Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to detect and get rid of Nginx virus?


  • This topic is locked This topic is locked
15 replies to this topic

#1 apply26

apply26

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 27 June 2012 - 10:19 PM

A couple days ago I started being redirected to a page that said welcome to nginx from google in both Firefox and Chrome. I ran a bunch of antivirus programs, including Malwarebyes and AVG, but they didn't come up with anything. So I uninstalled and reinstalled firefox and uninstalled google chrome completely and that seemed to solve the problem.

However, today when I turned on my computer and tried to open Firefox, my computer started running extremely slow and I couldn't open the task manager at all. I'm probably totally paranoid, but I'm worried that the virus has just been hanging around my computer somewhere. Is there a way that I detect it and then get rid of it?

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by admin at 23:07:47 on 2012-06-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2040 [GMT -4:00]
.
AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
C:\Program Files\Realtek\RtLED\RtLEDService.exe
C:\Program Files\Realtek\RtLED\RtLED.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
mStart Page = hxxp://lenovo.msn.com
mWinlogon: Userinit=userinit.exe
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
StartupFolder: C:\Users\admin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Program Files (x86)\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1E025E80-C836-484B-85B3-EA98ABBBC797} : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun-x64: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun-x64: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\bnvz3nz1.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\system32\DRIVERS\avgidsha.sys --> C:\windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?]
R0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys --> C:\windows\system32\drivers\fbfmon.sys [?]
R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?]
R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-6-18 1161376]
R1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys --> C:\windows\system32\drivers\BPntDrv.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120626.001\IDSviA64.sys [2012-6-26 509088]
R1 SbFw;SbFw;C:\windows\system32\drivers\SbFw.sys --> C:\windows\system32\drivers\SbFw.sys [?]
R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS --> C:\windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 sbapifs;sbapifs;C:\windows\system32\DRIVERS\sbapifs.sys --> C:\windows\system32\DRIVERS\sbapifs.sys [?]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\avgidsdrivera.sys --> C:\windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\avgidsfiltera.sys --> C:\windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-30 138912]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUVStor.sys --> C:\windows\system32\Drivers\RtsUVStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\windows\system32\DRIVERS\SBFWIM.sys --> C:\windows\system32\DRIVERS\SBFWIM.sys [?]
R3 sbhips;sbhips;C:\windows\system32\drivers\sbhips.sys --> C:\windows\system32\drivers\sbhips.sys [?]
R3 sbwtis;sbwtis;C:\windows\system32\DRIVERS\sbwtis.sys --> C:\windows\system32\DRIVERS\sbwtis.sys [?]
R3 vm2uvcflt;Vimicro USB Camera Filter 2;C:\windows\system32\Drivers\vm2uvcflt.sys --> C:\windows\system32\Drivers\vm2uvcflt.sys [?]
R3 vm332avs;Lenovo Camera2;C:\windows\system32\Drivers\vm332avs.sys --> C:\windows\system32\Drivers\vm332avs.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS\WDKMD.sys [?]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\windows\system32\DRIVERS\sbfwim.sys --> C:\windows\system32\DRIVERS\sbfwim.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
.
=============== Created Last 30 ================
.
2012-06-25 02:41:19 -------- d-----w- C:\Users\admin\AppData\Local\Opera
2012-06-25 02:26:50 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-24 16:04:48 -------- d-----w- C:\Users\admin\AppData\Local\ElevatedDiagnostics
2012-06-23 13:47:27 -------- d-----w- C:\Users\admin\AppData\Local\NPE
2012-06-23 13:41:37 -------- d-----w- C:\Users\admin\AppData\Roaming\Malwarebytes
2012-06-23 13:41:12 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-23 13:41:11 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-06-23 13:41:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-21 00:34:35 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-21 00:34:10 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-21 00:33:39 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-21 00:33:39 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-17 03:50:12 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-17 03:50:12 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-06-17 00:07:09 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-06-16 17:38:37 60536 ----a-w- C:\windows\System32\drivers\sbhips.sys
2012-06-16 17:38:28 256632 ----a-w- C:\windows\System32\drivers\SbFw.sys
2012-06-16 17:38:28 119416 ----a-w- C:\windows\System32\drivers\SbFwIm.sys
2012-06-16 17:38:27 57976 ----a-w- C:\windows\System32\drivers\sbredrv.sys
2012-06-16 17:38:27 45936 ----a-w- C:\windows\System32\sbbd.exe
2012-06-16 17:38:21 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-06-16 17:37:54 -------- d-----w- C:\Users\admin\AppData\Local\adawarebp
2012-06-16 17:36:27 -------- d-----w- C:\Users\admin\AppData\Roaming\Ad-Aware Antivirus
2012-06-15 12:34:20 -------- d-----w- C:\Users\admin\AppData\Local\Macromedia
2012-06-13 22:13:11 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-06-13 22:13:11 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-06-13 22:13:11 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-06-13 22:13:07 209920 ----a-w- C:\windows\System32\profsvc.dll
2012-06-13 22:13:06 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-06-13 22:13:06 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-06-13 22:13:05 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 22:13:04 3146752 ----a-w- C:\windows\System32\win32k.sys
2012-06-13 22:13:03 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-06-13 22:13:01 3216384 ----a-w- C:\windows\System32\msi.dll
2012-06-13 22:13:01 2342400 ----a-w- C:\windows\SysWow64\msi.dll
2012-06-13 22:12:58 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2012-06-13 22:12:58 1462272 ----a-w- C:\windows\System32\crypt32.dll
2012-06-13 22:12:58 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2012-06-13 22:12:58 140288 ----a-w- C:\windows\System32\cryptnet.dll
2012-06-13 22:12:58 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll
2012-06-13 22:12:58 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2012-06-05 02:16:58 -------- d-----w- C:\Users\admin\AppData\Roaming\eTeks
2012-06-04 23:40:47 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
.
==================== Find3M ====================
.
2012-06-04 23:40:16 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
2012-06-04 23:40:16 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2012-05-18 02:06:48 2311680 ----a-w- C:\windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-04-19 08:50:26 28480 ----a-w- C:\windows\System32\drivers\avgidsha.sys
2012-03-30 11:35:47 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys
.
============= FINISH: 23:09:29.41 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 29 June 2012 - 04:11 PM

Hi,

Please do the following:

  • Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool.
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.



NEXT




Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 29 June 2012 - 11:30 PM

Does it matter if my computer was running in safe mode when I scanned it?

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-30 00:01:16
-----------------------------
00:01:16.872 OS Version: Windows x64 6.1.7601 Service Pack 1
00:01:16.872 Number of processors: 4 586 0x2A07
00:01:16.872 ComputerName: ADMIN-PC UserName: admin
00:01:18.200 Initialize success
00:01:25.582 AVAST engine defs: 12062902
00:01:40.672 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:01:40.672 Disk 0 Vendor: WDC_WD75 02.0 Size: 715404MB BusType: 3
00:01:40.687 Disk 0 MBR read successfully
00:01:40.687 Disk 0 MBR scan
00:01:40.703 Disk 0 Windows 7 default MBR code
00:01:40.718 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
00:01:40.734 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 670405 MB offset 411648
00:01:40.734 Disk 0 Partition - 00 0F Extended LBA 29698 MB offset 1373401088
00:01:40.765 Disk 0 Partition 3 00 12 Compaq diag NTFS 15100 MB offset 1434222592
00:01:40.890 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29697 MB offset 1373403136
00:01:40.937 Disk 0 scanning C:\windows\system32\drivers
00:01:58.703 Service scanning
00:02:25.439 Modules scanning
00:02:25.444 Disk 0 trace - called modules:
00:02:25.461 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:02:25.466 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80055e8060]
00:02:25.471 3 CLASSPNP.SYS[fffff88001d7943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ada050]
00:02:27.252 AVAST engine scan C:\windows
00:02:30.774 AVAST engine scan C:\windows\system32
00:05:21.671 AVAST engine scan C:\windows\system32\drivers
00:05:43.039 AVAST engine scan C:\Users\admin
00:12:22.268 AVAST engine scan C:\ProgramData
00:13:47.972 Scan finished successfully
00:15:22.473 Disk 0 MBR has been saved successfully to "C:\Users\admin\Desktop\MBR.dat"
00:15:22.473 The log file has been saved successfully to "C:\Users\admin\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   581bytes   0 downloads


#4 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 29 June 2012 - 11:32 PM

00:18:29.0072 0640 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
00:18:29.0321 0640 ============================================================
00:18:29.0321 0640 Current date / time: 2012/06/30 00:18:29.0321
00:18:29.0321 0640 SystemInfo:
00:18:29.0321 0640
00:18:29.0321 0640 OS Version: 6.1.7601 ServicePack: 1.0
00:18:29.0321 0640 Product type: Workstation
00:18:29.0321 0640 ComputerName: ADMIN-PC
00:18:29.0321 0640 UserName: admin
00:18:29.0321 0640 Windows directory: C:\windows
00:18:29.0321 0640 System windows directory: C:\windows
00:18:29.0321 0640 Running under WOW64
00:18:29.0321 0640 Processor architecture: Intel x64
00:18:29.0321 0640 Number of processors: 4
00:18:29.0321 0640 Page size: 0x1000
00:18:29.0321 0640 Boot type: Safe boot with network
00:18:29.0321 0640 ============================================================
00:18:29.0758 0640 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x162DD1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
00:18:29.0758 0640 ============================================================
00:18:29.0758 0640 \Device\Harddisk0\DR0:
00:18:29.0758 0640 MBR partitions:
00:18:29.0758 0640 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
00:18:29.0758 0640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51D62800
00:18:29.0789 0640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x51DC7800, BlocksNum 0x3A00800
00:18:29.0789 0640 ============================================================
00:18:29.0821 0640 C: <-> \Device\Harddisk0\DR0\Partition1
00:18:29.0883 0640 D: <-> \Device\Harddisk0\DR0\Partition2
00:18:29.0883 0640 ============================================================
00:18:29.0883 0640 Initialize success
00:18:29.0883 0640 ============================================================
00:18:49.0023 1536 Deinitialize success


00:19:02.0241 0932 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
00:19:02.0459 0932 ============================================================
00:19:02.0459 0932 Current date / time: 2012/06/30 00:19:02.0459
00:19:02.0459 0932 SystemInfo:
00:19:02.0459 0932
00:19:02.0459 0932 OS Version: 6.1.7601 ServicePack: 1.0
00:19:02.0459 0932 Product type: Workstation
00:19:02.0459 0932 ComputerName: ADMIN-PC
00:19:02.0459 0932 UserName: admin
00:19:02.0459 0932 Windows directory: C:\windows
00:19:02.0459 0932 System windows directory: C:\windows
00:19:02.0459 0932 Running under WOW64
00:19:02.0459 0932 Processor architecture: Intel x64
00:19:02.0459 0932 Number of processors: 4
00:19:02.0459 0932 Page size: 0x1000
00:19:02.0459 0932 Boot type: Safe boot with network
00:19:02.0459 0932 ============================================================
00:19:02.0854 0932 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x162DD1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
00:19:02.0870 0932 ============================================================
00:19:02.0870 0932 \Device\Harddisk0\DR0:
00:19:02.0870 0932 MBR partitions:
00:19:02.0870 0932 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
00:19:02.0870 0932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51D62800
00:19:02.0901 0932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x51DC7800, BlocksNum 0x3A00800
00:19:02.0901 0932 ============================================================
00:19:02.0932 0932 C: <-> \Device\Harddisk0\DR0\Partition1
00:19:02.0994 0932 D: <-> \Device\Harddisk0\DR0\Partition2
00:19:02.0994 0932 ============================================================
00:19:02.0994 0932 Initialize success
00:19:02.0994 0932 ============================================================
00:19:09.0455 2004 ============================================================
00:19:09.0455 2004 Scan started
00:19:09.0455 2004 Mode: Manual; TDLFS;
00:19:09.0455 2004 ============================================================
00:19:09.0948 2004 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
00:19:09.0948 2004 1394ohci - ok
00:19:10.0011 2004 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
00:19:10.0011 2004 ACPI - ok
00:19:10.0026 2004 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
00:19:10.0026 2004 AcpiPmi - ok
00:19:10.0073 2004 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys
00:19:10.0073 2004 ACPIVPC - ok
00:19:10.0229 2004 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
00:19:10.0245 2004 Ad-Aware Service - ok
00:19:10.0416 2004 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:19:10.0432 2004 AdobeFlashPlayerUpdateSvc - ok
00:19:10.0604 2004 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
00:19:10.0604 2004 adp94xx - ok
00:19:10.0650 2004 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
00:19:10.0650 2004 adpahci - ok
00:19:10.0682 2004 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
00:19:10.0682 2004 adpu320 - ok
00:19:10.0731 2004 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
00:19:10.0731 2004 AeLookupSvc - ok
00:19:10.0782 2004 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
00:19:10.0798 2004 AFD - ok
00:19:10.0829 2004 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
00:19:10.0829 2004 agp440 - ok
00:19:10.0860 2004 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
00:19:10.0860 2004 ALG - ok
00:19:10.0876 2004 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
00:19:10.0876 2004 aliide - ok
00:19:10.0876 2004 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
00:19:10.0876 2004 amdide - ok
00:19:10.0907 2004 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
00:19:10.0907 2004 AmdK8 - ok
00:19:10.0907 2004 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
00:19:10.0907 2004 AmdPPM - ok
00:19:10.0954 2004 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
00:19:10.0954 2004 amdsata - ok
00:19:11.0000 2004 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
00:19:11.0000 2004 amdsbs - ok
00:19:11.0032 2004 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
00:19:11.0032 2004 amdxata - ok
00:19:11.0078 2004 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
00:19:11.0078 2004 AppID - ok
00:19:11.0094 2004 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
00:19:11.0094 2004 AppIDSvc - ok
00:19:11.0110 2004 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
00:19:11.0110 2004 Appinfo - ok
00:19:11.0141 2004 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
00:19:11.0141 2004 arc - ok
00:19:11.0141 2004 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
00:19:11.0156 2004 arcsas - ok
00:19:11.0172 2004 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
00:19:11.0172 2004 AsyncMac - ok
00:19:11.0203 2004 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
00:19:11.0203 2004 atapi - ok
00:19:11.0281 2004 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
00:19:11.0297 2004 AudioEndpointBuilder - ok
00:19:11.0297 2004 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
00:19:11.0297 2004 AudioSrv - ok
00:19:11.0671 2004 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
00:19:11.0771 2004 AVGIDSAgent - ok
00:19:11.0927 2004 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
00:19:11.0943 2004 AVGIDSDriver - ok
00:19:11.0974 2004 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
00:19:11.0974 2004 AVGIDSFilter - ok
00:19:12.0021 2004 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
00:19:12.0021 2004 AVGIDSHA - ok
00:19:12.0068 2004 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
00:19:12.0083 2004 Avgldx64 - ok
00:19:12.0099 2004 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
00:19:12.0099 2004 Avgmfx64 - ok
00:19:12.0146 2004 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
00:19:12.0146 2004 Avgrkx64 - ok
00:19:12.0192 2004 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
00:19:12.0192 2004 Avgtdia - ok
00:19:12.0302 2004 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
00:19:12.0317 2004 avgwd - ok
00:19:12.0348 2004 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
00:19:12.0348 2004 AxInstSV - ok
00:19:12.0426 2004 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
00:19:12.0426 2004 b06bdrv - ok
00:19:12.0489 2004 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
00:19:12.0504 2004 b57nd60a - ok
00:19:12.0551 2004 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
00:19:12.0551 2004 BDESVC - ok
00:19:12.0567 2004 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
00:19:12.0567 2004 Beep - ok
00:19:12.0645 2004 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
00:19:12.0645 2004 BFE - ok
00:19:12.0898 2004 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
00:19:12.0914 2004 BHDrvx64 - ok
00:19:13.0306 2004 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
00:19:13.0322 2004 BITS - ok
00:19:13.0384 2004 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
00:19:13.0384 2004 blbdrive - ok
00:19:13.0447 2004 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
00:19:13.0447 2004 bowser - ok
00:19:13.0493 2004 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys
00:19:13.0493 2004 BPntDrv - ok
00:19:13.0509 2004 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
00:19:13.0509 2004 BrFiltLo - ok
00:19:13.0525 2004 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
00:19:13.0525 2004 BrFiltUp - ok
00:19:13.0556 2004 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
00:19:13.0556 2004 Browser - ok
00:19:13.0603 2004 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
00:19:13.0603 2004 Brserid - ok
00:19:13.0618 2004 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
00:19:13.0618 2004 BrSerWdm - ok
00:19:13.0618 2004 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
00:19:13.0618 2004 BrUsbMdm - ok
00:19:13.0634 2004 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
00:19:13.0634 2004 BrUsbSer - ok
00:19:13.0681 2004 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
00:19:13.0681 2004 BthEnum - ok
00:19:13.0712 2004 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
00:19:13.0712 2004 BTHMODEM - ok
00:19:13.0727 2004 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
00:19:13.0727 2004 BthPan - ok
00:19:13.0791 2004 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
00:19:13.0807 2004 BTHPORT - ok
00:19:13.0822 2004 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
00:19:13.0822 2004 bthserv - ok
00:19:13.0838 2004 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
00:19:13.0838 2004 BTHUSB - ok
00:19:13.0885 2004 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
00:19:13.0885 2004 cdfs - ok
00:19:13.0932 2004 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
00:19:13.0932 2004 cdrom - ok
00:19:13.0963 2004 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
00:19:13.0963 2004 CertPropSvc - ok
00:19:13.0978 2004 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
00:19:13.0978 2004 circlass - ok
00:19:14.0010 2004 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
00:19:14.0025 2004 CLFS - ok
00:19:14.0119 2004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:19:14.0119 2004 clr_optimization_v2.0.50727_32 - ok
00:19:14.0181 2004 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:19:14.0181 2004 clr_optimization_v2.0.50727_64 - ok
00:19:14.0290 2004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:19:14.0337 2004 clr_optimization_v4.0.30319_32 - ok
00:19:14.0384 2004 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:19:14.0400 2004 clr_optimization_v4.0.30319_64 - ok
00:19:14.0446 2004 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
00:19:14.0446 2004 clwvd - ok
00:19:14.0478 2004 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
00:19:14.0478 2004 CmBatt - ok
00:19:14.0509 2004 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
00:19:14.0509 2004 cmdide - ok
00:19:14.0571 2004 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
00:19:14.0571 2004 CNG - ok
00:19:14.0618 2004 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
00:19:14.0618 2004 Compbatt - ok
00:19:14.0649 2004 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
00:19:14.0649 2004 CompositeBus - ok
00:19:14.0665 2004 COMSysApp - ok
00:19:14.0680 2004 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
00:19:14.0680 2004 crcdisk - ok
00:19:14.0727 2004 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
00:19:14.0727 2004 CryptSvc - ok
00:19:14.0793 2004 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
00:19:14.0793 2004 DcomLaunch - ok
00:19:14.0840 2004 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
00:19:14.0840 2004 defragsvc - ok
00:19:14.0856 2004 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
00:19:14.0856 2004 DfsC - ok
00:19:14.0903 2004 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
00:19:14.0918 2004 Dhcp - ok
00:19:14.0918 2004 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
00:19:14.0918 2004 discache - ok
00:19:14.0965 2004 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
00:19:14.0965 2004 Disk - ok
00:19:14.0996 2004 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
00:19:15.0012 2004 Dnscache - ok
00:19:15.0043 2004 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
00:19:15.0043 2004 dot3svc - ok
00:19:15.0059 2004 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
00:19:15.0074 2004 DPS - ok
00:19:15.0105 2004 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
00:19:15.0105 2004 drmkaud - ok
00:19:15.0168 2004 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
00:19:15.0183 2004 DXGKrnl - ok
00:19:15.0215 2004 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
00:19:15.0215 2004 EapHost - ok
00:19:15.0417 2004 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
00:19:15.0464 2004 ebdrv - ok
00:19:15.0605 2004 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:19:15.0620 2004 eeCtrl - ok
00:19:15.0698 2004 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
00:19:15.0698 2004 EFS - ok
00:19:15.0780 2004 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
00:19:15.0811 2004 ehRecvr - ok
00:19:15.0858 2004 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
00:19:15.0858 2004 ehSched - ok
00:19:15.0952 2004 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
00:19:15.0952 2004 elxstor - ok
00:19:16.0076 2004 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:19:16.0076 2004 EraserUtilRebootDrv - ok
00:19:16.0092 2004 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
00:19:16.0092 2004 ErrDev - ok
00:19:16.0154 2004 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
00:19:16.0154 2004 EventSystem - ok
00:19:16.0373 2004 EvtEng (f8f610093e1d7fdfa477fc34d15d5c60) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:19:16.0404 2004 EvtEng - ok
00:19:16.0544 2004 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
00:19:16.0544 2004 exfat - ok
00:19:16.0576 2004 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
00:19:16.0576 2004 fastfat - ok
00:19:16.0669 2004 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
00:19:16.0669 2004 Fax - ok
00:19:16.0700 2004 fbfmon (3191aca33088ee2481044fc0db736442) C:\windows\system32\drivers\fbfmon.sys
00:19:16.0700 2004 fbfmon - ok
00:19:16.0732 2004 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
00:19:16.0732 2004 fdc - ok
00:19:16.0752 2004 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
00:19:16.0755 2004 fdPHost - ok
00:19:16.0780 2004 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
00:19:16.0780 2004 FDResPub - ok
00:19:16.0798 2004 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
00:19:16.0798 2004 FileInfo - ok
00:19:16.0813 2004 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
00:19:16.0813 2004 Filetrace - ok
00:19:16.0829 2004 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
00:19:16.0829 2004 flpydisk - ok
00:19:16.0860 2004 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
00:19:16.0876 2004 FltMgr - ok
00:19:16.0969 2004 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
00:19:16.0985 2004 FontCache - ok
00:19:17.0047 2004 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:19:17.0047 2004 FontCache3.0.0.0 - ok
00:19:17.0110 2004 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
00:19:17.0110 2004 FsDepends - ok
00:19:17.0125 2004 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
00:19:17.0125 2004 Fs_Rec - ok
00:19:17.0172 2004 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
00:19:17.0188 2004 fvevol - ok
00:19:17.0203 2004 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
00:19:17.0219 2004 gagp30kx - ok
00:19:17.0235 2004 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
00:19:17.0235 2004 GEARAspiWDM - ok
00:19:17.0313 2004 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
00:19:17.0313 2004 gpsvc - ok
00:19:17.0328 2004 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
00:19:17.0328 2004 hcw85cir - ok
00:19:17.0375 2004 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
00:19:17.0391 2004 HdAudAddService - ok
00:19:17.0422 2004 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
00:19:17.0422 2004 HDAudBus - ok
00:19:17.0437 2004 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
00:19:17.0437 2004 HidBatt - ok
00:19:17.0453 2004 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
00:19:17.0453 2004 HidBth - ok
00:19:17.0469 2004 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
00:19:17.0469 2004 HidIr - ok
00:19:17.0484 2004 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
00:19:17.0484 2004 hidserv - ok
00:19:17.0515 2004 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
00:19:17.0515 2004 HidUsb - ok
00:19:17.0547 2004 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
00:19:17.0547 2004 hkmsvc - ok
00:19:17.0593 2004 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
00:19:17.0593 2004 HomeGroupListener - ok
00:19:17.0640 2004 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
00:19:17.0640 2004 HomeGroupProvider - ok
00:19:17.0671 2004 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
00:19:17.0671 2004 HpSAMD - ok
00:19:17.0734 2004 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
00:19:17.0734 2004 HTTP - ok
00:19:17.0774 2004 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
00:19:17.0774 2004 hwpolicy - ok
00:19:17.0822 2004 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
00:19:17.0824 2004 i8042prt - ok
00:19:17.0884 2004 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
00:19:17.0887 2004 iaStor - ok
00:19:17.0939 2004 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
00:19:17.0942 2004 iaStorV - ok
00:19:18.0062 2004 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:19:18.0093 2004 idsvc - ok
00:19:18.0265 2004 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120628.001\IDSvia64.sys
00:19:18.0265 2004 IDSVia64 - ok
00:19:19.0036 2004 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\windows\system32\DRIVERS\igdkmd64.sys
00:19:19.0239 2004 igfx - ok
00:19:19.0363 2004 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
00:19:19.0363 2004 iirsp - ok
00:19:19.0441 2004 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
00:19:19.0457 2004 IKEEXT - ok
00:19:19.0644 2004 IntcAzAudAddService (a9853214cc97796579d75b1f59c51dcd) C:\windows\system32\drivers\RTKVHD64.sys
00:19:19.0707 2004 IntcAzAudAddService - ok
00:19:19.0867 2004 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
00:19:19.0883 2004 IntcDAud - ok
00:19:19.0914 2004 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
00:19:19.0914 2004 intelide - ok
00:19:19.0945 2004 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
00:19:19.0945 2004 intelppm - ok
00:19:19.0992 2004 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
00:19:19.0992 2004 IPBusEnum - ok
00:19:20.0007 2004 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
00:19:20.0007 2004 IpFilterDriver - ok
00:19:20.0054 2004 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
00:19:20.0070 2004 iphlpsvc - ok
00:19:20.0070 2004 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
00:19:20.0070 2004 IPMIDRV - ok
00:19:20.0085 2004 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
00:19:20.0085 2004 IPNAT - ok
00:19:20.0117 2004 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
00:19:20.0117 2004 IRENUM - ok
00:19:20.0117 2004 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
00:19:20.0117 2004 isapnp - ok
00:19:20.0163 2004 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
00:19:20.0163 2004 iScsiPrt - ok
00:19:20.0195 2004 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
00:19:20.0195 2004 kbdclass - ok
00:19:20.0226 2004 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
00:19:20.0226 2004 kbdhid - ok
00:19:20.0257 2004 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:19:20.0257 2004 KeyIso - ok
00:19:20.0273 2004 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
00:19:20.0273 2004 KSecDD - ok
00:19:20.0319 2004 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
00:19:20.0319 2004 KSecPkg - ok
00:19:20.0335 2004 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
00:19:20.0335 2004 ksthunk - ok
00:19:20.0382 2004 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
00:19:20.0397 2004 KtmRm - ok
00:19:20.0444 2004 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
00:19:20.0444 2004 LanmanServer - ok
00:19:20.0491 2004 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
00:19:20.0491 2004 LanmanWorkstation - ok
00:19:20.0522 2004 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
00:19:20.0522 2004 LHDmgr - ok
00:19:20.0569 2004 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
00:19:20.0569 2004 lltdio - ok
00:19:20.0616 2004 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
00:19:20.0616 2004 lltdsvc - ok
00:19:20.0663 2004 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
00:19:20.0663 2004 lmhosts - ok
00:19:20.0792 2004 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:19:20.0807 2004 LMS - ok
00:19:20.0854 2004 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
00:19:20.0854 2004 LSI_FC - ok
00:19:20.0901 2004 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
00:19:20.0901 2004 LSI_SAS - ok
00:19:20.0917 2004 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
00:19:20.0917 2004 LSI_SAS2 - ok
00:19:20.0948 2004 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
00:19:20.0948 2004 LSI_SCSI - ok
00:19:20.0995 2004 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
00:19:20.0995 2004 luafv - ok
00:19:21.0026 2004 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
00:19:21.0026 2004 Mcx2Svc - ok
00:19:21.0041 2004 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
00:19:21.0041 2004 megasas - ok
00:19:21.0088 2004 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
00:19:21.0088 2004 MegaSR - ok
00:19:21.0135 2004 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
00:19:21.0135 2004 MEIx64 - ok
00:19:21.0213 2004 Microsoft SharePoint Workspace Audit Service - ok
00:19:21.0244 2004 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
00:19:21.0244 2004 MMCSS - ok
00:19:21.0275 2004 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
00:19:21.0275 2004 Modem - ok
00:19:21.0291 2004 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
00:19:21.0291 2004 monitor - ok
00:19:21.0338 2004 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
00:19:21.0338 2004 mouclass - ok
00:19:21.0353 2004 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
00:19:21.0353 2004 mouhid - ok
00:19:21.0369 2004 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
00:19:21.0369 2004 mountmgr - ok
00:19:21.0431 2004 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:19:21.0431 2004 MozillaMaintenance - ok
00:19:21.0463 2004 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
00:19:21.0463 2004 mpio - ok
00:19:21.0478 2004 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
00:19:21.0478 2004 mpsdrv - ok
00:19:21.0556 2004 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
00:19:21.0556 2004 MpsSvc - ok
00:19:21.0587 2004 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
00:19:21.0603 2004 MRxDAV - ok
00:19:21.0634 2004 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
00:19:21.0634 2004 mrxsmb - ok
00:19:21.0665 2004 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
00:19:21.0681 2004 mrxsmb10 - ok
00:19:21.0697 2004 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
00:19:21.0697 2004 mrxsmb20 - ok
00:19:21.0712 2004 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
00:19:21.0712 2004 msahci - ok
00:19:21.0743 2004 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
00:19:21.0743 2004 msdsm - ok
00:19:21.0759 2004 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
00:19:21.0759 2004 MSDTC - ok
00:19:21.0792 2004 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
00:19:21.0792 2004 Msfs - ok
00:19:21.0808 2004 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
00:19:21.0808 2004 mshidkmdf - ok
00:19:21.0808 2004 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
00:19:21.0808 2004 msisadrv - ok
00:19:21.0870 2004 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
00:19:21.0870 2004 MSiSCSI - ok
00:19:21.0870 2004 msiserver - ok
00:19:21.0901 2004 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
00:19:21.0901 2004 MSKSSRV - ok
00:19:21.0933 2004 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
00:19:21.0933 2004 MSPCLOCK - ok
00:19:21.0948 2004 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
00:19:21.0948 2004 MSPQM - ok
00:19:21.0995 2004 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
00:19:21.0995 2004 MsRPC - ok
00:19:22.0011 2004 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
00:19:22.0011 2004 mssmbios - ok
00:19:22.0042 2004 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
00:19:22.0042 2004 MSTEE - ok
00:19:22.0073 2004 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
00:19:22.0073 2004 MTConfig - ok
00:19:22.0104 2004 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
00:19:22.0104 2004 Mup - ok
00:19:22.0198 2004 MyWiFiDHCPDNS (f6ea50dbc391f04ca49427010657ccb3) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:19:22.0213 2004 MyWiFiDHCPDNS - ok
00:19:22.0338 2004 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
00:19:22.0354 2004 N360 - ok
00:19:22.0416 2004 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
00:19:22.0416 2004 napagent - ok
00:19:22.0510 2004 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
00:19:22.0510 2004 NativeWifiP - ok
00:19:22.0666 2004 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120628.024\ENG64.SYS
00:19:22.0666 2004 NAVENG - ok
00:19:22.0811 2004 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120628.024\EX64.SYS
00:19:22.0842 2004 NAVEX15 - ok
00:19:23.0060 2004 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
00:19:23.0076 2004 NDIS - ok
00:19:23.0138 2004 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
00:19:23.0138 2004 NdisCap - ok
00:19:23.0154 2004 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
00:19:23.0169 2004 NdisTapi - ok
00:19:23.0201 2004 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
00:19:23.0201 2004 Ndisuio - ok
00:19:23.0232 2004 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
00:19:23.0232 2004 NdisWan - ok
00:19:23.0263 2004 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
00:19:23.0263 2004 NDProxy - ok
00:19:23.0263 2004 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
00:19:23.0263 2004 NetBIOS - ok
00:19:23.0279 2004 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
00:19:23.0294 2004 NetBT - ok
00:19:23.0310 2004 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:19:23.0310 2004 Netlogon - ok
00:19:23.0372 2004 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
00:19:23.0388 2004 Netman - ok
00:19:23.0419 2004 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
00:19:23.0435 2004 netprofm - ok
00:19:23.0513 2004 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:19:23.0513 2004 NetTcpPortSharing - ok
00:19:23.0954 2004 NETwNs64 (30933bb56fb611d0252bad488adfb533) C:\windows\system32\DRIVERS\NETwNs64.sys
00:19:24.0079 2004 NETwNs64 - ok
00:19:24.0235 2004 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
00:19:24.0235 2004 nfrd960 - ok
00:19:24.0297 2004 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
00:19:24.0297 2004 NlaSvc - ok
00:19:24.0313 2004 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
00:19:24.0313 2004 Npfs - ok
00:19:24.0328 2004 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
00:19:24.0328 2004 nsi - ok
00:19:24.0328 2004 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
00:19:24.0328 2004 nsiproxy - ok
00:19:24.0469 2004 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
00:19:24.0500 2004 Ntfs - ok
00:19:24.0640 2004 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
00:19:24.0640 2004 Null - ok
00:19:24.0687 2004 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
00:19:24.0687 2004 nvraid - ok
00:19:24.0718 2004 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
00:19:24.0718 2004 nvstor - ok
00:19:24.0749 2004 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
00:19:24.0749 2004 nv_agp - ok
00:19:24.0845 2004 Oasis2Service (2af46ffdfe180afa6e4b8c9ec0680d67) C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
00:19:24.0845 2004 Oasis2Service - ok
00:19:24.0860 2004 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
00:19:24.0860 2004 ohci1394 - ok
00:19:24.0938 2004 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:19:24.0938 2004 ose - ok
00:19:25.0235 2004 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:19:25.0328 2004 osppsvc - ok
00:19:25.0469 2004 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
00:19:25.0469 2004 p2pimsvc - ok
00:19:25.0531 2004 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
00:19:25.0531 2004 p2psvc - ok
00:19:25.0594 2004 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
00:19:25.0594 2004 Parport - ok
00:19:25.0625 2004 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
00:19:25.0625 2004 partmgr - ok
00:19:25.0656 2004 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
00:19:25.0656 2004 PcaSvc - ok
00:19:25.0672 2004 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
00:19:25.0687 2004 pci - ok
00:19:25.0687 2004 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
00:19:25.0687 2004 pciide - ok
00:19:25.0703 2004 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
00:19:25.0718 2004 pcmcia - ok
00:19:25.0734 2004 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
00:19:25.0734 2004 pcw - ok
00:19:25.0793 2004 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
00:19:25.0801 2004 PEAUTH - ok
00:19:25.0879 2004 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
00:19:25.0894 2004 PerfHost - ok
00:19:26.0004 2004 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
00:19:26.0035 2004 pla - ok
00:19:26.0082 2004 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
00:19:26.0097 2004 PlugPlay - ok
00:19:26.0113 2004 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
00:19:26.0113 2004 PNRPAutoReg - ok
00:19:26.0144 2004 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
00:19:26.0160 2004 PNRPsvc - ok
00:19:26.0206 2004 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
00:19:26.0222 2004 PolicyAgent - ok
00:19:26.0253 2004 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
00:19:26.0269 2004 Power - ok
00:19:26.0339 2004 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
00:19:26.0339 2004 PptpMiniport - ok
00:19:26.0359 2004 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
00:19:26.0359 2004 Processor - ok
00:19:26.0656 2004 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
00:19:26.0671 2004 ProfSvc - ok
00:19:26.0687 2004 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:19:26.0687 2004 ProtectedStorage - ok
00:19:26.0734 2004 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
00:19:26.0734 2004 Psched - ok
00:19:26.0863 2004 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
00:19:26.0894 2004 ql2300 - ok
00:19:27.0035 2004 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
00:19:27.0035 2004 ql40xx - ok
00:19:27.0081 2004 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
00:19:27.0081 2004 QWAVE - ok
00:19:27.0113 2004 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
00:19:27.0113 2004 QWAVEdrv - ok
00:19:27.0113 2004 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
00:19:27.0128 2004 RasAcd - ok
00:19:27.0159 2004 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
00:19:27.0175 2004 RasAgileVpn - ok
00:19:27.0191 2004 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
00:19:27.0191 2004 RasAuto - ok
00:19:27.0222 2004 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
00:19:27.0222 2004 Rasl2tp - ok
00:19:27.0269 2004 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
00:19:27.0269 2004 RasMan - ok
00:19:27.0284 2004 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
00:19:27.0284 2004 RasPppoe - ok
00:19:27.0300 2004 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
00:19:27.0300 2004 RasSstp - ok
00:19:27.0347 2004 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
00:19:27.0347 2004 rdbss - ok
00:19:27.0378 2004 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
00:19:27.0378 2004 rdpbus - ok
00:19:27.0393 2004 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
00:19:27.0393 2004 RDPCDD - ok
00:19:27.0425 2004 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
00:19:27.0425 2004 RDPENCDD - ok
00:19:27.0425 2004 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
00:19:27.0425 2004 RDPREFMP - ok
00:19:27.0487 2004 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
00:19:27.0487 2004 RDPWD - ok
00:19:27.0534 2004 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
00:19:27.0534 2004 rdyboost - ok
00:19:27.0690 2004 RegSrvc (9276f4d4109fc349925d28e00e533146) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:19:27.0690 2004 RegSrvc - ok
00:19:27.0721 2004 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
00:19:27.0721 2004 RemoteAccess - ok
00:19:27.0768 2004 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
00:19:27.0768 2004 RemoteRegistry - ok
00:19:27.0856 2004 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
00:19:27.0858 2004 RFCOMM - ok
00:19:27.0896 2004 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
00:19:27.0896 2004 RpcEptMapper - ok
00:19:27.0921 2004 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
00:19:27.0921 2004 RpcLocator - ok
00:19:27.0963 2004 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
00:19:27.0966 2004 RpcSs - ok
00:19:28.0001 2004 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
00:19:28.0001 2004 rspndr - ok
00:19:28.0079 2004 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\windows\system32\Drivers\RtsUVStor.sys
00:19:28.0079 2004 RSUSBVSTOR - ok
00:19:28.0141 2004 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\windows\system32\DRIVERS\Rt64win7.sys
00:19:28.0141 2004 RTL8167 - ok
00:19:28.0219 2004 RtLedService (a11ab0af5c7c2724d493f837c51f1575) C:\Program Files\Realtek\RtLED\RtLEDService.exe
00:19:28.0235 2004 RtLedService - ok
00:19:28.0266 2004 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:19:28.0266 2004 SamSs - ok
00:19:28.0531 2004 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
00:19:28.0609 2004 SBAMSvc - ok
00:19:28.0750 2004 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\windows\system32\DRIVERS\sbapifs.sys
00:19:28.0750 2004 sbapifs - ok
00:19:28.0848 2004 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\windows\system32\drivers\SbFw.sys
00:19:28.0848 2004 SbFw - ok
00:19:28.0895 2004 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\sbfwim.sys
00:19:28.0895 2004 SBFWIMCL - ok
00:19:28.0911 2004 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\SBFWIM.sys
00:19:28.0911 2004 SBFWIMCLMP - ok
00:19:28.0926 2004 sbhips (b671eef468d13016b9286f5835a06ae1) C:\windows\system32\drivers\sbhips.sys
00:19:28.0926 2004 sbhips - ok
00:19:28.0973 2004 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
00:19:28.0973 2004 sbp2port - ok
00:19:28.0973 2004 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\windows\system32\drivers\SBREdrv.sys
00:19:28.0989 2004 SBRE - ok
00:19:29.0114 2004 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
00:19:29.0129 2004 SBSDWSCService - ok
00:19:29.0192 2004 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\windows\system32\DRIVERS\sbwtis.sys
00:19:29.0192 2004 sbwtis - ok
00:19:29.0238 2004 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
00:19:29.0238 2004 SCardSvr - ok
00:19:29.0285 2004 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
00:19:29.0285 2004 scfilter - ok
00:19:29.0363 2004 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
00:19:29.0379 2004 Schedule - ok
00:19:29.0410 2004 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
00:19:29.0410 2004 SCPolicySvc - ok
00:19:29.0441 2004 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
00:19:29.0441 2004 SDRSVC - ok
00:19:29.0504 2004 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
00:19:29.0504 2004 secdrv - ok
00:19:29.0519 2004 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
00:19:29.0519 2004 seclogon - ok
00:19:29.0535 2004 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
00:19:29.0550 2004 SENS - ok
00:19:29.0582 2004 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
00:19:29.0582 2004 SensrSvc - ok
00:19:29.0597 2004 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
00:19:29.0597 2004 Serenum - ok
00:19:29.0644 2004 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
00:19:29.0644 2004 Serial - ok
00:19:29.0660 2004 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
00:19:29.0660 2004 sermouse - ok
00:19:29.0675 2004 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
00:19:29.0675 2004 SessionEnv - ok
00:19:29.0691 2004 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
00:19:29.0691 2004 sffdisk - ok
00:19:29.0706 2004 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
00:19:29.0706 2004 sffp_mmc - ok
00:19:29.0706 2004 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
00:19:29.0706 2004 sffp_sd - ok
00:19:29.0706 2004 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
00:19:29.0706 2004 sfloppy - ok
00:19:29.0753 2004 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
00:19:29.0769 2004 SharedAccess - ok
00:19:29.0805 2004 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
00:19:29.0805 2004 ShellHWDetection - ok
00:19:29.0852 2004 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
00:19:29.0852 2004 SiSRaid2 - ok
00:19:29.0867 2004 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
00:19:29.0867 2004 SiSRaid4 - ok
00:19:29.0961 2004 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
00:19:29.0961 2004 SkypeUpdate - ok
00:19:30.0008 2004 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
00:19:30.0008 2004 Smb - ok
00:19:30.0070 2004 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
00:19:30.0070 2004 SNMPTRAP - ok
00:19:30.0101 2004 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
00:19:30.0101 2004 spldr - ok
00:19:30.0148 2004 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
00:19:30.0164 2004 Spooler - ok
00:19:30.0351 2004 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
00:19:30.0413 2004 sppsvc - ok
00:19:30.0523 2004 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
00:19:30.0523 2004 sppuinotify - ok
00:19:30.0679 2004 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS
00:19:30.0679 2004 SRTSP - ok
00:19:30.0710 2004 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS
00:19:30.0710 2004 SRTSPX - ok
00:19:30.0772 2004 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
00:19:30.0788 2004 srv - ok
00:19:30.0824 2004 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
00:19:30.0824 2004 srv2 - ok
00:19:30.0840 2004 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
00:19:30.0855 2004 srvnet - ok
00:19:30.0902 2004 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
00:19:30.0902 2004 SSDPSRV - ok
00:19:30.0918 2004 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
00:19:30.0918 2004 SstpSvc - ok
00:19:30.0949 2004 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
00:19:30.0949 2004 stexstor - ok
00:19:31.0027 2004 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
00:19:31.0027 2004 stisvc - ok
00:19:31.0058 2004 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
00:19:31.0058 2004 swenum - ok
00:19:31.0105 2004 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
00:19:31.0105 2004 swprv - ok
00:19:31.0245 2004 SymDS (6160145c7a87fc7672e8e3b886888176) C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS
00:19:31.0245 2004 SymDS - ok
00:19:31.0323 2004 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS
00:19:31.0323 2004 SymEFA - ok
00:19:31.0370 2004 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
00:19:31.0386 2004 SymEvent - ok
00:19:31.0432 2004 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS
00:19:31.0432 2004 SymIRON - ok
00:19:31.0479 2004 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS
00:19:31.0479 2004 SymNetS - ok
00:19:31.0620 2004 SynTP (08425cd92972c6430f350a9697f4a553) C:\windows\system32\DRIVERS\SynTP.sys
00:19:31.0635 2004 SynTP - ok
00:19:31.0843 2004 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
00:19:31.0890 2004 SysMain - ok
00:19:31.0952 2004 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
00:19:31.0952 2004 TabletInputService - ok
00:19:31.0999 2004 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
00:19:31.0999 2004 TapiSrv - ok
00:19:32.0015 2004 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
00:19:32.0015 2004 TBS - ok
00:19:32.0202 2004 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
00:19:32.0249 2004 Tcpip - ok
00:19:32.0467 2004 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
00:19:32.0483 2004 TCPIP6 - ok
00:19:32.0561 2004 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
00:19:32.0561 2004 tcpipreg - ok
00:19:32.0576 2004 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
00:19:32.0592 2004 TDPIPE - ok
00:19:32.0623 2004 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
00:19:32.0623 2004 TDTCP - ok
00:19:32.0654 2004 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
00:19:32.0654 2004 tdx - ok
00:19:32.0670 2004 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
00:19:32.0670 2004 TermDD - ok
00:19:32.0748 2004 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
00:19:32.0763 2004 TermService - ok
00:19:32.0779 2004 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
00:19:32.0779 2004 Themes - ok
00:19:32.0818 2004 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
00:19:32.0818 2004 THREADORDER - ok
00:19:32.0833 2004 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
00:19:32.0849 2004 TrkWks - ok
00:19:32.0896 2004 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
00:19:32.0911 2004 TrustedInstaller - ok
00:19:32.0927 2004 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
00:19:32.0927 2004 tssecsrv - ok
00:19:32.0974 2004 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
00:19:32.0974 2004 TsUsbFlt - ok
00:19:32.0989 2004 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
00:19:32.0989 2004 TsUsbGD - ok
00:19:33.0036 2004 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
00:19:33.0036 2004 tunnel - ok
00:19:33.0067 2004 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
00:19:33.0067 2004 uagp35 - ok
00:19:33.0083 2004 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
00:19:33.0098 2004 udfs - ok
00:19:33.0114 2004 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
00:19:33.0114 2004 UI0Detect - ok
00:19:33.0145 2004 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
00:19:33.0145 2004 uliagpkx - ok
00:19:33.0161 2004 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
00:19:33.0161 2004 umbus - ok
00:19:33.0176 2004 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
00:19:33.0176 2004 UmPass - ok
00:19:33.0410 2004 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:19:33.0457 2004 UNS - ok
00:19:33.0629 2004 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
00:19:33.0644 2004 upnphost - ok
00:19:33.0691 2004 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
00:19:33.0691 2004 usbccgp - ok
00:19:33.0738 2004 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
00:19:33.0738 2004 usbcir - ok
00:19:33.0769 2004 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
00:19:33.0769 2004 usbehci - ok
00:19:33.0821 2004 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
00:19:33.0824 2004 usbhub - ok
00:19:33.0839 2004 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
00:19:33.0839 2004 usbohci - ok
00:19:33.0855 2004 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
00:19:33.0855 2004 usbprint - ok
00:19:33.0886 2004 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
00:19:33.0886 2004 usbscan - ok
00:19:33.0917 2004 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
00:19:33.0917 2004 USBSTOR - ok
00:19:33.0933 2004 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
00:19:33.0933 2004 usbuhci - ok
00:19:33.0980 2004 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
00:19:33.0980 2004 usbvideo - ok
00:19:34.0011 2004 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
00:19:34.0011 2004 UxSms - ok
00:19:34.0026 2004 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:19:34.0026 2004 VaultSvc - ok
00:19:34.0058 2004 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
00:19:34.0058 2004 vdrvroot - ok
00:19:34.0104 2004 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
00:19:34.0120 2004 vds - ok
00:19:34.0136 2004 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
00:19:34.0136 2004 vga - ok
00:19:34.0151 2004 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
00:19:34.0151 2004 VgaSave - ok
00:19:34.0182 2004 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
00:19:34.0198 2004 vhdmp - ok
00:19:34.0214 2004 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
00:19:34.0214 2004 viaide - ok
00:19:34.0229 2004 vm2uvcflt (5cb80afa98111fc6ed6e8702a0d7ac5b) C:\windows\system32\Drivers\vm2uvcflt.sys
00:19:34.0229 2004 vm2uvcflt - ok
00:19:34.0292 2004 vm332avs (d8bd0784aadce2aaee8f8e2c57a0bc7c) C:\windows\system32\Drivers\vm332avs.sys
00:19:34.0292 2004 vm332avs - ok
00:19:34.0323 2004 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
00:19:34.0323 2004 volmgr - ok
00:19:34.0354 2004 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
00:19:34.0354 2004 volmgrx - ok
00:19:34.0401 2004 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
00:19:34.0401 2004 volsnap - ok
00:19:34.0432 2004 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
00:19:34.0432 2004 vsmraid - ok
00:19:34.0557 2004 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
00:19:34.0572 2004 VSS - ok
00:19:34.0713 2004 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
00:19:34.0713 2004 vwifibus - ok
00:19:34.0744 2004 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
00:19:34.0744 2004 vwififlt - ok
00:19:34.0760 2004 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
00:19:34.0760 2004 vwifimp - ok
00:19:34.0806 2004 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
00:19:34.0806 2004 W32Time - ok
00:19:34.0827 2004 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
00:19:34.0827 2004 WacomPen - ok
00:19:34.0861 2004 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
00:19:34.0861 2004 WANARP - ok
00:19:34.0861 2004 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
00:19:34.0861 2004 Wanarpv6 - ok
00:19:34.0970 2004 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
00:19:35.0001 2004 WatAdminSvc - ok
00:19:35.0110 2004 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
00:19:35.0126 2004 wbengine - ok
00:19:35.0251 2004 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
00:19:35.0266 2004 WbioSrvc - ok
00:19:35.0297 2004 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
00:19:35.0313 2004 wcncsvc - ok
00:19:35.0329 2004 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
00:19:35.0329 2004 WcsPlugInService - ok
00:19:35.0375 2004 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
00:19:35.0375 2004 Wd - ok
00:19:35.0422 2004 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
00:19:35.0438 2004 Wdf01000 - ok
00:19:35.0453 2004 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
00:19:35.0469 2004 WdiServiceHost - ok
00:19:35.0469 2004 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
00:19:35.0469 2004 WdiSystemHost - ok
00:19:35.0500 2004 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
00:19:35.0500 2004 wdkmd - ok
00:19:35.0531 2004 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
00:19:35.0547 2004 WebClient - ok
00:19:35.0578 2004 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
00:19:35.0578 2004 Wecsvc - ok
00:19:35.0609 2004 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
00:19:35.0609 2004 wercplsupport - ok
00:19:35.0625 2004 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
00:19:35.0641 2004 WerSvc - ok
00:19:35.0687 2004 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
00:19:35.0687 2004 WfpLwf - ok
00:19:35.0703 2004 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
00:19:35.0703 2004 WIMMount - ok
00:19:35.0750 2004 WinDefend - ok
00:19:35.0750 2004 WinHttpAutoProxySvc - ok
00:19:35.0833 2004 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
00:19:35.0833 2004 Winmgmt - ok
00:19:35.0989 2004 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
00:19:36.0020 2004 WinRM - ok
00:19:36.0192 2004 WinUSB (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUSB.sys
00:19:36.0192 2004 WinUSB - ok
00:19:36.0270 2004 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
00:19:36.0270 2004 Wlansvc - ok
00:19:36.0348 2004 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:19:36.0348 2004 wlcrasvc - ok
00:19:36.0519 2004 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:19:36.0582 2004 wlidsvc - ok
00:19:36.0722 2004 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
00:19:36.0722 2004 WmiAcpi - ok
00:19:36.0816 2004 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
00:19:36.0816 2004 wmiApSrv - ok
00:19:36.0852 2004 WMPNetworkSvc - ok
00:19:36.0945 2004 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
00:19:36.0961 2004 WMZuneComm - ok
00:19:36.0977 2004 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
00:19:36.0992 2004 WPCSvc - ok
00:19:37.0023 2004 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
00:19:37.0023 2004 WPDBusEnum - ok
00:19:37.0055 2004 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
00:19:37.0055 2004 ws2ifsl - ok
00:19:37.0086 2004 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
00:19:37.0086 2004 wscsvc - ok
00:19:37.0086 2004 WSearch - ok
00:19:37.0148 2004 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
00:19:37.0148 2004 wsvd - ok
00:19:37.0320 2004 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
00:19:37.0382 2004 wuauserv - ok
00:19:37.0523 2004 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
00:19:37.0523 2004 WudfPf - ok
00:19:37.0569 2004 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
00:19:37.0569 2004 WUDFRd - ok
00:19:37.0601 2004 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
00:19:37.0601 2004 wudfsvc - ok
00:19:37.0647 2004 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
00:19:37.0647 2004 WwanSvc - ok
00:19:38.0111 2004 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
00:19:38.0267 2004 ZuneNetworkSvc - ok
00:19:38.0345 2004 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
00:19:38.0361 2004 ZuneWlanCfgSvc - ok
00:19:38.0408 2004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:19:38.0782 2004 \Device\Harddisk0\DR0 - ok
00:19:38.0782 2004 Boot (0x1200) (954dc8e7fc7cd9247664beb35ab08ced) \Device\Harddisk0\DR0\Partition0
00:19:38.0782 2004 \Device\Harddisk0\DR0\Partition0 - ok
00:19:38.0782 2004 Boot (0x1200) (933bc3efa96e64b51651c974dfa2aba7) \Device\Harddisk0\DR0\Partition1
00:19:38.0782 2004 \Device\Harddisk0\DR0\Partition1 - ok
00:19:38.0798 2004 Boot (0x1200) (ed27fdf1771d1e26f875921c164b0a14) \Device\Harddisk0\DR0\Partition2
00:19:38.0798 2004 \Device\Harddisk0\DR0\Partition2 - ok
00:19:38.0798 2004 ============================================================
00:19:38.0798 2004 Scan finished
00:19:38.0798 2004 ============================================================
00:19:38.0813 1284 Detected object count: 0
00:19:38.0813 1284 Actual detected object count: 0
00:20:14.0416 1308 ============================================================
00:20:14.0416 1308 Scan started
00:20:14.0416 1308 Mode: Manual; TDLFS;
00:20:14.0416 1308 ============================================================
00:20:14.0806 1308 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
00:20:14.0806 1308 1394ohci - ok
00:20:14.0853 1308 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
00:20:14.0853 1308 ACPI - ok
00:20:14.0884 1308 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
00:20:14.0884 1308 AcpiPmi - ok
00:20:14.0915 1308 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys
00:20:14.0915 1308 ACPIVPC - ok
00:20:15.0061 1308 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
00:20:15.0076 1308 Ad-Aware Service - ok
00:20:15.0217 1308 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:20:15.0217 1308 AdobeFlashPlayerUpdateSvc - ok
00:20:15.0357 1308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
00:20:15.0373 1308 adp94xx - ok
00:20:15.0404 1308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
00:20:15.0404 1308 adpahci - ok
00:20:15.0435 1308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
00:20:15.0435 1308 adpu320 - ok
00:20:15.0466 1308 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
00:20:15.0466 1308 AeLookupSvc - ok
00:20:15.0529 1308 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
00:20:15.0529 1308 AFD - ok
00:20:15.0544 1308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
00:20:15.0544 1308 agp440 - ok
00:20:15.0560 1308 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
00:20:15.0576 1308 ALG - ok
00:20:15.0591 1308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
00:20:15.0591 1308 aliide - ok
00:20:15.0591 1308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
00:20:15.0591 1308 amdide - ok
00:20:15.0607 1308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
00:20:15.0607 1308 AmdK8 - ok
00:20:15.0638 1308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
00:20:15.0638 1308 AmdPPM - ok
00:20:15.0669 1308 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
00:20:15.0669 1308 amdsata - ok
00:20:15.0700 1308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
00:20:15.0700 1308 amdsbs - ok
00:20:15.0732 1308 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
00:20:15.0732 1308 amdxata - ok
00:20:15.0747 1308 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
00:20:15.0747 1308 AppID - ok
00:20:15.0778 1308 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
00:20:15.0778 1308 AppIDSvc - ok
00:20:15.0810 1308 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
00:20:15.0810 1308 Appinfo - ok
00:20:15.0825 1308 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
00:20:15.0825 1308 arc - ok
00:20:15.0841 1308 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
00:20:15.0841 1308 arcsas - ok
00:20:15.0856 1308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
00:20:15.0856 1308 AsyncMac - ok
00:20:15.0872 1308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
00:20:15.0872 1308 atapi - ok
00:20:15.0934 1308 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
00:20:15.0934 1308 AudioEndpointBuilder - ok
00:20:15.0934 1308 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
00:20:15.0950 1308 AudioSrv - ok
00:20:16.0298 1308 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
00:20:16.0329 1308 AVGIDSAgent - ok
00:20:16.0439 1308 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
00:20:16.0439 1308 AVGIDSDriver - ok
00:20:16.0470 1308 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
00:20:16.0470 1308 AVGIDSFilter - ok
00:20:16.0485 1308 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
00:20:16.0485 1308 AVGIDSHA - ok
00:20:16.0517 1308 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
00:20:16.0517 1308 Avgldx64 - ok
00:20:16.0548 1308 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
00:20:16.0548 1308 Avgmfx64 - ok
00:20:16.0563 1308 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
00:20:16.0563 1308 Avgrkx64 - ok
00:20:16.0610 1308 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
00:20:16.0610 1308 Avgtdia - ok
00:20:16.0719 1308 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
00:20:16.0719 1308 avgwd - ok
00:20:16.0751 1308 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
00:20:16.0751 1308 AxInstSV - ok
00:20:16.0813 1308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
00:20:16.0813 1308 b06bdrv - ok
00:20:16.0844 1308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
00:20:16.0860 1308 b57nd60a - ok
00:20:16.0875 1308 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
00:20:16.0875 1308 BDESVC - ok
00:20:16.0891 1308 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
00:20:16.0891 1308 Beep - ok
00:20:16.0953 1308 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
00:20:16.0953 1308 BFE - ok
00:20:17.0161 1308 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
00:20:17.0161 1308 BHDrvx64 - ok
00:20:17.0364 1308 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
00:20:17.0364 1308 BITS - ok
00:20:17.0458 1308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
00:20:17.0458 1308 blbdrive - ok
00:20:17.0504 1308 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
00:20:17.0504 1308 bowser - ok
00:20:17.0520 1308 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys
00:20:17.0520 1308 BPntDrv - ok
00:20:17.0551 1308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
00:20:17.0551 1308 BrFiltLo - ok
00:20:17.0551 1308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
00:20:17.0551 1308 BrFiltUp - ok
00:20:17.0582 1308 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
00:20:17.0598 1308 Browser - ok
00:20:17.0629 1308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
00:20:17.0629 1308 Brserid - ok
00:20:17.0645 1308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
00:20:17.0645 1308 BrSerWdm - ok
00:20:17.0660 1308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
00:20:17.0660 1308 BrUsbMdm - ok
00:20:17.0676 1308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
00:20:17.0676 1308 BrUsbSer - ok
00:20:17.0692 1308 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
00:20:17.0692 1308 BthEnum - ok
00:20:17.0707 1308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
00:20:17.0707 1308 BTHMODEM - ok
00:20:17.0738 1308 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
00:20:17.0738 1308 BthPan - ok
00:20:17.0801 1308 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
00:20:17.0801 1308 BTHPORT - ok
00:20:17.0832 1308 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
00:20:17.0832 1308 bthserv - ok
00:20:17.0848 1308 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
00:20:17.0848 1308 BTHUSB - ok
00:20:17.0879 1308 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
00:20:17.0879 1308 cdfs - ok
00:20:17.0910 1308 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
00:20:17.0910 1308 cdrom - ok
00:20:17.0926 1308 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
00:20:17.0926 1308 CertPropSvc - ok
00:20:17.0957 1308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
00:20:17.0957 1308 circlass - ok
00:20:18.0000 1308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
00:20:18.0002 1308 CLFS - ok
00:20:18.0085 1308 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:20:18.0085 1308 clr_optimization_v2.0.50727_32 - ok
00:20:18.0117 1308 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:20:18.0117 1308 clr_optimization_v2.0.50727_64 - ok
00:20:18.0210 1308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:20:18.0210 1308 clr_optimization_v4.0.30319_32 - ok
00:20:18.0257 1308 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:20:18.0257 1308 clr_optimization_v4.0.30319_64 - ok
00:20:18.0288 1308 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
00:20:18.0288 1308 clwvd - ok
00:20:18.0304 1308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
00:20:18.0304 1308 CmBatt - ok
00:20:18.0335 1308 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
00:20:18.0335 1308 cmdide - ok
00:20:18.0397 1308 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
00:20:18.0397 1308 CNG - ok
00:20:18.0413 1308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
00:20:18.0413 1308 Compbatt - ok
00:20:18.0444 1308 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
00:20:18.0444 1308 CompositeBus - ok
00:20:18.0444 1308 COMSysApp - ok
00:20:18.0460 1308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
00:20:18.0460 1308 crcdisk - ok
00:20:18.0507 1308 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
00:20:18.0507 1308 CryptSvc - ok
00:20:18.0585 1308 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
00:20:18.0585 1308 DcomLaunch - ok
00:20:18.0631 1308 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
00:20:18.0631 1308 defragsvc - ok
00:20:18.0647 1308 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
00:20:18.0647 1308 DfsC - ok
00:20:18.0694 1308 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
00:20:18.0694 1308 Dhcp - ok
00:20:18.0709 1308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
00:20:18.0709 1308 discache - ok
00:20:18.0725 1308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
00:20:18.0725 1308 Disk - ok
00:20:18.0772 1308 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
00:20:18.0772 1308 Dnscache - ok
00:20:18.0803 1308 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
00:20:18.0803 1308 dot3svc - ok
00:20:18.0834 1308 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
00:20:18.0834 1308 DPS - ok
00:20:18.0850 1308 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
00:20:18.0850 1308 drmkaud - ok
00:20:18.0928 1308 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
00:20:18.0943 1308 DXGKrnl - ok
00:20:18.0959 1308 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
00:20:18.0959 1308 EapHost - ok
00:20:19.0151 1308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
00:20:19.0182 1308 ebdrv - ok
00:20:19.0307 1308 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:20:19.0307 1308 eeCtrl - ok
00:20:19.0385 1308 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
00:20:19.0385 1308 EFS - ok
00:20:19.0479 1308 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
00:20:19.0479 1308 ehRecvr - ok
00:20:19.0510 1308 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
00:20:19.0510 1308 ehSched - ok
00:20:19.0588 1308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
00:20:19.0588 1308 elxstor - ok
00:20:19.0682 1308 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:20:19.0682 1308 EraserUtilRebootDrv - ok
00:20:19.0697 1308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
00:20:19.0697 1308 ErrDev - ok
00:20:19.0760 1308 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
00:20:19.0760 1308 EventSystem - ok
00:20:19.0947 1308 EvtEng (f8f610093e1d7fdfa477fc34d15d5c60) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:20:19.0947 1308 EvtEng - ok
00:20:20.0092 1308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
00:20:20.0092 1308 exfat - ok
00:20:20.0123 1308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
00:20:20.0123 1308 fastfat - ok
00:20:20.0201 1308 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
00:20:20.0201 1308 Fax - ok
00:20:20.0233 1308 fbfmon (3191aca33088ee2481044fc0db736442) C:\windows\system32\drivers\fbfmon.sys
00:20:20.0233 1308 fbfmon - ok
00:20:20.0248 1308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
00:20:20.0248 1308 fdc - ok
00:20:20.0264 1308 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
00:20:20.0264 1308 fdPHost - ok
00:20:20.0279 1308 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
00:20:20.0279 1308 FDResPub - ok
00:20:20.0311 1308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
00:20:20.0311 1308 FileInfo - ok
00:20:20.0326 1308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
00:20:20.0326 1308 Filetrace - ok
00:20:20.0342 1308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
00:20:20.0357 1308 flpydisk - ok
00:20:20.0389 1308 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
00:20:20.0389 1308 FltMgr - ok
00:20:20.0482 1308 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
00:20:20.0498 1308 FontCache - ok
00:20:20.0591 1308 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:20:20.0591 1308 FontCache3.0.0.0 - ok
00:20:20.0623 1308 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
00:20:20.0623 1308 FsDepends - ok
00:20:20.0654 1308 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
00:20:20.0654 1308 Fs_Rec - ok
00:20:20.0685 1308 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
00:20:20.0685 1308 fvevol - ok
00:20:20.0716 1308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
00:20:20.0716 1308 gagp30kx - ok
00:20:20.0732 1308 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
00:20:20.0732 1308 GEARAspiWDM - ok
00:20:20.0810 1308 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
00:20:20.0810 1308 gpsvc - ok
00:20:20.0825 1308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
00:20:20.0825 1308 hcw85cir - ok
00:20:20.0857 1308 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
00:20:20.0857 1308 HdAudAddService - ok
00:20:20.0903 1308 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
00:20:20.0903 1308 HDAudBus - ok
00:20:20.0919 1308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
00:20:20.0919 1308 HidBatt - ok
00:20:20.0935 1308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
00:20:20.0935 1308 HidBth - ok
00:20:20.0950 1308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
00:20:20.0950 1308 HidIr - ok
00:20:20.0966 1308 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
00:20:20.0966 1308 hidserv - ok
00:20:20.0986 1308 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
00:20:20.0986 1308 HidUsb - ok
00:20:21.0002 1308 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
00:20:21.0002 1308 hkmsvc - ok
00:20:21.0049 1308 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
00:20:21.0049 1308 HomeGroupListener - ok
00:20:21.0080 1308 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
00:20:21.0080 1308 HomeGroupProvider - ok
00:20:21.0111 1308 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
00:20:21.0111 1308 HpSAMD - ok
00:20:21.0158 1308 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
00:20:21.0174 1308 HTTP - ok
00:20:21.0174 1308 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
00:20:21.0174 1308 hwpolicy - ok
00:20:21.0189 1308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
00:20:21.0189 1308 i8042prt - ok
00:20:21.0236 1308 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
00:20:21.0252 1308 iaStor - ok
00:20:21.0314 1308 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
00:20:21.0314 1308 iaStorV - ok
00:20:21.0454 1308 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:20:21.0454 1308 idsvc - ok
00:20:21.0642 1308 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120628.001\IDSvia64.sys
00:20:21.0642 1308 IDSVia64 - ok
00:20:22.0333 1308 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\windows\system32\DRIVERS\igdkmd64.sys
00:20:22.0411 1308 igfx - ok
00:20:22.0520 1308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
00:20:22.0520 1308 iirsp - ok
00:20:22.0598 1308 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
00:20:22.0598 1308 IKEEXT - ok
00:20:22.0785 1308 IntcAzAudAddService (a9853214cc97796579d75b1f59c51dcd) C:\windows\system32\drivers\RTKVHD64.sys
00:20:22.0801 1308 IntcAzAudAddService - ok
00:20:22.0957 1308 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
00:20:22.0957 1308 IntcDAud - ok
00:20:22.0993 1308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
00:20:22.0993 1308 intelide - ok
00:20:23.0009 1308 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
00:20:23.0009 1308 intelppm - ok
00:20:23.0056 1308 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
00:20:23.0056 1308 IPBusEnum - ok
00:20:23.0071 1308 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
00:20:23.0071 1308 IpFilterDriver - ok
00:20:23.0134 1308 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
00:20:23.0134 1308 iphlpsvc - ok
00:20:23.0134 1308 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
00:20:23.0134 1308 IPMIDRV - ok
00:20:23.0149 1308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
00:20:23.0149 1308 IPNAT - ok
00:20:23.0165 1308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
00:20:23.0165 1308 IRENUM - ok
00:20:23.0165 1308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
00:20:23.0180 1308 isapnp - ok
00:20:23.0212 1308 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
00:20:23.0212 1308 iScsiPrt - ok
00:20:23.0227 1308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
00:20:23.0227 1308 kbdclass - ok
00:20:23.0258 1308 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
00:20:23.0258 1308 kbdhid - ok
00:20:23.0274 1308 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:20:23.0274 1308 KeyIso - ok
00:20:23.0290 1308 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
00:20:23.0290 1308 KSecDD - ok
00:20:23.0336 1308 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
00:20:23.0336 1308 KSecPkg - ok
00:20:23.0352 1308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
00:20:23.0352 1308 ksthunk - ok
00:20:23.0414 1308 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
00:20:23.0414 1308 KtmRm - ok
00:20:23.0461 1308 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
00:20:23.0461 1308 LanmanServer - ok
00:20:23.0477 1308 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
00:20:23.0492 1308 LanmanWorkstation - ok
00:20:23.0524 1308 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
00:20:23.0524 1308 LHDmgr - ok
00:20:23.0539 1308 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
00:20:23.0539 1308 lltdio - ok
00:20:23.0602 1308 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
00:20:23.0602 1308 lltdsvc - ok
00:20:23.0617 1308 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
00:20:23.0617 1308 lmhosts - ok
00:20:23.0726 1308 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:20:23.0726 1308 LMS - ok
00:20:23.0758 1308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
00:20:23.0758 1308 LSI_FC - ok
00:20:23.0804 1308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
00:20:23.0804 1308 LSI_SAS - ok
00:20:23.0836 1308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
00:20:23.0836 1308 LSI_SAS2 - ok
00:20:23.0867 1308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
00:20:23.0867 1308 LSI_SCSI - ok
00:20:23.0882 1308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
00:20:23.0882 1308 luafv - ok
00:20:23.0929 1308 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
00:20:23.0929 1308 Mcx2Svc - ok
00:20:23.0945 1308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
00:20:23.0945 1308 megasas - ok
00:20:23.0976 1308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
00:20:23.0976 1308 MegaSR - ok
00:20:24.0012 1308 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
00:20:24.0012 1308 MEIx64 - ok
00:20:24.0075 1308 Microsoft SharePoint Workspace Audit Service - ok
00:20:24.0090 1308 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
00:20:24.0090 1308 MMCSS - ok
00:20:24.0106 1308 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
00:20:24.0106 1308 Modem - ok
00:20:24.0121 1308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
00:20:24.0121 1308 monitor - ok
00:20:24.0137 1308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
00:20:24.0137 1308 mouclass - ok
00:20:24.0153 1308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
00:20:24.0153 1308 mouhid - ok
00:20:24.0168 1308 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
00:20:24.0168 1308 mountmgr - ok
00:20:24.0215 1308 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:20:24.0215 1308 MozillaMaintenance - ok
00:20:24.0246 1308 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
00:20:24.0246 1308 mpio - ok
00:20:24.0277 1308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
00:20:24.0277 1308 mpsdrv - ok
00:20:24.0340 1308 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
00:20:24.0340 1308 MpsSvc - ok
00:20:24.0371 1308 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
00:20:24.0371 1308 MRxDAV - ok
00:20:24.0418 1308 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
00:20:24.0418 1308 mrxsmb - ok
00:20:24.0449 1308 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
00:20:24.0449 1308 mrxsmb10 - ok
00:20:24.0465 1308 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
00:20:24.0480 1308 mrxsmb20 - ok
00:20:24.0496 1308 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
00:20:24.0496 1308 msahci - ok
00:20:24.0527 1308 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
00:20:24.0527 1308 msdsm - ok
00:20:24.0543 1308 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
00:20:24.0543 1308 MSDTC - ok
00:20:24.0574 1308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
00:20:24.0574 1308 Msfs - ok
00:20:24.0589 1308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
00:20:24.0589 1308 mshidkmdf - ok
00:20:24.0605 1308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
00:20:24.0605 1308 msisadrv - ok
00:20:24.0652 1308 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
00:20:24.0652 1308 MSiSCSI - ok
00:20:24.0652 1308 msiserver - ok
00:20:24.0667 1308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
00:20:24.0667 1308 MSKSSRV - ok
00:20:24.0683 1308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
00:20:24.0683 1308 MSPCLOCK - ok
00:20:24.0699 1308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
00:20:24.0699 1308 MSPQM - ok
00:20:24.0745 1308 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
00:20:24.0745 1308 MsRPC - ok
00:20:24.0777 1308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
00:20:24.0777 1308 mssmbios - ok
00:20:24.0777 1308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
00:20:24.0777 1308 MSTEE - ok
00:20:24.0808 1308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
00:20:24.0808 1308 MTConfig - ok
00:20:24.0823 1308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
00:20:24.0823 1308 Mup - ok
00:20:24.0933 1308 MyWiFiDHCPDNS (f6ea50dbc391f04ca49427010657ccb3) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:20:24.0933 1308 MyWiFiDHCPDNS - ok
00:20:25.0049 1308 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
00:20:25.0049 1308 N360 - ok
00:20:25.0096 1308 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
00:20:25.0096 1308 napagent - ok
00:20:25.0158 1308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
00:20:25.0158 1308 NativeWifiP - ok
00:20:25.0268 1308 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120628.024\ENG64.SYS
00:20:25.0283 1308 NAVENG - ok
00:20:25.0424 1308 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120628.024\EX64.SYS
00:20:25.0424 1308 NAVEX15 - ok
00:20:25.0611 1308 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
00:20:25.0626 1308 NDIS - ok
00:20:25.0658 1308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
00:20:25.0658 1308 NdisCap - ok
00:20:25.0673 1308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
00:20:25.0673 1308 NdisTapi - ok
00:20:25.0689 1308 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
00:20:25.0689 1308 Ndisuio - ok
00:20:25.0720 1308 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
00:20:25.0720 1308 NdisWan - ok
00:20:25.0736 1308 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
00:20:25.0736 1308 NDProxy - ok
00:20:25.0751 1308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
00:20:25.0751 1308 NetBIOS - ok
00:20:25.0767 1308 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
00:20:25.0782 1308 NetBT - ok
00:20:25.0798 1308 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:20:25.0798 1308 Netlogon - ok
00:20:25.0860 1308 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
00:20:25.0860 1308 Netman - ok
00:20:25.0907 1308 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
00:20:25.0907 1308 netprofm - ok
00:20:25.0970 1308 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:20:25.0970 1308 NetTcpPortSharing - ok
00:20:26.0396 1308 NETwNs64 (30933bb56fb611d0252bad488adfb533) C:\windows\system32\DRIVERS\NETwNs64.sys
00:20:26.0458 1308 NETwNs64 - ok
00:20:26.0583 1308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
00:20:26.0583 1308 nfrd960 - ok
00:20:26.0630 1308 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
00:20:26.0630 1308 NlaSvc - ok
00:20:26.0661 1308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
00:20:26.0661 1308 Npfs - ok
00:20:26.0677 1308 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
00:20:26.0677 1308 nsi - ok
00:20:26.0692 1308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
00:20:26.0692 1308 nsiproxy - ok
00:20:26.0833 1308 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
00:20:26.0833 1308 Ntfs - ok
00:20:26.0957 1308 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
00:20:26.0957 1308 Null - ok
00:20:26.0989 1308 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
00:20:26.0989 1308 nvraid - ok
00:20:27.0025 1308 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
00:20:27.0025 1308 nvstor - ok
00:20:27.0040 1308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
00:20:27.0040 1308 nv_agp - ok
00:20:27.0134 1308 Oasis2Service (2af46ffdfe180afa6e4b8c9ec0680d67) C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
00:20:27.0134 1308 Oasis2Service - ok
00:20:27.0165 1308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
00:20:27.0165 1308 ohci1394 - ok
00:20:27.0196 1308 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:20:27.0212 1308 ose - ok
00:20:27.0493 1308 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:20:27.0524 1308 osppsvc - ok
00:20:27.0664 1308 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
00:20:27.0680 1308 p2pimsvc - ok
00:20:27.0758 1308 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
00:20:27.0774 1308 p2psvc - ok
00:20:27.0867 1308 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
00:20:27.0867 1308 Parport - ok
00:20:27.0898 1308 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
00:20:27.0898 1308 partmgr - ok
00:20:27.0930 1308 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
00:20:27.0930 1308 PcaSvc - ok
00:20:27.0961 1308 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
00:20:27.0961 1308 pci - ok
00:20:27.0961 1308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
00:20:27.0961 1308 pciide - ok
00:20:27.0992 1308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
00:20:27.0992 1308 pcmcia - ok
00:20:28.0013 1308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
00:20:28.0013 1308 pcw - ok
00:20:28.0059 1308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
00:20:28.0075 1308 PEAUTH - ok
00:20:28.0153 1308 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
00:20:28.0153 1308 PerfHost - ok
00:20:28.0262 1308 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
00:20:28.0278 1308 pla - ok
00:20:28.0325 1308 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
00:20:28.0340 1308 PlugPlay - ok
00:20:28.0356 1308 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
00:20:28.0356 1308 PNRPAutoReg - ok
00:20:28.0387 1308 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
00:20:28.0403 1308 PNRPsvc - ok
00:20:28.0465 1308 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
00:20:28.0465 1308 PolicyAgent - ok
00:20:28.0512 1308 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
00:20:28.0512 1308 Power - ok
00:20:28.0574 1308 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
00:20:28.0574 1308 PptpMiniport - ok
00:20:28.0605 1308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
00:20:28.0605 1308 Processor - ok
00:20:28.0652 1308 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
00:20:28.0652 1308 ProfSvc - ok
00:20:28.0683 1308 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:20:28.0683 1308 ProtectedStorage - ok
00:20:28.0715 1308 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
00:20:28.0715 1308 Psched - ok
00:20:28.0824 1308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
00:20:28.0839 1308 ql2300 - ok
00:20:28.0964 1308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
00:20:28.0964 1308 ql40xx - ok
00:20:29.0016 1308 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
00:20:29.0016 1308 QWAVE - ok
00:20:29.0047 1308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
00:20:29.0047 1308 QWAVEdrv - ok
00:20:29.0063 1308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
00:20:29.0063 1308 RasAcd - ok
00:20:29.0094 1308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
00:20:29.0094 1308 RasAgileVpn - ok
00:20:29.0125 1308 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
00:20:29.0125 1308 RasAuto - ok
00:20:29.0156 1308 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
00:20:29.0156 1308 Rasl2tp - ok
00:20:29.0188 1308 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
00:20:29.0203 1308 RasMan - ok
00:20:29.0219 1308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
00:20:29.0219 1308 RasPppoe - ok
00:20:29.0234 1308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
00:20:29.0234 1308 RasSstp - ok
00:20:29.0281 1308 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
00:20:29.0281 1308 rdbss - ok
00:20:29.0297 1308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
00:20:29.0297 1308 rdpbus - ok
00:20:29.0312 1308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
00:20:29.0312 1308 RDPCDD - ok
00:20:29.0328 1308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
00:20:29.0328 1308 RDPENCDD - ok
00:20:29.0344 1308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
00:20:29.0344 1308 RDPREFMP - ok
00:20:29.0390 1308 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
00:20:29.0390 1308 RDPWD - ok
00:20:29.0437 1308 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
00:20:29.0437 1308 rdyboost - ok
00:20:29.0578 1308 RegSrvc (9276f4d4109fc349925d28e00e533146) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:20:29.0578 1308 RegSrvc - ok
00:20:29.0609 1308 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
00:20:29.0609 1308 RemoteAccess - ok
00:20:29.0656 1308 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
00:20:29.0656 1308 RemoteRegistry - ok
00:20:29.0734 1308 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
00:20:29.0734 1308 RFCOMM - ok
00:20:29.0765 1308 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
00:20:29.0765 1308 RpcEptMapper - ok
00:20:29.0796 1308 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
00:20:29.0796 1308 RpcLocator - ok
00:20:29.0843 1308 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
00:20:29.0843 1308 RpcSs - ok
00:20:29.0874 1308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
00:20:29.0874 1308 rspndr - ok
00:20:29.0936 1308 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\windows\system32\Drivers\RtsUVStor.sys
00:20:29.0936 1308 RSUSBVSTOR - ok
00:20:29.0968 1308 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\windows\system32\DRIVERS\Rt64win7.sys
00:20:29.0983 1308 RTL8167 - ok
00:20:30.0051 1308 RtLedService (a11ab0af5c7c2724d493f837c51f1575) C:\Program Files\Realtek\RtLED\RtLEDService.exe
00:20:30.0051 1308 RtLedService - ok
00:20:30.0082 1308 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:20:30.0082 1308 SamSs - ok
00:20:30.0331 1308 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
00:20:30.0347 1308 SBAMSvc - ok
00:20:30.0487 1308 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\windows\system32\DRIVERS\sbapifs.sys
00:20:30.0487 1308 sbapifs - ok
00:20:30.0519 1308 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\windows\system32\drivers\SbFw.sys
00:20:30.0519 1308 SbFw - ok
00:20:30.0550 1308 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\sbfwim.sys
00:20:30.0550 1308 SBFWIMCL - ok
00:20:30.0565 1308 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\SBFWIM.sys
00:20:30.0565 1308 SBFWIMCLMP - ok
00:20:30.0581 1308 sbhips (b671eef468d13016b9286f5835a06ae1) C:\windows\system32\drivers\sbhips.sys
00:20:30.0581 1308 sbhips - ok
00:20:30.0628 1308 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
00:20:30.0628 1308 sbp2port - ok
00:20:30.0643 1308 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\windows\system32\drivers\SBREdrv.sys
00:20:30.0643 1308 SBRE - ok
00:20:30.0753 1308 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
00:20:30.0768 1308 SBSDWSCService - ok
00:20:30.0784 1308 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\windows\system32\DRIVERS\sbwtis.sys
00:20:30.0784 1308 sbwtis - ok
00:20:30.0831 1308 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
00:20:30.0831 1308 SCardSvr - ok
00:20:30.0846 1308 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
00:20:30.0846 1308 scfilter - ok
00:20:30.0924 1308 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
00:20:30.0940 1308 Schedule - ok
00:20:30.0971 1308 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
00:20:30.0971 1308 SCPolicySvc - ok
00:20:30.0987 1308 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
00:20:31.0002 1308 SDRSVC - ok
00:20:31.0023 1308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
00:20:31.0023 1308 secdrv - ok
00:20:31.0054 1308 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
00:20:31.0054 1308 seclogon - ok
00:20:31.0070 1308 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
00:20:31.0070 1308 SENS - ok
00:20:31.0101 1308 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
00:20:31.0101 1308 SensrSvc - ok
00:20:31.0116 1308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
00:20:31.0116 1308 Serenum - ok
00:20:31.0148 1308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
00:20:31.0148 1308 Serial - ok
00:20:31.0163 1308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
00:20:31.0163 1308 sermouse - ok
00:20:31.0194 1308 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
00:20:31.0194 1308 SessionEnv - ok
00:20:31.0210 1308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
00:20:31.0210 1308 sffdisk - ok
00:20:31.0210 1308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
00:20:31.0210 1308 sffp_mmc - ok
00:20:31.0210 1308 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
00:20:31.0210 1308 sffp_sd - ok
00:20:31.0226 1308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
00:20:31.0226 1308 sfloppy - ok
00:20:31.0288 1308 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
00:20:31.0288 1308 SharedAccess - ok
00:20:31.0335 1308 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
00:20:31.0335 1308 ShellHWDetection - ok
00:20:31.0350 1308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
00:20:31.0350 1308 SiSRaid2 - ok
00:20:31.0366 1308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
00:20:31.0366 1308 SiSRaid4 - ok
00:20:31.0460 1308 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
00:20:31.0460 1308 SkypeUpdate - ok
00:20:31.0475 1308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
00:20:31.0475 1308 Smb - ok
00:20:31.0491 1308 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
00:20:31.0491 1308 SNMPTRAP - ok
00:20:31.0506 1308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
00:20:31.0506 1308 spldr - ok
00:20:31.0569 1308 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
00:20:31.0569 1308 Spooler - ok
00:20:31.0756 1308 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
00:20:31.0787 1308 sppsvc - ok
00:20:31.0896 1308 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
00:20:31.0896 1308 sppuinotify - ok
00:20:32.0042 1308 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS
00:20:32.0042 1308 SRTSP - ok
00:20:32.0057 1308 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS
00:20:32.0057 1308 SRTSPX - ok
00:20:32.0135 1308 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
00:20:32.0135 1308 srv - ok
00:20:32.0182 1308 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
00:20:32.0182 1308 srv2 - ok
00:20:32.0198 1308 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
00:20:32.0198 1308 srvnet - ok
00:20:32.0229 1308 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
00:20:32.0229 1308 SSDPSRV - ok
00:20:32.0245 1308 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
00:20:32.0245 1308 SstpSvc - ok
00:20:32.0276 1308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
00:20:32.0276 1308 stexstor - ok
00:20:32.0338 1308 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
00:20:32.0354 1308 stisvc - ok
00:20:32.0369 1308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
00:20:32.0369 1308 swenum - ok
00:20:32.0416 1308 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
00:20:32.0416 1308 swprv - ok
00:20:32.0525 1308 SymDS (6160145c7a87fc7672e8e3b886888176) C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS
00:20:32.0525 1308 SymDS - ok
00:20:32.0619 1308 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS
00:20:32.0619 1308 SymEFA - ok
00:20:32.0681 1308 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
00:20:32.0681 1308 SymEvent - ok
00:20:32.0728 1308 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS
00:20:32.0728 1308 SymIRON - ok
00:20:32.0759 1308 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS
00:20:32.0759 1308 SymNetS - ok
00:20:32.0884 1308 SynTP (08425cd92972c6430f350a9697f4a553) C:\windows\system32\DRIVERS\SynTP.sys
00:20:32.0900 1308 SynTP - ok
00:20:33.0108 1308 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
00:20:33.0123 1308 SysMain - ok
00:20:33.0201 1308 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
00:20:33.0201 1308 TabletInputService - ok
00:20:33.0232 1308 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
00:20:33.0248 1308 TapiSrv - ok
00:20:33.0264 1308 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
00:20:33.0264 1308 TBS - ok
00:20:33.0435 1308 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
00:20:33.0451 1308 Tcpip - ok
00:20:33.0607 1308 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
00:20:33.0622 1308 TCPIP6 - ok
00:20:33.0685 1308 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
00:20:33.0685 1308 tcpipreg - ok
00:20:33.0700 1308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
00:20:33.0700 1308 TDPIPE - ok
00:20:33.0747 1308 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
00:20:33.0747 1308 TDTCP - ok
00:20:33.0778 1308 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
00:20:33.0778 1308 tdx - ok
00:20:33.0778 1308 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
00:20:33.0778 1308 TermDD - ok
00:20:33.0856 1308 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
00:20:33.0856 1308 TermService - ok
00:20:33.0888 1308 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
00:20:33.0888 1308 Themes - ok
00:20:33.0919 1308 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
00:20:33.0919 1308 THREADORDER - ok
00:20:33.0950 1308 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
00:20:33.0950 1308 TrkWks - ok
00:20:34.0012 1308 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
00:20:34.0012 1308 TrustedInstaller - ok
00:20:34.0033 1308 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
00:20:34.0033 1308 tssecsrv - ok
00:20:34.0064 1308 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
00:20:34.0064 1308 TsUsbFlt - ok
00:20:34.0080 1308 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
00:20:34.0095 1308 TsUsbGD - ok
00:20:34.0127 1308 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
00:20:34.0127 1308 tunnel - ok
00:20:34.0142 1308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
00:20:34.0142 1308 uagp35 - ok
00:20:34.0173 1308 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
00:20:34.0173 1308 udfs - ok
00:20:34.0205 1308 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
00:20:34.0205 1308 UI0Detect - ok
00:20:34.0236 1308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
00:20:34.0236 1308 uliagpkx - ok
00:20:34.0251 1308 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
00:20:34.0251 1308 umbus - ok
00:20:34.0267 1308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
00:20:34.0267 1308 UmPass - ok
00:20:34.0501 1308 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:20:34.0517 1308 UNS - ok
00:20:34.0641 1308 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
00:20:34.0641 1308 upnphost - ok
00:20:34.0704 1308 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
00:20:34.0704 1308 usbccgp - ok
00:20:34.0751 1308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
00:20:34.0751 1308 usbcir - ok
00:20:34.0782 1308 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
00:20:34.0782 1308 usbehci - ok
00:20:34.0813 1308 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
00:20:34.0813 1308 usbhub - ok
00:20:34.0844 1308 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
00:20:34.0844 1308 usbohci - ok
00:20:34.0844 1308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
00:20:34.0844 1308 usbprint - ok
00:20:34.0875 1308 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
00:20:34.0875 1308 usbscan - ok
00:20:34.0907 1308 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
00:20:34.0907 1308 USBSTOR - ok
00:20:34.0922 1308 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
00:20:34.0922 1308 usbuhci - ok
00:20:34.0953 1308 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
00:20:34.0953 1308 usbvideo - ok
00:20:34.0969 1308 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
00:20:34.0969 1308 UxSms - ok
00:20:35.0000 1308 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
00:20:35.0000 1308 VaultSvc - ok
00:20:35.0016 1308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
00:20:35.0016 1308 vdrvroot - ok
00:20:35.0068 1308 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
00:20:35.0068 1308 vds - ok
00:20:35.0083 1308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
00:20:35.0083 1308 vga - ok
00:20:35.0114 1308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
00:20:35.0114 1308 VgaSave - ok
00:20:35.0161 1308 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
00:20:35.0161 1308 vhdmp - ok
00:20:35.0177 1308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
00:20:35.0177 1308 viaide - ok
00:20:35.0192 1308 vm2uvcflt (5cb80afa98111fc6ed6e8702a0d7ac5b) C:\windows\system32\Drivers\vm2uvcflt.sys
00:20:35.0192 1308 vm2uvcflt - ok
00:20:35.0255 1308 vm332avs (d8bd0784aadce2aaee8f8e2c57a0bc7c) C:\windows\system32\Drivers\vm332avs.sys
00:20:35.0255 1308 vm332avs - ok
00:20:35.0255 1308 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
00:20:35.0255 1308 volmgr - ok
00:20:35.0302 1308 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
00:20:35.0302 1308 volmgrx - ok
00:20:35.0333 1308 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
00:20:35.0333 1308 volsnap - ok
00:20:35.0380 1308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
00:20:35.0380 1308 vsmraid - ok
00:20:35.0504 1308 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
00:20:35.0520 1308 VSS - ok
00:20:35.0629 1308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
00:20:35.0629 1308 vwifibus - ok
00:20:35.0645 1308 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
00:20:35.0645 1308 vwififlt - ok
00:20:35.0660 1308 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
00:20:35.0660 1308 vwifimp - ok
00:20:35.0707 1308 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
00:20:35.0707 1308 W32Time - ok
00:20:35.0723 1308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
00:20:35.0723 1308 WacomPen - ok
00:20:35.0754 1308 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
00:20:35.0754 1308 WANARP - ok
00:20:35.0754 1308 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
00:20:35.0754 1308 Wanarpv6 - ok
00:20:35.0863 1308 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
00:20:35.0879 1308 WatAdminSvc - ok
00:20:35.0988 1308 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
00:20:36.0004 1308 wbengine - ok
00:20:36.0136 1308 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
00:20:36.0136 1308 WbioSrvc - ok
00:20:36.0183 1308 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
00:20:36.0183 1308 wcncsvc - ok
00:20:36.0198 1308 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
00:20:36.0198 1308 WcsPlugInService - ok
00:20:36.0245 1308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
00:20:36.0245 1308 Wd - ok
00:20:36.0292 1308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
00:20:36.0292 1308 Wdf01000 - ok
00:20:36.0323 1308 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
00:20:36.0323 1308 WdiServiceHost - ok
00:20:36.0323 1308 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
00:20:36.0323 1308 WdiSystemHost - ok
00:20:36.0354 1308 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
00:20:36.0354 1308 wdkmd - ok
00:20:36.0386 1308 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
00:20:36.0401 1308 WebClient - ok
00:20:36.0432 1308 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
00:20:36.0432 1308 Wecsvc - ok
00:20:36.0464 1308 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
00:20:36.0464 1308 wercplsupport - ok
00:20:36.0479 1308 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
00:20:36.0479 1308 WerSvc - ok
00:20:36.0495 1308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
00:20:36.0495 1308 WfpLwf - ok
00:20:36.0495 1308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
00:20:36.0495 1308 WIMMount - ok
00:20:36.0542 1308 WinDefend - ok
00:20:36.0542 1308 WinHttpAutoProxySvc - ok
00:20:36.0620 1308 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
00:20:36.0620 1308 Winmgmt - ok
00:20:36.0776 1308 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
00:20:36.0791 1308 WinRM - ok
00:20:36.0900 1308 WinUSB (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUSB.sys
00:20:36.0900 1308 WinUSB - ok
00:20:36.0994 1308 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
00:20:36.0994 1308 Wlansvc - ok
00:20:37.0064 1308 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:20:37.0064 1308 wlcrasvc - ok
00:20:37.0204 1308 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:20:37.0220 1308 wlidsvc - ok
00:20:37.0345 1308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
00:20:37.0345 1308 WmiAcpi - ok
00:20:37.0407 1308 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
00:20:37.0407 1308 wmiApSrv - ok
00:20:37.0454 1308 WMPNetworkSvc - ok
00:20:37.0532 1308 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
00:20:37.0532 1308 WMZuneComm - ok
00:20:37.0563 1308 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
00:20:37.0563 1308 WPCSvc - ok
00:20:37.0579 1308 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
00:20:37.0594 1308 WPDBusEnum - ok
00:20:37.0625 1308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
00:20:37.0625 1308 ws2ifsl - ok
00:20:37.0657 1308 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
00:20:37.0657 1308 wscsvc - ok
00:20:37.0657 1308 WSearch - ok
00:20:37.0719 1308 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
00:20:37.0719 1308 wsvd - ok
00:20:37.0906 1308 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
00:20:37.0922 1308 wuauserv - ok
00:20:38.0054 1308 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
00:20:38.0054 1308 WudfPf - ok
00:20:38.0101 1308 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
00:20:38.0101 1308 WUDFRd - ok
00:20:38.0132 1308 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
00:20:38.0132 1308 wudfsvc - ok
00:20:38.0163 1308 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
00:20:38.0163 1308 WwanSvc - ok
00:20:38.0663 1308 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
00:20:38.0709 1308 ZuneNetworkSvc - ok
00:20:38.0787 1308 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
00:20:38.0803 1308 ZuneWlanCfgSvc - ok
00:20:38.0819 1308 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:20:39.0182 1308 \Device\Harddisk0\DR0 - ok
00:20:39.0198 1308 Boot (0x1200) (954dc8e7fc7cd9247664beb35ab08ced) \Device\Harddisk0\DR0\Partition0
00:20:39.0198 1308 \Device\Harddisk0\DR0\Partition0 - ok
00:20:39.0198 1308 Boot (0x1200) (933bc3efa96e64b51651c974dfa2aba7) \Device\Harddisk0\DR0\Partition1
00:20:39.0198 1308 \Device\Harddisk0\DR0\Partition1 - ok
00:20:39.0214 1308 Boot (0x1200) (ed27fdf1771d1e26f875921c164b0a14) \Device\Harddisk0\DR0\Partition2
00:20:39.0214 1308 \Device\Harddisk0\DR0\Partition2 - ok
00:20:39.0214 1308 ============================================================
00:20:39.0214 1308 Scan finished
00:20:39.0214 1308 ============================================================
00:20:39.0214 1956 Detected object count: 0
00:20:39.0214 1956 Actual detected object count: 0
00:22:48.0366 1764 Deinitialize success

#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 30 June 2012 - 08:43 AM

Hi

Please run the following:

Refer to the ComboFix User's Guide

  • Download ComboFix from one of these locations:

    Link 1
    Link 2

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#6 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 30 June 2012 - 11:28 AM

Hi,

I think ComboFix has stalled. It's been stuck at Completed Stage_4 for about a half an hour. What should I do?

#7 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 30 June 2012 - 11:56 AM

give it longer to complete

if nothing has happened in an hour, then close out the window,

boot into safe mode and try it again

To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY repeatedly,
  • this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode
  • Then press the Enter Key on your Keyboard
  • go into your usual account

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#8 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 30 June 2012 - 12:06 PM

Never mind. I left it alone and it produced this:

ComboFix 12-06-28.03 - admin 06/30/2012 11:42:38.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2360 [GMT -4:00]
Running from: c:\users\admin\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\admin\Documents\~WRL0001.tmp
c:\users\admin\Documents\~WRL0002.tmp
c:\users\admin\Documents\~WRL0003.tmp
c:\users\admin\Documents\~WRL0005.tmp
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-30 )))))))))))))))))))))))))))))))
.
.
2012-06-30 16:54 . 2012-06-30 16:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-25 03:29 . 2012-06-25 03:29 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-25 02:41 . 2012-06-25 02:41 -------- d-----w- c:\users\admin\AppData\Local\Opera
2012-06-25 02:41 . 2012-06-25 02:41 -------- d-----w- c:\program files (x86)\Opera
2012-06-25 02:26 . 2012-06-25 02:26 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-24 16:04 . 2012-06-24 16:04 -------- d-----w- c:\users\admin\AppData\Local\ElevatedDiagnostics
2012-06-23 13:47 . 2012-06-24 15:29 -------- d-----w- c:\users\admin\AppData\Local\NPE
2012-06-23 13:41 . 2012-06-23 13:41 -------- d-----w- c:\users\admin\AppData\Roaming\Malwarebytes
2012-06-23 13:41 . 2012-06-23 13:41 -------- d-----w- c:\programdata\Malwarebytes
2012-06-23 13:41 . 2012-06-23 13:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-23 13:41 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-21 00:34 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 00:34 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 00:34 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 00:34 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 00:34 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 00:34 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 00:34 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 00:33 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 00:33 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 03:50 . 2012-06-23 13:28 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-17 03:50 . 2012-06-23 13:28 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-17 00:07 . 2012-06-17 00:07 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-06-16 17:38 . 2011-12-19 16:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-06-16 17:38 . 2011-12-19 16:44 256632 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-06-16 17:38 . 2011-09-29 16:16 119416 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-06-16 17:38 . 2011-12-19 17:21 45936 ----a-w- c:\windows\system32\sbbd.exe
2012-06-16 17:38 . 2011-10-26 18:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys
2012-06-16 17:38 . 2012-06-16 17:45 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-06-16 17:38 . 2012-06-16 17:38 -------- d-----w- c:\programdata\Lavasoft
2012-06-16 17:37 . 2012-06-16 17:37 -------- d-----w- c:\users\admin\AppData\Local\adawarebp
2012-06-16 17:36 . 2012-06-16 17:43 -------- d-----w- c:\users\admin\AppData\Roaming\Ad-Aware Antivirus
2012-06-15 12:34 . 2012-06-15 12:34 -------- d-----w- c:\users\admin\AppData\Local\Macromedia
2012-06-13 22:13 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 22:13 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 22:13 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 22:13 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 22:13 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 22:13 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 22:13 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 22:13 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 22:13 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 22:13 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 22:13 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 22:12 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 22:12 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 22:12 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 22:12 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 22:12 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 22:12 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-05 02:16 . 2012-06-05 02:16 -------- d-----w- c:\users\admin\AppData\Roaming\eTeks
2012-06-04 23:40 . 2012-06-04 23:40 -------- d-----w- c:\program files (x86)\Common Files\xing shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-04 23:40 . 2011-05-24 11:46 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-06-04 23:40 . 2011-05-24 11:46 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-04-19 08:50 . 2012-04-19 08:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2010-12-05 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2010-12-05 224352]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-06-04 296056]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe [2010-12-17 1927528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-04-30 5106744]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-09-29 119416]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-05 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2011-05-24 57952]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2011-05-24 39008]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [2011-03-15 912504]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-06-19 1161376]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2011-05-24 13408]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120628.001\IDSvia64.sys [2012-06-14 509088]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-12-19 256632]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [2010-11-16 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [2011-04-21 386168]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-05-03 1226096]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe [2011-04-17 130008]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2010-12-22 46080]
S2 RtLedService;RtLedService Installer;c:\program files\Realtek\RtLED\RtLEDService.exe [2010-09-30 311296]
S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2011-05-24 29792]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-05 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-11-09 8500736]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-09-29 119416]
S3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [2011-12-19 84600]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys [2010-09-21 15056]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [2011-02-14 234960]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-17 13:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-14 11697768]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1933584]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-05-24 114688]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2011-05-24 789920]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-05-24 9769888]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-05-24 5908928]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\bnvz3nz1.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-30 13:02:01
ComboFix-quarantined-files.txt 2012-06-30 17:01
.
Pre-Run: 580,856,479,744 bytes free
Post-Run: 580,506,017,792 bytes free
.
- - End Of File - - 8464BE882263A0F36312713CFEA49315

#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 30 June 2012 - 12:10 PM

Hi

Please do the following:

  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#10 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 July 2012 - 05:26 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
admin :: ADMIN-PC [administrator]

7/1/2012 3:16:00 PM
mbam-log-2012-07-01 (15-16-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209706
Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)







The ESET scan came up with 0 infections found.

#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 01 July 2012 - 05:38 PM

Hi,

Please do the following:

Your Java is out of date, so go to Start > Control Panel > Programs and Features > scroll down to the Java installation and Remove it, now download the latest Java version 7 update 5 and install it: http://java.com/en/download/index.jsp


NEXT

Please advise how the computer is running now and if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#12 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 July 2012 - 07:51 PM

Java updated. And the computer seems to be running fine right now.

#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 01 July 2012 - 08:16 PM

Hi

Just some housekeeping to do now,

Please do the following:


You can delete the DDS, TDSSKiller and aswMBR logs and programs from your desktop.


NEXT


Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Click START then RUN
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image


If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

  • Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean
    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE

  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at this well written article:
    PC Safety and Security--What Do I Need?.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#14 apply26

apply26
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 July 2012 - 09:57 PM

Everything uninstalled without a hitch. Thanks for the help and the advice.

#15 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:08 AM

Posted 01 July 2012 - 10:09 PM

you are welcome

stay safe :hello:

~CB

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users