 WdiServiceHost - ok
15:19:34.0282 6776 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:19:34.0287 6776 WdiSystemHost - ok
15:19:34.0317 6776 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:19:34.0317 6776 WebClient - ok
15:19:34.0337 6776 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:19:34.0347 6776 Wecsvc - ok
15:19:34.0367 6776 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:19:34.0372 6776 wercplsupport - ok
15:19:34.0402 6776 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:19:34.0407 6776 WerSvc - ok
15:19:34.0432 6776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:19:34.0437 6776 WfpLwf - ok
15:19:34.0452 6776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:19:34.0452 6776 WIMMount - ok
15:19:34.0457 6776 WinHttpAutoProxySvc - ok
15:19:34.0522 6776 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:19:34.0537 6776 Winmgmt - ok
15:19:34.0657 6776 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:19:34.0667 6776 WinRM - ok
15:19:34.0767 6776 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
15:19:34.0782 6776 WinUsb - ok
15:19:34.0837 6776 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:19:34.0852 6776 Wlansvc - ok
15:19:34.0877 6776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:19:34.0892 6776 WmiAcpi - ok
15:19:34.0962 6776 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:19:34.0977 6776 wmiApSrv - ok
15:19:35.0002 6776 WMPNetworkSvc - ok
15:19:35.0027 6776 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:19:35.0032 6776 WPCSvc - ok
15:19:35.0057 6776 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:19:35.0057 6776 WPDBusEnum - ok
15:19:35.0072 6776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:19:35.0072 6776 ws2ifsl - ok
15:19:35.0072 6776 WSearch - ok
15:19:35.0197 6776 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:19:35.0207 6776 wuauserv - ok
15:19:35.0312 6776 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:19:35.0317 6776 WudfPf - ok
15:19:35.0342 6776 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:19:35.0342 6776 WUDFRd - ok
15:19:35.0357 6776 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:19:35.0357 6776 wudfsvc - ok
15:19:35.0377 6776 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:19:35.0387 6776 WwanSvc - ok
15:19:35.0507 6776 ZcfgSvc7 (b87e12317928739e22d2e3acc7ccac80) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
15:19:35.0522 6776 ZcfgSvc7 - ok
15:19:35.0547 6776 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:19:35.0748 6776 \Device\Harddisk0\DR0 - ok
15:19:35.0753 6776 Boot (0x1200) (8b59e0e91eb907df9328b3c83c05f21d) \Device\Harddisk0\DR0\Partition0
15:19:35.0758 6776 \Device\Harddisk0\DR0\Partition0 - ok
15:19:35.0773 6776 Boot (0x1200) (39fbb78b705a6e394014b2347a4d6873) \Device\Harddisk0\DR0\Partition1
15:19:35.0778 6776 \Device\Harddisk0\DR0\Partition1 - ok
15:19:35.0778 6776 ============================================================
15:19:35.0778 6776 Scan finished
15:19:35.0778 6776 ============================================================
15:19:35.0783 5412 Detected object count: 0
15:19:35.0783 5412 Actual detected object count: 0
15:21:24.0887 4300 ============================================================
15:21:24.0887 4300 Scan started
15:21:24.0887 4300 Mode: Manual; SigCheck; TDLFS;
15:21:24.0887 4300 ============================================================
15:21:25.0367 4300 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:21:25.0472 4300 1394ohci - ok
15:21:25.0497 4300 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
15:21:25.0517 4300 Acceler - ok
15:21:25.0582 4300 accoca (ec4a5d4e36a8e49261cd823450e0ba51) C:\Program Files (x86)\ActivIdentity\ActivClient\accoca.exe
15:21:25.0622 4300 accoca - ok
15:21:25.0647 4300 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:21:25.0662 4300 ACPI - ok
15:21:25.0677 4300 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:21:25.0697 4300 AcpiPmi - ok
15:21:25.0727 4300 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:21:25.0742 4300 adp94xx - ok
15:21:25.0772 4300 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:21:25.0802 4300 adpahci - ok
15:21:25.0827 4300 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:21:25.0857 4300 adpu320 - ok
15:21:25.0877 4300 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:21:25.0922 4300 AeLookupSvc - ok
15:21:25.0972 4300 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:21:26.0012 4300 AESTFilters - ok
15:21:26.0072 4300 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:21:26.0117 4300 AFD - ok
15:21:26.0132 4300 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:21:26.0157 4300 agp440 - ok
15:21:26.0177 4300 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:21:26.0202 4300 ALG - ok
15:21:26.0222 4300 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:21:26.0227 4300 aliide - ok
15:21:26.0237 4300 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:21:26.0253 4300 amdide - ok
15:21:26.0258 4300 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:21:26.0268 4300 AmdK8 - ok
15:21:26.0278 4300 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:21:26.0288 4300 AmdPPM - ok
15:21:26.0333 4300 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:21:26.0368 4300 amdsata - ok
15:21:26.0393 4300 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:21:26.0403 4300 amdsbs - ok
15:21:26.0413 4300 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:21:26.0423 4300 amdxata - ok
15:21:26.0468 4300 ApfiltrService (e4f6a272a696b6442e5c84ec470e3676) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:21:26.0493 4300 ApfiltrService - ok
15:21:26.0518 4300 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:21:26.0558 4300 AppID - ok
15:21:26.0578 4300 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:21:26.0603 4300 AppIDSvc - ok
15:21:26.0618 4300 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:21:26.0648 4300 Appinfo - ok
15:21:26.0753 4300 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:21:26.0813 4300 Apple Mobile Device - ok
15:21:26.0843 4300 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:21:26.0898 4300 AppMgmt - ok
15:21:26.0918 4300 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:21:26.0928 4300 arc - ok
15:21:26.0958 4300 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:21:26.0978 4300 arcsas - ok
15:21:27.0058 4300 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:21:27.0103 4300 aspnet_state - ok
15:21:27.0118 4300 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:21:27.0143 4300 AsyncMac - ok
15:21:27.0163 4300 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:21:27.0178 4300 atapi - ok
15:21:27.0238 4300 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:21:27.0303 4300 AudioEndpointBuilder - ok
15:21:27.0303 4300 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:21:27.0348 4300 AudioSrv - ok
15:21:27.0363 4300 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:21:27.0408 4300 AxInstSV - ok
15:21:27.0443 4300 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:21:27.0493 4300 b06bdrv - ok
15:21:27.0533 4300 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:21:27.0543 4300 b57nd60a - ok
15:21:27.0563 4300 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:21:27.0583 4300 BDESVC - ok
15:21:27.0588 4300 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:21:27.0613 4300 Beep - ok
15:21:27.0673 4300 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:21:27.0713 4300 BITS - ok
15:21:27.0738 4300 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:21:27.0763 4300 blbdrive - ok
15:21:27.0843 4300 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:21:27.0873 4300 Bonjour Service - ok
15:21:27.0903 4300 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:21:27.0948 4300 bowser - ok
15:21:27.0963 4300 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:21:27.0978 4300 BrFiltLo - ok
15:21:27.0988 4300 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:21:27.0998 4300 BrFiltUp - ok
15:21:28.0028 4300 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:21:28.0058 4300 Browser - ok
15:21:28.0088 4300 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:21:28.0128 4300 Brserid - ok
15:21:28.0143 4300 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:21:28.0153 4300 BrSerWdm - ok
15:21:28.0168 4300 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:21:28.0178 4300 BrUsbMdm - ok
15:21:28.0188 4300 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:21:28.0198 4300 BrUsbSer - ok
15:21:28.0223 4300 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:21:28.0258 4300 BthEnum - ok
15:21:28.0278 4300 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:21:28.0288 4300 BTHMODEM - ok
15:21:28.0318 4300 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:21:28.0368 4300 BthPan - ok
15:21:28.0413 4300 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
15:21:28.0443 4300 BTHPORT - ok
15:21:28.0463 4300 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:21:28.0488 4300 bthserv - ok
15:21:28.0503 4300 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
15:21:28.0513 4300 BTHUSB - ok
15:21:28.0543 4300 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
15:21:28.0558 4300 BTWAMPFL - ok
15:21:28.0583 4300 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
15:21:28.0603 4300 btwaudio - ok
15:21:28.0628 4300 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
15:21:28.0638 4300 btwavdt - ok
15:21:28.0728 4300 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:21:28.0753 4300 btwdins - ok
15:21:28.0768 4300 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:21:28.0778 4300 btwl2cap - ok
15:21:28.0803 4300 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
15:21:28.0813 4300 btwrchid - ok
15:21:28.0883 4300 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
15:21:28.0918 4300 ccEvtMgr - ok
15:21:28.0923 4300 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
15:21:28.0933 4300 ccSetMgr - ok
15:21:28.0963 4300 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:21:28.0993 4300 cdfs - ok
15:21:29.0013 4300 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:21:29.0023 4300 cdrom - ok
15:21:29.0048 4300 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:21:29.0073 4300 CertPropSvc - ok
15:21:29.0093 4300 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:21:29.0103 4300 circlass - ok
15:21:29.0128 4300 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:21:29.0148 4300 CLFS - ok
15:21:29.0213 4300 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:21:29.0283 4300 clr_optimization_v2.0.50727_32 - ok
15:21:29.0303 4300 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:21:29.0333 4300 clr_optimization_v2.0.50727_64 - ok
15:21:29.0383 4300 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:21:29.0428 4300 clr_optimization_v4.0.30319_32 - ok
15:21:29.0468 4300 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:21:29.0493 4300 clr_optimization_v4.0.30319_64 - ok
15:21:29.0513 4300 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:21:29.0538 4300 CmBatt - ok
15:21:29.0553 4300 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:21:29.0563 4300 cmdide - ok
15:21:29.0623 4300 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:21:29.0653 4300 CNG - ok
15:21:29.0663 4300 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:21:29.0673 4300 Compbatt - ok
15:21:29.0683 4300 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:21:29.0698 4300 CompositeBus - ok
15:21:29.0698 4300 COMSysApp - ok
15:21:29.0713 4300 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:21:29.0728 4300 crcdisk - ok
15:21:29.0828 4300 Credential Vault Host Control Service (6e163faaf624a03a88dfd92e607de6e5) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
15:21:29.0858 4300 Credential Vault Host Control Service - ok
15:21:29.0873 4300 Credential Vault Host Storage (8884b4d345ddb029f43ad2e7add54a30) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
15:21:29.0883 4300 Credential Vault Host Storage - ok
15:21:29.0923 4300 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:21:29.0983 4300 CryptSvc - ok
15:21:30.0033 4300 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:21:30.0078 4300 CSC - ok
15:21:30.0123 4300 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:21:30.0158 4300 CscService - ok
15:21:30.0183 4300 CtClsFlt (8ce04a5bdd2ce6e62ce02a1c27093104) C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:21:30.0218 4300 CtClsFlt - ok
15:21:30.0253 4300 cvusbdrv (a84caae89b487931200b969d94018afa) C:\Windows\system32\Drivers\cvusbdrv.sys
15:21:30.0258 4300 cvusbdrv - ok
15:21:30.0303 4300 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:21:30.0358 4300 DcomLaunch - ok
15:21:30.0433 4300 dcpsysmgrsvc (3562c84415080b8b0c4d695a43372e3e) c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
15:21:30.0458 4300 dcpsysmgrsvc - ok
15:21:30.0493 4300 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:21:30.0533 4300 defragsvc - ok
15:21:30.0588 4300 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:21:30.0638 4300 DfsC - ok
15:21:30.0663 4300 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:21:30.0703 4300 Dhcp - ok
15:21:30.0713 4300 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:21:30.0743 4300 discache - ok
15:21:30.0773 4300 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:21:30.0793 4300 Disk - ok
15:21:30.0823 4300 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
15:21:30.0853 4300 dmvsc - ok
15:21:30.0883 4300 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:21:30.0928 4300 Dnscache - ok
15:21:30.0953 4300 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:21:31.0003 4300 dot3svc - ok
15:21:31.0018 4300 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:21:31.0048 4300 DPS - ok
15:21:31.0063 4300 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:21:31.0078 4300 drmkaud - ok
15:21:31.0153 4300 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:21:31.0188 4300 DXGKrnl - ok
15:21:31.0233 4300 e1cexpress (5db7ceb8fb44abf01614e33bad2056e0) C:\Windows\system32\DRIVERS\e1c62x64.sys
15:21:31.0263 4300 e1cexpress - ok
15:21:31.0283 4300 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:21:31.0308 4300 EapHost - ok
15:21:31.0468 4300 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:21:31.0503 4300 ebdrv - ok
15:21:31.0608 4300 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:21:31.0663 4300 eeCtrl - ok
15:21:31.0783 4300 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:21:31.0828 4300 EFS - ok
15:21:31.0924 4300 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:21:31.0979 4300 ehRecvr - ok
15:21:31.0999 4300 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:21:32.0014 4300 ehSched - ok
15:21:32.0089 4300 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:21:32.0109 4300 elxstor - ok
15:21:32.0209 4300 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:21:32.0219 4300 EraserUtilRebootDrv - ok
15:21:32.0234 4300 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:21:32.0244 4300 ErrDev - ok
15:21:32.0299 4300 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:21:32.0349 4300 EventSystem - ok
15:21:32.0504 4300 EvtEng (5c08b9a2baaec1f33c2d50fd166deebb) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:21:32.0554 4300 EvtEng - ok
15:21:32.0679 4300 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:21:32.0729 4300 exfat - ok
15:21:32.0749 4300 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:21:32.0789 4300 fastfat - ok
15:21:32.0839 4300 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:21:32.0869 4300 Fax - ok
15:21:32.0879 4300 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:21:32.0894 4300 fdc - ok
15:21:32.0909 4300 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:21:32.0949 4300 fdPHost - ok
15:21:32.0974 4300 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:21:32.0999 4300 FDResPub - ok
15:21:33.0014 4300 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:21:33.0029 4300 FileInfo - ok
15:21:33.0044 4300 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:21:33.0079 4300 Filetrace - ok
15:21:33.0084 4300 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:21:33.0104 4300 flpydisk - ok
15:21:33.0129 4300 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:21:33.0139 4300 FltMgr - ok
15:21:33.0224 4300 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:21:33.0254 4300 FontCache - ok
15:21:33.0319 4300 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:21:33.0329 4300 FontCache3.0.0.0 - ok
15:21:33.0384 4300 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:21:33.0400 4300 FsDepends - ok
15:21:33.0420 4300 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:21:33.0430 4300 Fs_Rec - ok
15:21:33.0450 4300 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:21:33.0470 4300 fvevol - ok
15:21:33.0490 4300 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:21:33.0500 4300 gagp30kx - ok
15:21:33.0565 4300 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:21:33.0625 4300 gpsvc - ok
15:21:33.0730 4300 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:21:33.0750 4300 gupdate - ok
15:21:33.0755 4300 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:21:33.0775 4300 gupdatem - ok
15:21:33.0820 4300 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:21:33.0835 4300 gusvc - ok
15:21:33.0860 4300 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:21:33.0875 4300 hcw85cir - ok
15:21:33.0905 4300 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:21:33.0925 4300 HDAudBus - ok
15:21:33.0955 4300 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:21:33.0975 4300 HidBatt - ok
15:21:33.0990 4300 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:21:34.0005 4300 HidBth - ok
15:21:34.0015 4300 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:21:34.0030 4300 HidIr - ok
15:21:34.0050 4300 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:21:34.0085 4300 hidserv - ok
15:21:34.0125 4300 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:21:34.0135 4300 HidUsb - ok
15:21:34.0165 4300 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:21:34.0195 4300 hkmsvc - ok
15:21:34.0225 4300 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:21:34.0260 4300 HomeGroupListener - ok
15:21:34.0285 4300 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:21:34.0305 4300 HomeGroupProvider - ok
15:21:34.0325 4300 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:21:34.0335 4300 HpSAMD - ok
15:21:34.0380 4300 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:21:34.0415 4300 HTTP - ok
15:21:34.0420 4300 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:21:34.0435 4300 hwpolicy - ok
15:21:34.0460 4300 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:21:34.0475 4300 i8042prt - ok
15:21:34.0505 4300 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
15:21:34.0520 4300 iaStor - ok
15:21:34.0560 4300 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:21:34.0575 4300 iaStorV - ok
15:21:34.0685 4300 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:21:34.0705 4300 idsvc - ok
15:21:35.0190 4300 igfx (20d7fbbbbfc60f2799a42d36ad6f633e) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:21:35.0320 4300 igfx - ok
15:21:35.0435 4300 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:21:35.0450 4300 iirsp - ok
15:21:35.0515 4300 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:21:35.0560 4300 IKEEXT - ok
15:21:35.0600 4300 Intel® PROSet Monitoring Service (28d387eefad7cc3a0beb9c3262e83add) C:\Windows\system32\IProsetMonitor.exe
15:21:35.0630 4300 Intel® PROSet Monitoring Service - ok
15:21:35.0650 4300 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:21:35.0665 4300 intelide - ok
15:21:35.0675 4300 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:21:35.0690 4300 intelppm - ok
15:21:35.0705 4300 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:21:35.0740 4300 IPBusEnum - ok
15:21:35.0755 4300 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:21:35.0780 4300 IpFilterDriver - ok
15:21:35.0795 4300 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:21:35.0805 4300 IPMIDRV - ok
15:21:35.0810 4300 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:21:35.0840 4300 IPNAT - ok
15:21:35.0850 4300 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:21:35.0865 4300 IRENUM - ok
15:21:35.0875 4300 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:21:35.0905 4300 isapnp - ok
15:21:35.0940 4300 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:21:35.0955 4300 iScsiPrt - ok
15:21:36.0055 4300 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
15:21:36.0085 4300 jhi_service - ok
15:21:36.0095 4300 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:21:36.0110 4300 kbdclass - ok
15:21:36.0120 4300 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:21:36.0130 4300 kbdhid - ok
15:21:36.0165 4300 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:21:36.0190 4300 KeyIso - ok
15:21:36.0215 4300 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:21:36.0230 4300 KSecDD - ok
15:21:36.0270 4300 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:21:36.0295 4300 KSecPkg - ok
15:21:36.0305 4300 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:21:36.0345 4300 ksthunk - ok
15:21:36.0395 4300 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:21:36.0445 4300 KtmRm - ok
15:21:36.0495 4300 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:21:36.0535 4300 LanmanServer - ok
15:21:36.0565 4300 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:21:36.0600 4300 LanmanWorkstation - ok
15:21:36.0840 4300 LiveUpdate (010fd2b41e75a98e3a4d23f44405f5c9) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:21:36.0890 4300 LiveUpdate - ok
15:21:37.0025 4300 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:21:37.0055 4300 lltdio - ok
15:21:37.0090 4300 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:21:37.0125 4300 lltdsvc - ok
15:21:37.0135 4300 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:21:37.0170 4300 lmhosts - ok
15:21:37.0240 4300 LMS (97f9eaac985a663394cd8f54dcd3e73a) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:21:37.0265 4300 LMS - ok
15:21:37.0285 4300 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:21:37.0300 4300 LSI_FC - ok
15:21:37.0320 4300 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:21:37.0330 4300 LSI_SAS - ok
15:21:37.0345 4300 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:21:37.0355 4300 LSI_SAS2 - ok
15:21:37.0375 4300 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:21:37.0390 4300 LSI_SCSI - ok
15:21:37.0410 4300 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:21:37.0450 4300 luafv - ok
15:21:37.0475 4300 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:21:37.0490 4300 Mcx2Svc - ok
15:21:37.0505 4300 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:21:37.0515 4300 megasas - ok
15:21:37.0540 4300 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:21:37.0555 4300 MegaSR - ok
15:21:37.0580 4300 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
15:21:37.0595 4300 MEIx64 - ok
15:21:37.0625 4300 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:21:37.0660 4300 MMCSS - ok
15:21:37.0665 4300 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:21:37.0695 4300 Modem - ok
15:21:37.0725 4300 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:21:37.0735 4300 monitor - ok
15:21:37.0755 4300 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:21:37.0765 4300 mouclass - ok
15:21:37.0775 4300 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:21:37.0790 4300 mouhid - ok
15:21:37.0805 4300 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:21:37.0815 4300 mountmgr - ok
15:21:37.0840 4300 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:21:37.0850 4300 mpio - ok
15:21:37.0865 4300 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:21:37.0895 4300 mpsdrv - ok
15:21:37.0915 4300 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:21:37.0935 4300 MRxDAV - ok
15:21:37.0970 4300 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:21:38.0005 4300 mrxsmb - ok
15:21:38.0025 4300 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:21:38.0045 4300 mrxsmb10 - ok
15:21:38.0065 4300 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:21:38.0080 4300 mrxsmb20 - ok
15:21:38.0100 4300 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:21:38.0110 4300 msahci - ok
15:21:38.0130 4300 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:21:38.0145 4300 msdsm - ok
15:21:38.0175 4300 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:21:38.0190 4300 MSDTC - ok
15:21:38.0210 4300 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:21:38.0235 4300 Msfs - ok
15:21:38.0250 4300 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:21:38.0275 4300 mshidkmdf - ok
15:21:38.0290 4300 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:21:38.0300 4300 msisadrv - ok
15:21:38.0325 4300 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:21:38.0380 4300 MSiSCSI - ok
15:21:38.0385 4300 msiserver - ok
15:21:38.0400 4300 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:21:38.0435 4300 MSKSSRV - ok
15:21:38.0450 4300 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:21:38.0490 4300 MSPCLOCK - ok
15:21:38.0505 4300 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:21:38.0540 4300 MSPQM - ok
15:21:38.0580 4300 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:21:38.0620 4300 MsRPC - ok
15:21:38.0630 4300 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:21:38.0645 4300 mssmbios - ok
15:21:38.0655 4300 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:21:38.0685 4300 MSTEE - ok
15:21:38.0700 4300 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:21:38.0715 4300 MTConfig - ok
15:21:38.0730 4300 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:21:38.0745 4300 Mup - ok
15:21:38.0795 4300 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:21:38.0835 4300 napagent - ok
15:21:38.0880 4300 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:21:38.0920 4300 NativeWifiP - ok
15:21:39.0055 4300 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120605.002\ENG64.SYS
15:21:39.0070 4300 NAVENG - ok
15:21:39.0210 4300 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120605.002\EX64.SYS
15:21:39.0255 4300 NAVEX15 - ok
15:21:39.0445 4300 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
15:21:39.0485 4300 NDIS - ok
15:21:39.0500 4300 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:21:39.0530 4300 NdisCap - ok
15:21:39.0550 4300 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:21:39.0585 4300 NdisTapi - ok
15:21:39.0600 4300 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:21:39.0625 4300 Ndisuio - ok
15:21:39.0645 4300 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:21:39.0680 4300 NdisWan - ok
15:21:39.0695 4300 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:21:39.0725 4300 NDProxy - ok
15:21:39.0750 4300 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
15:21:39.0760 4300 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:21:39.0760 4300 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:21:39.0770 4300 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:21:39.0805 4300 NetBIOS - ok
15:21:39.0835 4300 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:21:39.0875 4300 NetBT - ok
15:21:39.0895 4300 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:21:39.0906 4300 Netlogon - ok
15:21:39.0976 4300 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:21:40.0021 4300 Netman - ok
15:21:40.0086 4300 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:40.0111 4300 NetMsmqActivator - ok
15:21:40.0111 4300 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:40.0126 4300 NetPipeActivator - ok
15:21:40.0181 4300 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:21:40.0246 4300 netprofm - ok
15:21:40.0246 4300 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:40.0261 4300 NetTcpActivator - ok
15:21:40.0261 4300 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:40.0271 4300 NetTcpPortSharing - ok
15:21:40.0326 4300 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys
15:21:40.0351 4300 netvsc - ok
15:21:40.0792 4300 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
15:21:40.0882 4300 NETwNs64 - ok
15:21:40.0982 4300 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:21:41.0002 4300 nfrd960 - ok
15:21:41.0042 4300 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:21:41.0092 4300 NlaSvc - ok
15:21:41.0107 4300 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:21:41.0137 4300 Npfs - ok
15:21:41.0152 4300 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:21:41.0182 4300 nsi - ok
15:21:41.0192 4300 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:21:41.0232 4300 nsiproxy - ok
15:21:41.0337 4300 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:21:41.0382 4300 Ntfs - ok
15:21:41.0452 4300 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:21:41.0497 4300 Null - ok
15:21:41.0532 4300 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
15:21:41.0547 4300 NVHDA - ok
15:21:42.0208 4300 nvlddmkm (70e89a21827b2669af906b703c7c48b5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:21:42.0358 4300 nvlddmkm - ok
15:21:42.0458 4300 nvpciflt (4b9c0c2bf78289513101eb0d44834701) C:\Windows\system32\DRIVERS\nvpciflt.sys
15:21:42.0468 4300 nvpciflt - ok
15:21:42.0493 4300 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:21:42.0508 4300 nvraid - ok
15:21:42.0528 4300 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:21:42.0558 4300 nvstor - ok
15:21:42.0633 4300 NVSvc (e04fce1d149cf05c3449e3171f9c3e41) C:\Windows\system32\nvvsvc.exe
15:21:42.0673 4300 NVSvc - ok
15:21:42.0818 4300 nvUpdatusService (d96ddea6c699a99832e0186057801971) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:21:42.0858 4300 nvUpdatusService - ok
15:21:42.0963 4300 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:21:42.0993 4300 nv_agp - ok
15:21:43.0008 4300 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe
15:21:43.0023 4300 O2FLASH - ok
15:21:43.0043 4300 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\DRIVERS\O2MDFw7x64.sys
15:21:43.0053 4300 O2MDFRDR - ok
15:21:43.0068 4300 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\drivers\O2MDRw7x64.sys
15:21:43.0078 4300 O2MDRRDR - ok
15:21:43.0148 4300 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe
15:21:43.0148 4300 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - warning
15:21:43.0148 4300 O2SDIOAssist - detected UnsignedFile.Multi.Generic (1)
15:21:43.0158 4300 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
15:21:43.0173 4300 O2SDJRDR - ok
15:21:43.0283 4300 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:21:43.0328 4300 odserv - ok
15:21:43.0343 4300 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:21:43.0363 4300 ohci1394 - ok
15:21:43.0398 4300 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:21:43.0428 4300 ose - ok
15:21:43.0708 4300 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:21:43.0773 4300 osppsvc - ok
15:21:43.0893 4300 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:21:43.0943 4300 p2pimsvc - ok
15:21:43.0988 4300 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:21:44.0018 4300 p2psvc - ok
15:21:44.0068 4300 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:21:44.0078 4300 Parport - ok
15:21:44.0098 4300 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:21:44.0108 4300 partmgr - ok
15:21:44.0128 4300 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys
15:21:44.0138 4300 PBADRV - ok
15:21:44.0163 4300 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:21:44.0178 4300 PcaSvc - ok
15:21:44.0208 4300 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:21:44.0218 4300 pci - ok
15:21:44.0238 4300 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:21:44.0248 4300 pciide - ok
15:21:44.0268 4300 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:21:44.0283 4300 pcmcia - ok
15:21:44.0298 4300 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:21:44.0308 4300 pcw - ok
15:21:44.0368 4300 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:21:44.0423 4300 PEAUTH - ok
15:21:44.0508 4300 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:21:44.0553 4300 PeerDistSvc - ok
15:21:44.0618 4300 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:21:44.0646 4300 PerfHost - ok
15:21:44.0816 4300 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:21:44.0856 4300 pla - ok
15:21:44.0896 4300 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:21:44.0946 4300 PlugPlay - ok
15:21:44.0976 4300 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
15:21:45.0001 4300 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:21:45.0001 4300 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:21:45.0011 4300 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:21:45.0026 4300 PNRPAutoReg - ok
15:21:45.0048 4300 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:21:45.0068 4300 PNRPsvc - ok
15:21:45.0113 4300 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:21:45.0168 4300 PolicyAgent - ok
15:21:45.0183 4300 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:21:45.0213 4300 Power - ok
15:21:45.0248 4300 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:21:45.0293 4300 PptpMiniport - ok
15:21:45.0313 4300 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:21:45.0328 4300 Processor - ok
15:21:45.0353 4300 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:21:45.0383 4300 ProfSvc - ok
15:21:45.0413 4300 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:21:45.0448 4300 ProtectedStorage - ok
15:21:45.0478 4300 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:21:45.0523 4300 Psched - ok
15:21:45.0558 4300 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:21:45.0578 4300 PxHlpa64 - ok
15:21:45.0668 4300 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:21:45.0708 4300 ql2300 - ok
15:21:45.0793 4300 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:21:45.0833 4300 ql40xx - ok
15:21:45.0858 4300 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:21:45.0898 4300 QWAVE - ok
15:21:45.0918 4300 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:21:45.0928 4300 QWAVEdrv - ok
15:21:45.0943 4300 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:21:45.0968 4300 RasAcd - ok
15:21:45.0983 4300 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:21:46.0013 4300 RasAgileVpn - ok
15:21:46.0028 4300 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:21:46.0053 4300 RasAuto - ok
15:21:46.0068 4300 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:21:46.0098 4300 Rasl2tp - ok
15:21:46.0123 4300 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:21:46.0153 4300 RasMan - ok
15:21:46.0173 4300 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:21:46.0203 4300 RasPppoe - ok
15:21:46.0218 4300 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:21:46.0243 4300 RasSstp - ok
15:21:46.0263 4300 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:21:46.0298 4300 rdbss - ok
15:21:46.0313 4300 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:21:46.0323 4300 rdpbus - ok
15:21:46.0333 4300 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:21:46.0358 4300 RDPCDD - ok
15:21:46.0393 4300 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:21:46.0433 4300 RDPDR - ok
15:21:46.0448 4300 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:21:46.0473 4300 RDPENCDD - ok
15:21:46.0483 4300 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:21:46.0508 4300 RDPREFMP - ok
15:21:46.0523 4300 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:21:46.0553 4300 RDPWD - ok
15:21:46.0573 4300 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:21:46.0583 4300 rdyboost - ok
15:21:46.0703 4300 RegSrvc (f90cc59135f2945a6ebb1670a7bbd8b3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:21:46.0738 4300 RegSrvc - ok
15:21:46.0763 4300 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:21:46.0808 4300 RemoteAccess - ok
15:21:46.0838 4300 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:21:46.0868 4300 RemoteRegistry - ok
15:21:46.0933 4300 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:21:46.0963 4300 RFCOMM - ok
15:21:46.0978 4300 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:21:47.0023 4300 RpcEptMapper - ok
15:21:47.0053 4300 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:21:47.0068 4300 RpcLocator - ok
15:21:47.0108 4300 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:21:47.0153 4300 RpcSs - ok
15:21:47.0178 4300 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:21:47.0203 4300 rspndr - ok
15:21:47.0223 4300 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:21:47.0233 4300 s3cap - ok
15:21:47.0263 4300 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:21:47.0273 4300 SamSs - ok
15:21:47.0288 4300 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:21:47.0303 4300 sbp2port - ok
15:21:47.0323 4300 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:21:47.0353 4300 SCardSvr - ok
15:21:47.0368 4300 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:21:47.0393 4300 scfilter - ok
15:21:47.0458 4300 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:21:47.0528 4300 Schedule - ok
15:21:47.0558 4300 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:21:47.0583 4300 SCPolicySvc - ok
15:21:47.0603 4300 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:21:47.0623 4300 SDRSVC - ok
15:21:47.0669 4300 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:21:47.0714 4300 secdrv - ok
15:21:47.0724 4300 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:21:47.0749 4300 seclogon - ok
15:21:47.0939 4300 SecureStorageService (f3d951071c624137430fe65a67541ef9) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
15:21:47.0974 4300 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
15:21:47.0974 4300 SecureStorageService - detected UnsignedFile.Multi.Generic (1)
15:21:48.0049 4300 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:21:48.0104 4300 SENS - ok
15:21:48.0124 4300 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:21:48.0164 4300 SensrSvc - ok
15:21:48.0199 4300 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:21:48.0209 4300 Serenum - ok
15:21:48.0229 4300 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:21:48.0239 4300 Serial - ok
15:21:48.0249 4300 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:21:48.0259 4300 sermouse - ok
15:21:48.0279 4300 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:21:48.0309 4300 SessionEnv - ok
15:21:48.0319 4300 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:21:48.0334 4300 sffdisk - ok
15:21:48.0334 4300 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:21:48.0349 4300 sffp_mmc - ok
15:21:48.0364 4300 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:21:48.0374 4300 sffp_sd - ok
15:21:48.0399 4300 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:21:48.0409 4300 sfloppy - ok
15:21:48.0444 4300 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:21:48.0499 4300 ShellHWDetection - ok
15:21:48.0519 4300 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:21:48.0529 4300 SiSRaid2 - ok
15:21:48.0539 4300 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:21:48.0569 4300 SiSRaid4 - ok
15:21:48.0589 4300 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:21:48.0614 4300 Smb - ok
15:21:48.0839 4300 SmcService (ad97b711074cf27da0c00f2c26e1a62c) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
15:21:48.0894 4300 SmcService - ok
15:21:49.0034 4300 SMR250 (27f71f20e87fbf177c82ae924f9317f7) C:\Windows\system32\drivers\SMR250.SYS
15:21:49.0069 4300 SMR250 - ok
15:21:49.0124 4300 SNAC (91bd8e268d93aaf5f59aac9de84a25bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
15:21:49.0144 4300 SNAC - ok
15:21:49.0169 4300 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:21:49.0179 4300 SNMPTRAP - ok
15:21:49.0194 4300 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:21:49.0204 4300 spldr - ok
15:21:49.0239 4300 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:21:49.0284 4300 Spooler - ok
15:21:49.0464 4300 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:21:49.0574 4300 sppsvc - ok
15:21:49.0629 4300 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:21:49.0684 4300 sppuinotify - ok
15:21:49.0729 4300 SRTSP (32900ac9cfdc578531279886ca16a4df) C:\Windows\system32\Drivers\SRTSP64.SYS
15:21:49.0739 4300 SRTSP - ok
15:21:49.0779 4300 SRTSPL (8929566d1f14685fd78eaf25bee3ecc7) C:\Windows\system32\Drivers\SRTSPL64.SYS
15:21:49.0804 4300 SRTSPL - ok
15:21:49.0819 4300 SRTSPX (cb2fdf47ee67f8cca5362ed9b94fe955) C:\Windows\system32\Drivers\SRTSPX64.SYS
15:21:49.0829 4300 SRTSPX - ok
15:21:49.0869 4300 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:21:49.0909 4300 srv - ok
15:21:49.0949 4300 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:21:49.0984 4300 srv2 - ok
15:21:49.0999 4300 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:21:50.0014 4300 srvnet - ok
15:21:50.0034 4300 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:21:50.0059 4300 SSDPSRV - ok
15:21:50.0074 4300 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:21:50.0104 4300 SstpSvc - ok
15:21:50.0179 4300 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
15:21:50.0219 4300 STacSV - ok
15:21:50.0239 4300 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
15:21:50.0244 4300 stdcfltn - ok
15:21:50.0319 4300 Stereo Service (479321c119b54d7f13a91e16cf7c2e9a) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:21:50.0384 4300 Stereo Service - ok
15:21:50.0409 4300 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:21:50.0419 4300 stexstor - ok
15:21:50.0454 4300 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
15:21:50.0489 4300 STHDA - ok
15:21:50.0539 4300 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:21:50.0584 4300 stisvc - ok
15:21:50.0614 4300 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:21:50.0639 4300 StorSvc - ok
15:21:50.0659 4300 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:21:50.0669 4300 storvsc - ok
15:21:50.0684 4300 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:21:50.0699 4300 swenum - ok
15:21:50.0749 4300 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:21:50.0784 4300 swprv - ok
15:21:50.0939 4300 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
15:21:50.0984 4300 Symantec AntiVirus - ok
15:21:51.0079 4300 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:21:51.0094 4300 SymEvent - ok
15:21:51.0114 4300 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:21:51.0124 4300 SynthVid - ok
15:21:51.0229 4300 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:21:51.0269 4300 SysMain - ok
15:21:51.0319 4300 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:21:51.0364 4300 TabletInputService - ok
15:21:51.0389 4300 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:21:51.0439 4300 TapiSrv - ok
15:21:51.0454 4300 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:21:51.0484 4300 TBS - ok
15:21:51.0614 4300 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:21:51.0654 4300 Tcpip - ok
15:21:51.0809 4300 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:21:51.0839 4300 TCPIP6 - ok
15:21:51.0904 4300 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:21:51.0944 4300 tcpipreg - ok
15:21:52.0084 4300 tcsd_win32.exe (e42d560e2163480e7b586b14abeb3386) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
15:21:52.0129 4300 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
15:21:52.0129 4300 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)
15:21:52.0379 4300 TdmService (e76a51f32fa99be0de3b8071c9c82e8c) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
15:21:52.0424 4300 TdmService - ok
15:21:52.0519 4300 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:21:52.0569 4300 TDPIPE - ok
15:21:52.0584 4300 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:21:52.0609 4300 TDTCP - ok
15:21:52.0629 4300 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:21:52.0659 4300 tdx - ok
15:21:52.0669 4300 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
15:21:52.0679 4300 TermDD - ok
15:21:52.0739 4300 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:21:52.0784 4300 TermService - ok
15:21:52.0794 4300 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:21:52.0809 4300 Themes - ok
15:21:52.0829 4300 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:21:52.0859 4300 THREADORDER - ok
15:21:52.0879 4300 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:21:52.0934 4300 TrkWks - ok
15:21:52.0970 4300 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:21:53.0000 4300 TrustedInstaller - ok
15:21:53.0010 4300 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:21:53.0035 4300 tssecsrv - ok
15:21:53.0050 4300 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:21:53.0095 4300 TsUsbFlt - ok
15:21:53.0110 4300 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:21:53.0120 4300 TsUsbGD - ok
15:21:53.0140 4300 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:21:53.0165 4300 tunnel - ok
15:21:53.0180 4300 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:21:53.0190 4300 uagp35 - ok
15:21:53.0220 4300 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:21:53.0245 4300 udfs - ok
15:21:53.0260 4300 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:21:53.0270 4300 UI0Detect - ok
15:21:53.0290 4300 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:21:53.0300 4300 uliagpkx - ok
15:21:53.0315 4300 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:21:53.0345 4300 umbus - ok
15:21:53.0350 4300 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:21:53.0360 4300 UmPass - ok
15:21:53.0405 4300 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:21:53.0445 4300 UmRdpService - ok
15:21:53.0655 4300 UNS (a69cd6bdb82872999d2e46f9324ada83) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:21:53.0705 4300 UNS - ok
15:21:53.0835 4300 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:21:53.0895 4300 upnphost - ok
15:21:53.0925 4300 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:21:53.0970 4300 USBAAPL64 - ok
15:21:54.0000 4300 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
15:21:54.0030 4300 usbccgp - ok
15:21:54.0065 4300 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:21:54.0095 4300 usbcir - ok
15:21:54.0115 4300 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:21:54.0125 4300 usbehci - ok
15:21:54.0160 4300 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
15:21:54.0170 4300 usbhub - ok
15:21:54.0190 4300 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:21:54.0200 4300 usbohci - ok
15:21:54.0210 4300 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:21:54.0245 4300 usbprint - ok
15:21:54.0260 4300 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:21:54.0270 4300 USBSTOR - ok
15:21:54.0280 4300 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:21:54.0290 4300 usbuhci - ok
15:21:54.0325 4300 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:21:54.0360 4300 usbvideo - ok
15:21:54.0385 4300 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:21:54.0435 4300 UxSms - ok
15:21:54.0470 4300 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:21:54.0485 4300 VaultSvc - ok
15:21:54.0500 4300 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:21:54.0510 4300 vdrvroot - ok
15:21:54.0555 4300 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:21:54.0595 4300 vds - ok
15:21:54.0610 4300 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:21:54.0625 4300 vga - ok
15:21:54.0640 4300 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:21:54.0665 4300 VgaSave - ok
15:21:54.0690 4300 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:21:54.0705 4300 vhdmp - ok
15:21:54.0715 4300 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:21:54.0725 4300 viaide - ok
15:21:54.0750 4300 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:21:54.0765 4300 VMBusHID - ok
15:21:54.0775 4300 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:21:54.0785 4300 volmgr - ok
15:21:54.0816 4300 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:21:54.0846 4300 volmgrx - ok
15:21:54.0866 4300 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:21:54.0891 4300 volsnap - ok
15:21:54.0916 4300 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:21:54.0931 4300 vsmraid - ok
15:21:55.0026 4300 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:21:55.0081 4300 VSS - ok
15:21:55.0176 4300 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:21:55.0221 4300 vwifibus - ok
15:21:55.0241 4300 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:21:55.0251 4300 vwififlt - ok
15:21:55.0266 4300 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:21:55.0281 4300 vwifimp - ok
15:21:55.0316 4300 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:21:55.0371 4300 W32Time - ok
15:21:55.0391 4300 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:21:55.0406 4300 WacomPen - ok
15:21:55.0426 4300 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:21:55.0451 4300 WANARP - ok
15:21:55.0451 4300 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:21:55.0481 4300 Wanarpv6 - ok
15:21:55.0571 4300 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:21:55.0606 4300 WatAdminSvc - ok
15:21:55.0691 4300 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:21:55.0736 4300 wbengine - ok
15:21:55.0841 4300 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:21:55.0871 4300 WbioSrvc - ok
15:21:55.0896 4300 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:21:55.0916 4300 wcncsvc - ok
15:21:55.0931 4300 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:21:55.0961 4300 WcsPlugInService - ok
15:21:55.0996 4300 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:21:56.0011 4300 Wd - ok
15:21:56.0066 4300 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:21:56.0086 4300 Wdf01000 - ok
15:21:56.0101 4300 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:21:56.0131 4300 WdiServiceHost - ok
15:21:56.0136 4300 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:21:56.0151 4300 WdiSystemHost - ok
15:21:56.0176 4300 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:21:56.0196 4300 WebClient - ok
15:21:56.0216 4300 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:21:56.0246 4300 Wecsvc - ok
15:21:56.0261 4300 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:21:56.0286 4300 wercplsupport - ok
15:21:56.0296 4300 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:21:56.0326 4300 WerSvc - ok
15:21:56.0341 4300 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:21:56.0366 4300 WfpLwf - ok
15:21:56.0381 4300 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:21:56.0391 4300 WIMMount - ok
15:21:56.0396 4300 WinHttpAutoProxySvc - ok
15:21:56.0461 4300 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:21:56.0506 4300 Winmgmt - ok
15:21:56.0601 4300 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:21:56.0646 4300 WinRM - ok
15:21:56.0736 4300 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
15:21:56.0766 4300 WinUsb - ok
15:21:56.0811 4300 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:21:56.0846 4300 Wlansvc - ok
15:21:56.0856 4300 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:21:56.0866 4300 WmiAcpi - ok
15:21:56.0911 4300 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:21:56.0946 4300 wmiApSrv - ok
15:21:56.0977 4300 WMPNetworkSvc - ok
15:21:57.0002 4300 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:21:57.0047 4300 WPCSvc - ok
15:21:57.0087 4300 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:21:57.0152 4300 WPDBusEnum - ok
15:21:57.0177 4300 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:21:57.0222 4300 ws2ifsl - ok
15:21:57.0227 4300 WSearch - ok
15:21:57.0362 4300 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:21:57.0432 4300 wuauserv - ok
15:21:57.0537 4300 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:21:57.0587 4300 WudfPf - ok
15:21:57.0607 4300 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:21:57.0637 4300 WUDFRd - ok
15:21:57.0657 4300 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:21:57.0682 4300 wudfsvc - ok
15:21:57.0707 4300 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:21:57.0727 4300 WwanSvc - ok
15:21:57.0852 4300 ZcfgSvc7 (b87e12317928739e22d2e3acc7ccac80) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
15:21:57.0882 4300 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - warning
15:21:57.0882 4300 ZcfgSvc7 - detected UnsignedFile.Multi.Generic (1)
15:21:57.0902 4300 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:21:58.0207 4300 \Device\Harddisk0\DR0 - ok
15:21:58.0212 4300 Boot (0x1200) (8b59e0e91eb907df9328b3c83c05f21d) \Device\Harddisk0\DR0\Partition0
15:21:58.0217 4300 \Device\Harddisk0\DR0\Partition0 - ok
15:21:58.0257 4300 Boot (0x1200) (39fbb78b705a6e394014b2347a4d6873) \Device\Harddisk0\DR0\Partition1
15:21:58.0262 4300 \Device\Harddisk0\DR0\Partition1 - ok
15:21:58.0262 4300 ============================================================
15:21:58.0262 4300 Scan finished
15:21:58.0262 4300 ============================================================
15:21:58.0267 3436 Detected object count: 6
15:21:58.0267 3436 Actual detected object count: 6
15:22:35.0393 3436 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:35.0393 3436 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:22:35.0393 3436 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:35.0393 3436 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:22:35.0398 3436 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:35.0403 3436 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:22:35.0403 3436 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:35.0403 3436 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:22:35.0403 3436 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:35.0403 3436 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:22:35.0403 3436 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:35.0403 3436 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - User select action: Skip

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 05:35 PM

So far I see no further instances of infections, so can you run two more tools to see what they detect:

SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#9 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 06:23 PM

Thank you! Here's the results from the first SUPERANTI

UPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/05/2012 at 04:20 PM

Application Version : 5.0.1150

Core Rules Database Version : 8687
Trace Rules Database Version: 6499

Scan type : Complete Scan
Total Scan Time : 00:38:19

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 687
Memory threats detected : 0
Registry items scanned : 73049
Registry threats detected : 0
File items scanned : 51666
File threats detected : 133

Adware.Tracking Cookie
C:\Users\cwallace\AppData\Roaming\Microsoft\Windows\Cookies\6PJ0R0V0.txt [ /devstats.apple.com ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\ZYK7C9EY.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\GO8Y7ZPZ.txt [ Cookie:administrator@apmebf.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\4B9VORQZ.txt [ Cookie:administrator@statse.webtrendslive.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\KIZVLK58.txt [ Cookie:administrator@revsci.net/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\TJJSK4YI.txt [ Cookie:administrator@tribalfusion.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\8G1GPHTZ.txt [ Cookie:administrator@at.atwola.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\9NW1HRN9.txt [ Cookie:administrator@kontera.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\PEQKXO0L.txt [ Cookie:administrator@doubleclick.net/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\C9RCV6ZK.txt [ Cookie:administrator@fastclick.net/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\FFL8HBYM.txt [ Cookie:administrator@ad.yieldmanager.com/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\GCBLL55O.txt [ Cookie:administrator@insightexpressai.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\ZYK7C9EY.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\GO8Y7ZPZ.txt [ Cookie:administrator@apmebf.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\4B9VORQZ.txt [ Cookie:administrator@statse.webtrendslive.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\KIZVLK58.txt [ Cookie:administrator@revsci.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\TJJSK4YI.txt [ Cookie:administrator@tribalfusion.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\8G1GPHTZ.txt [ Cookie:administrator@at.atwola.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\9NW1HRN9.txt [ Cookie:administrator@kontera.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\PEQKXO0L.txt [ Cookie:administrator@doubleclick.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\C9RCV6ZK.txt [ Cookie:administrator@fastclick.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\FFL8HBYM.txt [ Cookie:administrator@ad.yieldmanager.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\GCBLL55O.txt [ Cookie:administrator@insightexpressai.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2SIZX8IN.txt [ Cookie:cwallace@adsonar.com/adserving ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YMMEER9H.txt [ Cookie:cwallace@pointroll.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\WX1Z5PF9.txt [ Cookie:cwallace@ads.gamersmedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\81EHWBSN.txt [ Cookie:cwallace@e-2dj6wfmiklazafp.stats.esomniture.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NPGOCTWQ.txt [ Cookie:cwallace@highbeam.122.2o7.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z2XXPGEX.txt [ Cookie:cwallace@dealtime.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RCDKQU9Q.txt [ Cookie:cwallace@in.getclicky.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\P33DSUXS.txt [ Cookie:cwallace@accounts.google.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\B3EUGMGM.txt [ Cookie:cwallace@amazon-adsystem.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\I5ZOGC12.txt [ Cookie:cwallace@invitemedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\29HP62YQ.txt [ Cookie:cwallace@interclick.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SY053M5.txt [ Cookie:cwallace@akamai.interclickproxy.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H2ZKG5J2.txt [ Cookie:cwallace@mediaservices-d.openxenterprise.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1O2ZXAHJ.txt [ Cookie:cwallace@etrade.122.2o7.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BKY0G2LC.txt [ Cookie:cwallace@atdmt.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\S7232913.txt [ Cookie:cwallace@imrworldwide.com/cgi-bin ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4MNK48WB.txt [ Cookie:cwallace@www.accountingtoday.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FWD112JN.txt [ Cookie:cwallace@adjuggler.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IQUWI46D.txt [ Cookie:cwallace@lucidmedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JZHYOMP9.txt [ Cookie:cwallace@e-2dj6wgkiakdpklq.stats.esomniture.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4JEGEBB8.txt [ Cookie:cwallace@dc.tremormedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JUI61T0D.txt [ Cookie:cwallace@mm.chitika.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QVU2EAC9.txt [ Cookie:cwallace@collective-media.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CS8SAPOL.txt [ Cookie:cwallace@eas.apm.emediate.eu/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZ4KSKHO.txt [ Cookie:cwallace@apmebf.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3O09K0B1.txt [ Cookie:cwallace@a1.interclick.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GMGH70YU.txt [ Cookie:cwallace@accounts.youtube.com/accounts ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZJS7H4QN.txt [ Cookie:cwallace@steelhousemedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RHNJR04D.txt [ Cookie:cwallace@harrenmedianetwork.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z8MU5WMN.txt [ Cookie:cwallace@lfstmedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DXJQPF6I.txt [ Cookie:cwallace@socialmediatoday.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BTIFFFL.txt [ Cookie:cwallace@mywebsearch.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KKF95E3A.txt [ Cookie:cwallace@serving-sys.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L2X57RIV.txt [ Cookie:cwallace@adbrite.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GY4R5U2R.txt [ Cookie:cwallace@path-tracker.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D9DOLR5P.txt [ Cookie:cwallace@adup.rotator.hadj7.adjuggler.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWCTUE8E.txt [ Cookie:cwallace@server.cpmstar.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LIOA1BZ8.txt [ Cookie:cwallace@adup.rotator.hadj7.adjuggler.net/servlet/ajrotator/194036/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2X6ZY1YG.txt [ Cookie:cwallace@eyewonder.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HYNHGQDQ.txt [ Cookie:cwallace@kanoodle.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z1546Z00.txt [ Cookie:cwallace@dmtracker.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5ZUIUC8Z.txt [ Cookie:cwallace@adinterax.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L7EEA5TE.txt [ Cookie:cwallace@media.adfrontiers.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\U1443H2B.txt [ Cookie:cwallace@redorbit.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GFY7DHFZ.txt [ Cookie:cwallace@www.elitefts.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VVNPZJI1.txt [ Cookie:cwallace@www.path-tracker.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L61CFNEU.txt [ Cookie:cwallace@entrepreneur.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7QTAH5W8.txt [ Cookie:cwallace@mediaforge.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D1FILIV9.txt [ Cookie:cwallace@media.gsimedia.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BG992FS9.txt [ Cookie:cwallace@articles.cnn.com/2012-02-01/tech/tech_social-media_facebook-ipo-reactions_1_ceo-mark-zuckerberg-facebook-users-facebook-s-ipo ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\N0WN1LYL.txt [ Cookie:cwallace@clickbooth.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4TA010H8.txt [ Cookie:cwallace@2o7.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TCK3OUY.txt [ Cookie:cwallace@articles.elitefts.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HJHZMOM.txt [ Cookie:cwallace@media2.legacy.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PKHHTJKT.txt [ Cookie:cwallace@clickfuse.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I3EC4T8.txt [ Cookie:cwallace@www.googleadservices.com/pagead/conversion/1059298329/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MFN0DM1I.txt [ Cookie:cwallace@elitefts.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PM7FN3GB.txt [ Cookie:cwallace@kontera.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1KVKKSLH.txt [ Cookie:cwallace@findlaw.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4TMMG8OP.txt [ Cookie:cwallace@srv.clickfuse.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7MXEUEX2.txt [ Cookie:cwallace@ads.saymedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T1OSKIF8.txt [ Cookie:cwallace@testtaketraffic.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YYPP9BBF.txt [ Cookie:cwallace@product.voxmedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DFQYE11Y.txt [ Cookie:cwallace@statcounter.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LO1XS17G.txt [ Cookie:cwallace@www.youngentrepreneur.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SENXHFR1.txt [ Cookie:cwallace@thenakedandfamous.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GAP6JLAP.txt [ Cookie:cwallace@pulse-analytics-beacon.reutersmedia.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HTPUV13.txt [ Cookie:cwallace@t.pointroll.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H12163BI.txt [ Cookie:cwallace@andomedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H0C0GLV8.txt [ Cookie:cwallace@banners.sys-con.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\43JB7REV.txt [ Cookie:cwallace@www.thenakedandfamous.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2CGDHP3.txt [ Cookie:cwallace@a.intentmedia.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3QBFEV61.txt [ Cookie:cwallace@trackalyzer.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AEEH1BT8.txt [ Cookie:cwallace@solvemedia.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9M5NVTKQ.txt [ Cookie:cwallace@t2.trackalyzer.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3LL5X04W.txt [ Cookie:cwallace@dodtracker.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SEHPLQG6.txt [ Cookie:cwallace@farecastcom.122.2o7.net/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\26ZZ3E4O.txt [ Cookie:cwallace@paypal-media.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\C1G6ECIP.txt [ Cookie:cwallace@questionmarket.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GMMG62JE.txt [ Cookie:cwallace@adserving.ezanga.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D3SDJGI9.txt [ Cookie:cwallace@www.applytracking.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YYYS2472.txt [ Cookie:cwallace@ameriprisestats.com/ ]
C:\USERS\CWALLACE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ANGD03P9.txt [ Cookie:cwallace@findlocal.latimes.com/ ]
C:\USERS\CWALLACE\Cookies\6PJ0R0V0.txt [ Cookie:cwallace@devstats.apple.com/webstats/ ]
C:\USERS\DKELLY\AppData\Roaming\Microsoft\Windows\Cookies\1V1G20E4.txt [ Cookie:dkelly@accounts.google.com/ ]
C:\USERS\DKELLY\AppData\Roaming\Microsoft\Windows\Cookies\Low\B00H7FV4.txt [ Cookie:dkelly@accounts.google.com/ ]
C:\USERS\DKELLY\AppData\Roaming\Microsoft\Windows\Cookies\Low\H7B0AY27.txt [ Cookie:dkelly@www.google.com/accounts ]
C:\USERS\DKELLY\Cookies\1V1G20E4.txt [ Cookie:dkelly@accounts.google.com/ ]
art.aim4media.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
cdn.tremormedia.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
cdn2.baronsmedia.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
content.yieldmanager.edgesuite.net [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
core.insightexpressai.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
ds.serving-sys.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
ia.media-imdb.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
media-cdn.tripadvisor.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
media.mtvnservices.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
media.zipcar.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
msnbcmedia.msn.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
objects.tremormedia.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
secure-uk.imrworldwide.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
secure-us.imrworldwide.com [ C:\USERS\CWALLACE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JV7KZB3Q ]
cdn.complexmedianetwork.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
core.saymedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
tag.blutonicmedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]
www.porntube.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6R77B2X ]

#10 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 06:51 PM

here are the other results.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-05 16:51:21
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8dae5104a
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8dae5104a (not active ControlSet)

---- EOF - GMER 1.0.15 ----

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 06:53 PM

I would like to say that I think the virus is gone.

#12 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 06:54 PM

I'm still getting the original pop from symantec endpoint that i orignally posted.

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 07:00 PM

Can you navigate to that Directory c:\Windows\Installer and delete the detected file you may need to go into safe Mode via hitting F8 just after the post screen.

#14 cwallace83

cwallace83
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 05 June 2012 - 07:06 PM

nope. the installer folder isn't visible to me. I tried to find that orinally which is why I created this forum for some more help/insight.

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:16 AM

Posted 05 June 2012 - 07:10 PM

You will need to go to Folder Options in Control Panel and then the View Tab and check Show Hidden Files.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users