Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

An infeection or Winsdowss issue?


  • This topic is locked This topic is locked
19 replies to this topic

#1 kkoz83

kkoz83

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 05 July 2012 - 03:33 PM

Hello everyone, how are you?

I have a problem - my Windows 7 desktop PC freezes at the attached picture when trying to enter Safe Mode.
I raw Malwarebytes & Norton with nothing found. I also ran a utility from the manufacturer for my hard drive (no issues) & the Windows error check (no issues).

Any ideas?

BC AdBot (Login to Remove)

 


#2 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 06 July 2012 - 10:41 AM

Oops :huh: , I forgot the picture.....My pic is too big, but it's identical to the very first one here ---->
www.techsupportforum.com/forums/f217/windows-7-x64-freeze-at-log-in-even-in-safe-mode-553521.html

Edited by kkoz83, 06 July 2012 - 10:43 AM.


#3 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 09 July 2012 - 05:53 PM

Sorry about the topic misspelling - it should be: An infection or Windows issue?

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 PM

Posted 10 July 2012 - 03:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/459466 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 10 July 2012 - 03:51 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Kamil at 16:48:38 on 2012-07-10
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8191.5077 [GMT -4:00]
.
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k AcfXAudioService
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\CISVC.EXE
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Management\Engine\3.0.0.133\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\system32\fxssvc.exe
C:\Windows\system32\svchost.exe -k bthaudiosvc
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Management\Engine\3.0.0.133\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\MWSnap\MWSnap.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Kamil\AppData\Local\Temp\Rar$EX00.415\Core Temp.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Kamil\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Digsby\lib\digsby-app.exe
C:\Program Files (x86)\stickies\stickies.exe
C:\USERS\KAMIL\APPDATA\LOCAL\TEMP\RAR$EX00.961\PROCEXP.EXE
C:\Users\Kamil\AppData\Local\Akamai\netsession_win.exe
C:\USERS\KAMIL\APPDATA\LOCAL\TEMP\RAR$EX00.961\PROCEXP64.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Digsby\lib\aspell\bin\aspell.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Windows\System32\osk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Kamil\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
uStart Page = hxxp://hotmail.com/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [MWSnap] "C:\Program Files (x86)\MWSnap\MWSnap.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Core Temp] "C:\Users\Kamil\AppData\Local\Temp\Rar$EX00.415\Core Temp.exe"
uRun: [Google Update] "C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [Facebook Update] "C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Akamai NetSession Interface] "C:\Users\Kamil\AppData\Local\Akamai\netsession_win.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Kamil\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Digsby.lnk - C:\Program Files (x86)\Digsby\digsby.exe
StartupFolder: C:\Users\Kamil\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Stickies.lnk - C:\Program Files (x86)\stickies\stickies.exe
StartupFolder: C:\Users\Kamil\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TASKMA~1.LNK - C:\Windows\System32\taskmgr.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: eBay Search - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: %SystemRoot%\system32\vsocklib.dll
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxps://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
TCP: DhcpNameServer = 216.144.187.101 204.186.80.251 216.144.187.199
TCP: Interfaces\{9B120B72-BBA2-4FEB-8637-F49407685638} : DhcpNameServer = 216.144.187.101 204.186.80.251 216.144.187.199
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
IFEO: taskmgr.exe - "C:\USERS\KAMIL\APPDATA\LOCAL\TEMP\RAR$EX00.961\PROCEXP.EXE"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
mRun-x64: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
IFEO-X64: taskmgr.exe - "C:\USERS\KAMIL\APPDATA\LOCAL\TEMP\RAR$EX00.961\PROCEXP.EXE"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\tfrnyu72.default\
FF - prefs.js: browser.startup.homepage - ptd.net|ebay.com|logmein.com|mail.google.com|msn.com|yahoo.com|hxxps://www.google.com|paidviewpoint.com|http://wode.listenernetwork.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&q=
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Users\Kamil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Kamil\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Kamil\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll
FF - plugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\tfrnyu72.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\tfrnyu72.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\Kamil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Kamil\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\system32\Drivers\BtHidBus.sys --> C:\Windows\system32\Drivers\BtHidBus.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [?]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);C:\Windows\system32\DRIVERS\tdrpm258.sys --> C:\Windows\system32\DRIVERS\tdrpm258.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-6-18 1161376]
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\system32\drivers\MCLIENTx64\0300000.085\ccSetx64.sys --> C:\Windows\system32\drivers\MCLIENTx64\0300000.085\ccSetx64.sys [?]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120707.001\IDSviA64.sys [2012-7-10 509088]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AcfXAudioService;AcfXAudioService;C:\Windows\system32\svchost.exe -k AcfXAudioService [2009-7-13 20992]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-3-25 2480048]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-9-24 296808]
R2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe -k bthaudiosvc [2009-7-13 20992]
R2 HPBtnSrv;HP Easy Backup Button Service;C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-11-20 192512]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-9 13336]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.0.0.133\ccSvcHst.exe [2012-7-10 143928]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-7 2214504]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-8-22 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-20 378472]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-2 2673064]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-7-7 138912]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HDD & SSD access service;HDD & SSD access service;"C:\Program Files (x86)\Common Files\BinarySense\disksvc.exe" --> C:\Program Files (x86)\Common Files\BinarySense\disksvc.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 acfva;acfva;C:\Windows\system32\DRIVERS\ACFVA64.sys --> C:\Windows\system32\DRIVERS\ACFVA64.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-29 250056]
S3 BthAudioHF;BthAudioHF Service;C:\Windows\system32\DRIVERS\BthAudioHF.sys --> C:\Windows\system32\DRIVERS\BthAudioHF.sys [?]
S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\system32\DRIVERS\BthAvrcp.sys --> C:\Windows\system32\DRIVERS\BthAvrcp.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\system32\Drivers\btnetBus.sys --> C:\Windows\system32\Drivers\btnetBus.sys [?]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-3-7 23816]
S3 dgcfltr;DGC Filter Driver;C:\Windows\system32\DRIVERS\ACFDCP64.sys --> C:\Windows\system32\DRIVERS\ACFDCP64.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\system32\Drivers\IvtBtBus.sys --> C:\Windows\system32\Drivers\IvtBtBus.sys [?]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-24 113120]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-10 20:46:23 607260 ------r- C:\Users\Kamil\dds.scr
2012-07-10 18:37:26 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-07-10 14:10:51 168608 ----a-r- C:\Windows\System32\drivers\MCLIENTx64\0300000.085\ccSetx64.sys
2012-07-10 14:10:46 -------- d-----w- C:\Windows\System32\drivers\MCLIENTx64\0300000.085
2012-07-10 14:10:46 -------- d-----w- C:\Windows\System32\drivers\MCLIENTx64
2012-07-10 14:10:46 -------- d-----w- C:\Program Files (x86)\Norton Management
2012-07-06 19:03:12 -------- d-----w- C:\Users\Kamil\temp
2012-07-02 23:29:28 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-01 21:25:17 -------- d-----w- C:\Program Files (x86)\Seagate
2012-06-22 13:03:58 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 13:03:41 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 13:03:27 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 13:03:27 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-12 23:14:22 1460224 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-12 23:14:22 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-12 23:14:21 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-12 23:14:21 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-12 23:14:21 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-12 23:14:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-12 23:13:57 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-12 23:13:56 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-12 23:13:56 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-12 23:13:42 3213824 ----a-w- C:\Windows\System32\msi.dll
2012-06-12 23:13:41 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-12 23:13:38 208896 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-12 23:13:36 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-12 23:13:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-12 23:13:27 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-12 23:13:27 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
.
==================== Find3M ====================
.
2012-06-22 23:18:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-22 23:18:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-27 15:36:14 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys
2012-05-04 23:29:22 772504 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-04 17:19:18 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-01 01:05:22 63088 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2012-05-01 01:05:18 942192 ----a-w- C:\Windows\System32\vnetlib64.dll
2012-05-01 01:04:58 354416 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2012-05-01 01:04:44 433264 ----a-w- C:\Windows\SysWow64\vmnat.exe
2012-05-01 01:04:06 32880 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2012-05-01 01:03:26 30320 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2012-04-30 22:26:28 252016 ----a-w- C:\Windows\SysWow64\vmnc.dll
2012-04-30 21:22:42 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll
2012-04-30 21:22:42 48752 ----a-w- C:\Windows\System32\vnetinst.dll
2012-04-30 21:22:42 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2012-04-30 21:22:42 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2012-04-30 21:22:42 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 16:49:15.42 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/3/2010 16:57:11
System Uptime: 7/10/2012 14:45:17 (2 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel® Core™2 Quad CPU Q8200 @ 2.33GHz | CPU 1 | 2333/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 685 GiB total, 551.539 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.818 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP248: 6/29/2012 09:23:14 - Scheduled Checkpoint
RP249: 7/1/2012 17:24:46 - Installed SeaTools for Windows
RP250: 7/2/2012 10:25:54 - Windows Update
RP251: 7/2/2012 19:27:40 - Installed Java™ 7 Update 5
RP252: 7/2/2012 19:28:36 - Removed JavaFX 2.1.0
RP253: 7/2/2012 19:29:06 - Installed JavaFX 2.1.1
RP254: 7/10/2012 13:38:12 - Scheduled Checkpoint
RP255: 7/10/2012 14:31:24 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acronis True Image Home
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon Cloud Drive
AoA Audio Extractor
Apple Application Support
Apple Software Update
Audacity 2.0
Auslogics Disk Defrag
AutoUpdate
Belarc Advisor 8.1
CameraHelperMsi
Chinese Traditional Fonts Support For Adobe Reader 9
CyberLink DVD Suite Deluxe
CyberPower PowerPanel Personal Edition 1.3
DAEMON Tools Lite
Device Doctor 1.0.0.1
DHTML Editing Component
Digsby
DivX Codec
DivX Plus Web Player
DivX Version Checker
Dragon NaturallySpeaking 11
DVDFab 8.1.6.3 (11/02/2012) Qt
Enhanced Multimedia Keyboard Solution
erLT
Facebook Video Calling 1.2.0.159
FlipPDF to WORD (freeware)
Foxit PDF Editor
Freeraser
Geeks3D.com FurMark 1.9.1
Google Talk Plugin
HD Tune 2.55
Hewlett-Packard ACLM.NET v1.1.0.0
HiJackThis
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP Easy Backup
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Picasso Media Center Add-In
HP Print Diagnostic Utility
HP Product Detection
HP Recovery Manager RSS
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
Intel® Rapid Storage Technology
Java Auto Updater
Java™ 7 Update 5
JavaFX 2.1.1
LabelPrint
LAME v3.98.2 for Audacity
LightScribe System Software
LightScribe Template Labeler
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MozBackup 1.4.10
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
MWSnap 3
neroxml
Norton Internet Security
Norton Management
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OCCT Perestroika 3.1.0
Octoshape add-in for Adobe Flash Player
oDesk Team
OpenAL
Pando Media Booster
PC Wizard 2012.2.0
PictureMover
Power2Go
PowerDirector
Python 2.5.2
QuickTime
Rapture3D 2.3.22 Game
Realtek High Definition Audio Driver
Rosetta Stone Version 3
SeaTools for Windows
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
SilentEye
Skype™ 5.10
SopCast 3.2.9
sp41099
sp43111
sp44626
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Stickies 6.7a
StreamTorrent 1.0
swMSM
Symantec Technical Support Web Controls
System Requirements Lab
TeamViewer 7
tools-windows
Total Commander (Remove or Repair)
TrueCrypt
Turbo Lister 2
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.17
Vista Codec Package
VMware Player
Winamp
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
7/7/2012 16:06:35, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
7/7/2012 16:06:33, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on cannot be read.
7/10/2012 14:46:24, Error: Service Control Manager [7000] - The HDD & SSD access service service failed to start due to the following error: The system cannot find the file specified.
7/10/2012 14:36:40, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/10/2012 14:36:40, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

#6 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 10 July 2012 - 03:55 PM

I'm not including a GMER log because I use Windows 7 Home 64-bit & I only have the HP's original upgrade CD (from Vista to 7).

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 13 July 2012 - 09:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Lets start with these scans.

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#8 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 13 July 2012 - 10:13 AM

11:09:46.0598 3396 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
11:09:48.0199 3396 ============================================================
11:09:48.0199 3396 Current date / time: 2012/07/13 11:09:48.0199
11:09:48.0199 3396 SystemInfo:
11:09:48.0199 3396
11:09:48.0199 3396 OS Version: 6.1.7600 ServicePack: 0.0
11:09:48.0199 3396 Product type: Workstation
11:09:48.0199 3396 ComputerName: KAMIL-PC
11:09:48.0199 3396 UserName: Kamil
11:09:48.0199 3396 Windows directory: C:\Windows
11:09:48.0199 3396 System windows directory: C:\Windows
11:09:48.0199 3396 Running under WOW64
11:09:48.0199 3396 Processor architecture: Intel x64
11:09:48.0199 3396 Number of processors: 4
11:09:48.0199 3396 Page size: 0x1000
11:09:48.0199 3396 Boot type: Normal boot
11:09:48.0199 3396 ============================================================
11:09:49.0253 3396 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:09:49.0275 3396 ============================================================
11:09:49.0275 3396 \Device\Harddisk0\DR0:
11:09:49.0275 3396 MBR partitions:
11:09:49.0275 3396 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x55AA8739
11:09:49.0275 3396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x55AA8778, BlocksNum 0x1A9CB89
11:09:49.0275 3396 ============================================================
11:09:49.0296 3396 C: <-> \Device\Harddisk0\DR0\Partition0
11:09:49.0355 3396 D: <-> \Device\Harddisk0\DR0\Partition1
11:09:49.0355 3396 ============================================================
11:09:49.0355 3396 Initialize success
11:09:49.0355 3396 ============================================================
11:09:59.0337 5948 ============================================================
11:09:59.0337 5948 Scan started
11:09:59.0337 5948 Mode: Manual;
11:09:59.0337 5948 ============================================================
11:10:00.0399 5948 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:10:00.0400 5948 1394ohci - ok
11:10:00.0445 5948 acfva (ee3dbb9504f9b99eb44a3785aabd1d5c) C:\Windows\system32\DRIVERS\ACFVA64.sys
11:10:00.0453 5948 acfva - ok
11:10:00.0562 5948 AcfXAudioService (d67c517b4eec71b975cc913ba2625c54) C:\Windows\SysWOW64\ACFXAU64.dll
11:10:00.0586 5948 AcfXAudioService - ok
11:10:00.0617 5948 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:10:00.0619 5948 ACPI - ok
11:10:00.0635 5948 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:10:00.0637 5948 AcpiPmi - ok
11:10:00.0793 5948 AcrSch2Svc (00bfc7a51046cbd77e2a71f237ed2838) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:10:00.0798 5948 AcrSch2Svc - ok
11:10:00.0912 5948 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:10:00.0913 5948 AdobeARMservice - ok
11:10:01.0079 5948 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:10:01.0081 5948 AdobeFlashPlayerUpdateSvc - ok
11:10:01.0223 5948 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:10:01.0230 5948 adp94xx - ok
11:10:01.0257 5948 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:10:01.0261 5948 adpahci - ok
11:10:01.0280 5948 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:10:01.0287 5948 adpu320 - ok
11:10:01.0329 5948 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:10:01.0330 5948 AeLookupSvc - ok
11:10:01.0394 5948 afcdp (3f5fdc12ffa4794fc3a178a26d48e7cf) C:\Windows\system32\DRIVERS\afcdp.sys
11:10:01.0405 5948 afcdp - ok
11:10:01.0593 5948 afcdpsrv (b8c03e224e49e0f9726cddef872237eb) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:10:01.0608 5948 afcdpsrv - ok
11:10:01.0755 5948 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:10:01.0778 5948 AFD - ok
11:10:01.0824 5948 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:10:01.0826 5948 agp440 - ok
11:10:02.0024 5948 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
11:10:02.0024 5948 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
11:10:02.0033 5948 Akamai ( HiddenFile.Multi.Generic ) - warning
11:10:02.0033 5948 Akamai - detected HiddenFile.Multi.Generic (1)
11:10:02.0092 5948 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:10:02.0094 5948 ALG - ok
11:10:02.0138 5948 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:10:02.0139 5948 aliide - ok
11:10:02.0283 5948 ALSysIO - ok
11:10:02.0290 5948 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:10:02.0291 5948 amdide - ok
11:10:02.0312 5948 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:10:02.0314 5948 AmdK8 - ok
11:10:02.0331 5948 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:10:02.0332 5948 AmdPPM - ok
11:10:02.0363 5948 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:10:02.0372 5948 amdsata - ok
11:10:02.0399 5948 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:10:02.0417 5948 amdsbs - ok
11:10:02.0436 5948 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:10:02.0444 5948 amdxata - ok
11:10:02.0485 5948 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:10:02.0486 5948 AppID - ok
11:10:02.0540 5948 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:10:02.0545 5948 AppIDSvc - ok
11:10:02.0561 5948 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:10:02.0563 5948 Appinfo - ok
11:10:02.0574 5948 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:10:02.0576 5948 arc - ok
11:10:02.0594 5948 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:10:02.0596 5948 arcsas - ok
11:10:02.0734 5948 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:10:02.0736 5948 aspnet_state - ok
11:10:02.0758 5948 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:10:02.0759 5948 AsyncMac - ok
11:10:02.0778 5948 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:10:02.0780 5948 atapi - ok
11:10:02.0850 5948 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
11:10:02.0880 5948 athr - ok
11:10:03.0018 5948 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:10:03.0033 5948 AudioEndpointBuilder - ok
11:10:03.0040 5948 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:10:03.0044 5948 AudioSrv - ok
11:10:03.0089 5948 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:10:03.0102 5948 AxInstSV - ok
11:10:03.0182 5948 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:10:03.0198 5948 b06bdrv - ok
11:10:03.0233 5948 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:10:03.0237 5948 b57nd60a - ok
11:10:03.0260 5948 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:10:03.0263 5948 BDESVC - ok
11:10:03.0275 5948 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:10:03.0275 5948 Beep - ok
11:10:03.0327 5948 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:10:03.0345 5948 BFE - ok
11:10:03.0546 5948 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
11:10:03.0553 5948 BHDrvx64 - ok
11:10:03.0696 5948 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
11:10:03.0715 5948 BITS - ok
11:10:03.0845 5948 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:10:03.0847 5948 blbdrive - ok
11:10:03.0875 5948 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:10:03.0876 5948 bowser - ok
11:10:03.0890 5948 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:10:03.0891 5948 BrFiltLo - ok
11:10:03.0908 5948 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:10:03.0909 5948 BrFiltUp - ok
11:10:03.0967 5948 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:10:03.0968 5948 Browser - ok
11:10:03.0988 5948 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:10:03.0992 5948 Brserid - ok
11:10:04.0010 5948 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:10:04.0011 5948 BrSerWdm - ok
11:10:04.0027 5948 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:10:04.0028 5948 BrUsbMdm - ok
11:10:04.0041 5948 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:10:04.0042 5948 BrUsbSer - ok
11:10:04.0069 5948 Btcsrusb - ok
11:10:04.0107 5948 BthAudioHF (07dcb3c254d584e3949fe2c0ee3963f2) C:\Windows\system32\DRIVERS\BthAudioHF.sys
11:10:04.0108 5948 BthAudioHF - ok
11:10:04.0127 5948 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
11:10:04.0128 5948 BthAvrcp - ok
11:10:04.0170 5948 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
11:10:04.0171 5948 BthEnum - ok
11:10:04.0190 5948 BtHidBus (992d8c032884dc4c837c40bf52cb5c89) C:\Windows\system32\Drivers\BtHidBus.sys
11:10:04.0191 5948 BtHidBus - ok
11:10:04.0209 5948 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:10:04.0210 5948 BTHMODEM - ok
11:10:04.0230 5948 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:10:04.0231 5948 BthPan - ok
11:10:04.0269 5948 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
11:10:04.0286 5948 BTHPORT - ok
11:10:04.0343 5948 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:10:04.0344 5948 bthserv - ok
11:10:04.0371 5948 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
11:10:04.0372 5948 BTHUSB - ok
11:10:04.0390 5948 btnetBUs (40aaab64465e42c72b6411aaeb3eef0f) C:\Windows\system32\Drivers\btnetBus.sys
11:10:04.0391 5948 btnetBUs - ok
11:10:04.0489 5948 ccSet_MCLIENT (e41f70406c34f1cb667b4b27d81ad162) C:\Windows\system32\drivers\MCLIENTx64\0300000.085\ccSetx64.sys
11:10:04.0490 5948 ccSet_MCLIENT - ok
11:10:04.0627 5948 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys
11:10:04.0629 5948 ccSet_NIS - ok
11:10:04.0679 5948 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:10:04.0683 5948 cdfs - ok
11:10:04.0715 5948 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:10:04.0716 5948 cdrom - ok
11:10:04.0777 5948 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:10:04.0779 5948 CertPropSvc - ok
11:10:04.0794 5948 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:10:04.0795 5948 circlass - ok
11:10:04.0843 5948 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE
11:10:04.0844 5948 CISVC - ok
11:10:04.0867 5948 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:10:04.0873 5948 CLFS - ok
11:10:04.0978 5948 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:10:04.0981 5948 clr_optimization_v2.0.50727_32 - ok
11:10:05.0071 5948 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:10:05.0075 5948 clr_optimization_v2.0.50727_64 - ok
11:10:05.0135 5948 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:10:05.0142 5948 clr_optimization_v4.0.30319_32 - ok
11:10:05.0171 5948 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:10:05.0172 5948 clr_optimization_v4.0.30319_64 - ok
11:10:05.0221 5948 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:10:05.0222 5948 CmBatt - ok
11:10:05.0238 5948 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:10:05.0239 5948 cmdide - ok
11:10:05.0290 5948 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
11:10:05.0295 5948 CNG - ok
11:10:05.0331 5948 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:10:05.0332 5948 Compbatt - ok
11:10:05.0356 5948 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:10:05.0356 5948 CompositeBus - ok
11:10:05.0365 5948 COMSysApp - ok
11:10:05.0430 5948 cpuz134 - ok
11:10:05.0477 5948 cpuz135 (8f5b84350bfc4fe3a65d921b4bd0e737) C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
11:10:05.0477 5948 cpuz135 - ok
11:10:05.0491 5948 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:10:05.0494 5948 crcdisk - ok
11:10:05.0522 5948 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
11:10:05.0523 5948 CryptSvc - ok
11:10:05.0584 5948 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:10:05.0600 5948 DcomLaunch - ok
11:10:05.0654 5948 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:10:05.0659 5948 defragsvc - ok
11:10:05.0677 5948 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:10:05.0678 5948 DfsC - ok
11:10:05.0714 5948 dgcfltr (bb3003d9db0d3b18b3284ccfd57f3c3f) C:\Windows\system32\DRIVERS\ACFDCP64.sys
11:10:05.0715 5948 dgcfltr - ok
11:10:05.0746 5948 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:10:05.0748 5948 Dhcp - ok
11:10:05.0760 5948 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:10:05.0761 5948 discache - ok
11:10:05.0784 5948 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:10:05.0785 5948 Disk - ok
11:10:05.0809 5948 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:10:05.0811 5948 Dnscache - ok
11:10:05.0830 5948 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:10:05.0835 5948 dot3svc - ok
11:10:05.0850 5948 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:10:05.0852 5948 DPS - ok
11:10:05.0968 5948 DragonSvc (0b9d2b8d0c3955ef851a98155c349b59) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
11:10:05.0971 5948 DragonSvc - ok
11:10:06.0011 5948 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:10:06.0012 5948 drmkaud - ok
11:10:06.0070 5948 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:10:06.0076 5948 DXGKrnl - ok
11:10:06.0090 5948 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:10:06.0091 5948 EapHost - ok
11:10:06.0214 5948 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:10:06.0273 5948 ebdrv - ok
11:10:06.0452 5948 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:10:06.0456 5948 eeCtrl - ok
11:10:06.0590 5948 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:10:06.0591 5948 EFS - ok
11:10:06.0701 5948 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:10:06.0707 5948 elxstor - ok
11:10:06.0780 5948 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:10:06.0782 5948 EraserUtilRebootDrv - ok
11:10:06.0795 5948 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:10:06.0796 5948 ErrDev - ok
11:10:06.0855 5948 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:10:06.0858 5948 EventSystem - ok
11:10:06.0881 5948 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:10:06.0882 5948 exfat - ok
11:10:06.0900 5948 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:10:06.0902 5948 fastfat - ok
11:10:06.0943 5948 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:10:06.0948 5948 Fax - ok
11:10:06.0972 5948 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:10:06.0973 5948 fdc - ok
11:10:06.0987 5948 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:10:06.0988 5948 fdPHost - ok
11:10:07.0000 5948 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:10:07.0001 5948 FDResPub - ok
11:10:07.0012 5948 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:10:07.0013 5948 FileInfo - ok
11:10:07.0027 5948 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:10:07.0028 5948 Filetrace - ok
11:10:07.0182 5948 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:10:07.0195 5948 FLEXnet Licensing Service - ok
11:10:07.0210 5948 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:10:07.0211 5948 flpydisk - ok
11:10:07.0240 5948 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:10:07.0242 5948 FltMgr - ok
11:10:07.0299 5948 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
11:10:07.0321 5948 FontCache - ok
11:10:07.0424 5948 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:10:07.0425 5948 FontCache3.0.0.0 - ok
11:10:07.0475 5948 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:10:07.0476 5948 FsDepends - ok
11:10:07.0503 5948 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
11:10:07.0504 5948 Fs_Rec - ok
11:10:07.0549 5948 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:10:07.0550 5948 fvevol - ok
11:10:07.0563 5948 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:10:07.0564 5948 gagp30kx - ok
11:10:07.0629 5948 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:10:07.0645 5948 gpsvc - ok
11:10:07.0687 5948 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
11:10:07.0688 5948 hcmon - ok
11:10:07.0704 5948 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:10:07.0705 5948 hcw85cir - ok
11:10:07.0730 5948 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:10:07.0731 5948 HDAudBus - ok
11:10:07.0795 5948 HDD & SSD access service - ok
11:10:07.0838 5948 HFGService (ee8c05f926521a0e24edaf40f45d01e6) C:\Windows\System32\HFGService.dll
11:10:07.0854 5948 HFGService - ok
11:10:07.0866 5948 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:10:07.0867 5948 HidBatt - ok
11:10:07.0885 5948 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:10:07.0886 5948 HidBth - ok
11:10:07.0898 5948 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:10:07.0899 5948 HidIr - ok
11:10:07.0919 5948 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:10:07.0920 5948 hidserv - ok
11:10:07.0956 5948 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:10:07.0957 5948 HidUsb - ok
11:10:07.0988 5948 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:10:07.0989 5948 hkmsvc - ok
11:10:08.0018 5948 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:10:08.0023 5948 HomeGroupListener - ok
11:10:08.0038 5948 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:10:08.0040 5948 HomeGroupProvider - ok
11:10:08.0178 5948 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:10:08.0179 5948 HP Health Check Service - ok
11:10:08.0246 5948 HPBtnSrv (deab3bf5aefbdc3f9ac0e020926ec81d) C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
11:10:08.0248 5948 HPBtnSrv - ok
11:10:08.0269 5948 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:10:08.0270 5948 HpSAMD - ok
11:10:08.0315 5948 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:10:08.0336 5948 HTTP - ok
11:10:08.0349 5948 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:10:08.0349 5948 hwpolicy - ok
11:10:08.0376 5948 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:10:08.0378 5948 i8042prt - ok
11:10:08.0446 5948 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
11:10:08.0450 5948 iaStor - ok
11:10:08.0546 5948 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:10:08.0547 5948 IAStorDataMgrSvc - ok
11:10:08.0602 5948 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:10:08.0608 5948 iaStorV - ok
11:10:08.0711 5948 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:10:08.0733 5948 idsvc - ok
11:10:08.0882 5948 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120712.001\IDSvia64.sys
11:10:08.0885 5948 IDSVia64 - ok
11:10:08.0990 5948 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:10:08.0991 5948 iirsp - ok
11:10:09.0065 5948 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:10:09.0083 5948 IKEEXT - ok
11:10:09.0202 5948 IntcAzAudAddService (c1e2d46eb6e533dd087c684d33411f4a) C:\Windows\system32\drivers\RTKVHD64.sys
11:10:09.0214 5948 IntcAzAudAddService - ok
11:10:09.0321 5948 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:10:09.0322 5948 intelide - ok
11:10:09.0350 5948 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:10:09.0350 5948 intelppm - ok
11:10:09.0367 5948 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:10:09.0371 5948 IPBusEnum - ok
11:10:09.0394 5948 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:10:09.0395 5948 IpFilterDriver - ok
11:10:09.0426 5948 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:10:09.0440 5948 iphlpsvc - ok
11:10:09.0457 5948 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:10:09.0458 5948 IPMIDRV - ok
11:10:09.0473 5948 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:10:09.0474 5948 IPNAT - ok
11:10:09.0490 5948 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:10:09.0491 5948 IRENUM - ok
11:10:09.0510 5948 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:10:09.0511 5948 isapnp - ok
11:10:09.0526 5948 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:10:09.0529 5948 iScsiPrt - ok
11:10:09.0557 5948 IvtBtBUs (1c6d68a0bf108a5b3d40b2e84ae3ccda) C:\Windows\system32\Drivers\IvtBtBus.sys
11:10:09.0558 5948 IvtBtBUs - ok
11:10:09.0569 5948 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:10:09.0569 5948 kbdclass - ok
11:10:09.0581 5948 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:10:09.0582 5948 kbdhid - ok
11:10:09.0613 5948 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:10:09.0614 5948 KeyIso - ok
11:10:09.0643 5948 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
11:10:09.0644 5948 KSecDD - ok
11:10:09.0661 5948 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
11:10:09.0662 5948 KSecPkg - ok
11:10:09.0678 5948 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:10:09.0679 5948 ksthunk - ok
11:10:09.0722 5948 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:10:09.0739 5948 KtmRm - ok
11:10:09.0775 5948 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
11:10:09.0778 5948 LanmanServer - ok
11:10:09.0820 5948 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:10:09.0823 5948 LanmanWorkstation - ok
11:10:09.0931 5948 LightScribeService (dfeff67508d3a9aeb1a85d7b0f513b24) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:10:09.0932 5948 LightScribeService - ok
11:10:09.0967 5948 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:10:09.0967 5948 lltdio - ok
11:10:10.0025 5948 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:10:10.0043 5948 lltdsvc - ok
11:10:10.0058 5948 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:10:10.0060 5948 lmhosts - ok
11:10:10.0087 5948 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
11:10:10.0088 5948 lmimirr - ok
11:10:10.0100 5948 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
11:10:10.0101 5948 LMIRfsDriver - ok
11:10:10.0164 5948 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:10:10.0165 5948 LSI_FC - ok
11:10:10.0178 5948 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:10:10.0179 5948 LSI_SAS - ok
11:10:10.0192 5948 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:10:10.0193 5948 LSI_SAS2 - ok
11:10:10.0209 5948 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:10:10.0210 5948 LSI_SCSI - ok
11:10:10.0240 5948 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:10:10.0242 5948 luafv - ok
11:10:10.0269 5948 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:10:10.0270 5948 LVPr2M64 - ok
11:10:10.0286 5948 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:10:10.0287 5948 LVPr2Mon - ok
11:10:10.0326 5948 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
11:10:10.0328 5948 LVRS64 - ok
11:10:10.0498 5948 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
11:10:10.0524 5948 LVUVC64 - ok
11:10:10.0620 5948 MCLIENT (c5046bbdbc044eebc339d800f75a62db) C:\Program Files (x86)\Norton Management\Engine\3.0.0.133\ccSvcHst.exe
11:10:10.0621 5948 MCLIENT - ok
11:10:10.0746 5948 mdmxsdk (a3b8f49446f15931e46380151e73221f) C:\Windows\system32\DRIVERS\ACFSDK64.sys
11:10:10.0747 5948 mdmxsdk - ok
11:10:10.0775 5948 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:10:10.0776 5948 megasas - ok
11:10:10.0797 5948 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:10:10.0801 5948 MegaSR - ok
11:10:10.0865 5948 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:10:10.0867 5948 Microsoft Office Groove Audit Service - ok
11:10:10.0919 5948 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:10:10.0920 5948 MMCSS - ok
11:10:10.0934 5948 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:10:10.0935 5948 Modem - ok
11:10:10.0961 5948 MODEMCSA (e38aef079cd3bcfa19f2072a214f829d) C:\Windows\system32\drivers\MODEMCSA.sys
11:10:10.0962 5948 MODEMCSA - ok
11:10:10.0987 5948 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:10:10.0988 5948 monitor - ok
11:10:11.0005 5948 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:10:11.0006 5948 mouclass - ok
11:10:11.0027 5948 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:10:11.0028 5948 mouhid - ok
11:10:11.0040 5948 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:10:11.0041 5948 mountmgr - ok
11:10:11.0128 5948 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:10:11.0129 5948 MozillaMaintenance - ok
11:10:11.0146 5948 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:10:11.0148 5948 mpio - ok
11:10:11.0165 5948 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:10:11.0166 5948 mpsdrv - ok
11:10:11.0226 5948 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:10:11.0245 5948 MpsSvc - ok
11:10:11.0263 5948 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:10:11.0264 5948 MRxDAV - ok
11:10:11.0290 5948 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:10:11.0291 5948 mrxsmb - ok
11:10:11.0323 5948 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:10:11.0328 5948 mrxsmb10 - ok
11:10:11.0346 5948 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:10:11.0348 5948 mrxsmb20 - ok
11:10:11.0365 5948 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:10:11.0366 5948 msahci - ok
11:10:11.0402 5948 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:10:11.0404 5948 msdsm - ok
11:10:11.0425 5948 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:10:11.0429 5948 MSDTC - ok
11:10:11.0448 5948 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:10:11.0449 5948 Msfs - ok
11:10:11.0465 5948 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:10:11.0465 5948 mshidkmdf - ok
11:10:11.0480 5948 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:10:11.0481 5948 msisadrv - ok
11:10:11.0517 5948 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:10:11.0521 5948 MSiSCSI - ok
11:10:11.0525 5948 msiserver - ok
11:10:11.0553 5948 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:10:11.0553 5948 MSKSSRV - ok
11:10:11.0558 5948 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:10:11.0559 5948 MSPCLOCK - ok
11:10:11.0571 5948 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:10:11.0572 5948 MSPQM - ok
11:10:11.0591 5948 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:10:11.0601 5948 MsRPC - ok
11:10:11.0614 5948 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:10:11.0615 5948 mssmbios - ok
11:10:11.0629 5948 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:10:11.0629 5948 MSTEE - ok
11:10:11.0643 5948 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:10:11.0644 5948 MTConfig - ok
11:10:11.0666 5948 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:10:11.0667 5948 Mup - ok
11:10:11.0735 5948 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:10:11.0752 5948 napagent - ok
11:10:11.0796 5948 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:10:11.0798 5948 NativeWifiP - ok
11:10:11.0950 5948 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120712.034\ENG64.SYS
11:10:11.0951 5948 NAVENG - ok
11:10:12.0047 5948 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120712.034\EX64.SYS
11:10:12.0059 5948 NAVEX15 - ok
11:10:12.0218 5948 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:10:12.0236 5948 NDIS - ok
11:10:12.0261 5948 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:10:12.0262 5948 NdisCap - ok
11:10:12.0289 5948 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:10:12.0290 5948 NdisTapi - ok
11:10:12.0302 5948 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:10:12.0303 5948 Ndisuio - ok
11:10:12.0320 5948 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:10:12.0321 5948 NdisWan - ok
11:10:12.0334 5948 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:10:12.0335 5948 NDProxy - ok
11:10:12.0348 5948 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:10:12.0349 5948 NetBIOS - ok
11:10:12.0368 5948 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:10:12.0370 5948 NetBT - ok
11:10:12.0395 5948 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:10:12.0396 5948 Netlogon - ok
11:10:12.0463 5948 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:10:12.0466 5948 Netman - ok
11:10:12.0610 5948 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:12.0614 5948 NetMsmqActivator - ok
11:10:12.0637 5948 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:12.0639 5948 NetPipeActivator - ok
11:10:12.0670 5948 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:10:12.0685 5948 netprofm - ok
11:10:12.0712 5948 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:12.0713 5948 NetTcpActivator - ok
11:10:12.0717 5948 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:12.0718 5948 NetTcpPortSharing - ok
11:10:12.0782 5948 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:10:12.0783 5948 nfrd960 - ok
11:10:12.0887 5948 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
11:10:12.0888 5948 NIS - ok
11:10:12.0920 5948 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:10:12.0923 5948 NlaSvc - ok
11:10:12.0937 5948 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:10:12.0937 5948 Npfs - ok
11:10:12.0949 5948 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:10:12.0951 5948 nsi - ok
11:10:12.0958 5948 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:10:12.0958 5948 nsiproxy - ok
11:10:13.0031 5948 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:10:13.0062 5948 Ntfs - ok
11:10:13.0202 5948 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:10:13.0202 5948 Null - ok
11:10:13.0627 5948 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:10:13.0695 5948 nvlddmkm - ok
11:10:13.0784 5948 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:10:13.0793 5948 nvraid - ok
11:10:13.0814 5948 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:10:13.0825 5948 nvstor - ok
11:10:13.0883 5948 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
11:10:13.0890 5948 nvsvc - ok
11:10:14.0063 5948 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:10:14.0075 5948 nvUpdatusService - ok
11:10:14.0145 5948 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:10:14.0146 5948 nv_agp - ok
11:10:14.0240 5948 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:10:14.0256 5948 odserv - ok
11:10:14.0268 5948 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:10:14.0270 5948 ohci1394 - ok
11:10:14.0300 5948 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:10:14.0302 5948 ose - ok
11:10:14.0342 5948 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:10:14.0359 5948 p2pimsvc - ok
11:10:14.0386 5948 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:10:14.0404 5948 p2psvc - ok
11:10:14.0453 5948 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:10:14.0454 5948 Parport - ok
11:10:14.0486 5948 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
11:10:14.0494 5948 partmgr - ok
11:10:14.0513 5948 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:10:14.0515 5948 PcaSvc - ok
11:10:14.0541 5948 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:10:14.0544 5948 pci - ok
11:10:14.0553 5948 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:10:14.0554 5948 pciide - ok
11:10:14.0576 5948 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:10:14.0580 5948 pcmcia - ok
11:10:14.0596 5948 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:10:14.0597 5948 pcw - ok
11:10:14.0628 5948 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:10:14.0647 5948 PEAUTH - ok
11:10:14.0755 5948 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:10:14.0758 5948 PerfHost - ok
11:10:14.0864 5948 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:10:14.0892 5948 pla - ok
11:10:14.0933 5948 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:10:14.0936 5948 PlugPlay - ok
11:10:14.0952 5948 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:10:14.0955 5948 PNRPAutoReg - ok
11:10:14.0975 5948 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:10:14.0978 5948 PNRPsvc - ok
11:10:15.0030 5948 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:10:15.0046 5948 PolicyAgent - ok
11:10:15.0094 5948 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:10:15.0097 5948 Power - ok
11:10:15.0216 5948 ppped (2f8f37bc4a29726c65aedc3bade242a6) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
11:10:15.0222 5948 ppped - ok
11:10:15.0278 5948 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:10:15.0279 5948 PptpMiniport - ok
11:10:15.0310 5948 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:10:15.0311 5948 Processor - ok
11:10:15.0347 5948 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
11:10:15.0349 5948 ProfSvc - ok
11:10:15.0368 5948 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:10:15.0369 5948 ProtectedStorage - ok
11:10:15.0427 5948 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
11:10:15.0428 5948 Ps2 - ok
11:10:15.0442 5948 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:10:15.0443 5948 Psched - ok
11:10:15.0507 5948 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:10:15.0535 5948 ql2300 - ok
11:10:15.0610 5948 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:10:15.0611 5948 ql40xx - ok
11:10:15.0660 5948 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:10:15.0666 5948 QWAVE - ok
11:10:15.0680 5948 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:10:15.0681 5948 QWAVEdrv - ok
11:10:15.0700 5948 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:10:15.0701 5948 RasAcd - ok
11:10:15.0741 5948 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:10:15.0742 5948 RasAgileVpn - ok
11:10:15.0757 5948 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:10:15.0762 5948 RasAuto - ok
11:10:15.0782 5948 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:10:15.0783 5948 Rasl2tp - ok
11:10:15.0810 5948 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:10:15.0827 5948 RasMan - ok
11:10:15.0846 5948 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:10:15.0847 5948 RasPppoe - ok
11:10:15.0863 5948 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:10:15.0864 5948 RasSstp - ok
11:10:15.0885 5948 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:10:15.0889 5948 rdbss - ok
11:10:15.0901 5948 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:10:15.0902 5948 rdpbus - ok
11:10:15.0922 5948 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:10:15.0923 5948 RDPCDD - ok
11:10:15.0935 5948 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:10:15.0935 5948 RDPENCDD - ok
11:10:15.0950 5948 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:10:15.0951 5948 RDPREFMP - ok
11:10:15.0977 5948 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
11:10:15.0981 5948 RDPWD - ok
11:10:16.0000 5948 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:10:16.0001 5948 rdyboost - ok
11:10:16.0050 5948 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:10:16.0053 5948 RemoteAccess - ok
11:10:16.0094 5948 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:10:16.0099 5948 RemoteRegistry - ok
11:10:16.0130 5948 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:10:16.0131 5948 RFCOMM - ok
11:10:16.0163 5948 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:10:16.0165 5948 RpcEptMapper - ok
11:10:16.0214 5948 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:10:16.0217 5948 RpcLocator - ok
11:10:16.0244 5948 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:10:16.0248 5948 RpcSs - ok
11:10:16.0266 5948 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:10:16.0267 5948 rspndr - ok
11:10:16.0325 5948 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
11:10:16.0327 5948 RTL8169 - ok
11:10:16.0364 5948 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:10:16.0365 5948 SamSs - ok
11:10:16.0501 5948 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:10:16.0502 5948 sbp2port - ok
11:10:16.0663 5948 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:10:16.0670 5948 SBSDWSCService - ok
11:10:16.0690 5948 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:10:16.0696 5948 SCardSvr - ok
11:10:16.0742 5948 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:10:16.0743 5948 scfilter - ok
11:10:16.0798 5948 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:10:16.0824 5948 Schedule - ok
11:10:16.0871 5948 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:10:16.0872 5948 SCPolicySvc - ok
11:10:16.0924 5948 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:10:16.0929 5948 SDRSVC - ok
11:10:16.0950 5948 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:10:16.0950 5948 secdrv - ok
11:10:16.0967 5948 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:10:16.0969 5948 seclogon - ok
11:10:16.0984 5948 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:10:16.0986 5948 SENS - ok
11:10:17.0001 5948 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:10:17.0005 5948 SensrSvc - ok
11:10:17.0030 5948 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:10:17.0030 5948 Serenum - ok
11:10:17.0060 5948 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:10:17.0061 5948 Serial - ok
11:10:17.0068 5948 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:10:17.0069 5948 sermouse - ok
11:10:17.0093 5948 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:10:17.0095 5948 SessionEnv - ok
11:10:17.0120 5948 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:10:17.0121 5948 sffdisk - ok
11:10:17.0138 5948 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:10:17.0139 5948 sffp_mmc - ok
11:10:17.0154 5948 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:10:17.0155 5948 sffp_sd - ok
11:10:17.0174 5948 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:10:17.0175 5948 sfloppy - ok
11:10:17.0221 5948 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:10:17.0228 5948 SharedAccess - ok
11:10:17.0250 5948 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:10:17.0254 5948 ShellHWDetection - ok
11:10:17.0268 5948 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:10:17.0269 5948 SiSRaid2 - ok
11:10:17.0288 5948 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:10:17.0289 5948 SiSRaid4 - ok
11:10:17.0416 5948 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:10:17.0417 5948 SkypeUpdate - ok
11:10:17.0446 5948 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:10:17.0448 5948 Smb - ok
11:10:17.0507 5948 snapman (27ba49f89468fddae6c2b311c53bce3a) C:\Windows\system32\DRIVERS\snapman.sys
11:10:17.0511 5948 snapman - ok
11:10:17.0527 5948 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:10:17.0530 5948 SNMPTRAP - ok
11:10:17.0546 5948 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:10:17.0547 5948 spldr - ok
11:10:17.0586 5948 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:10:17.0591 5948 Spooler - ok
11:10:17.0713 5948 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:10:17.0733 5948 sppsvc - ok
11:10:17.0838 5948 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:10:17.0842 5948 sppuinotify - ok
11:10:17.0897 5948 sptd (a15860e920b02c9a7ce8f3a6c2ff1e3a) C:\Windows\System32\Drivers\sptd.sys
11:10:17.0914 5948 sptd - ok
11:10:17.0987 5948 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS
11:10:17.0992 5948 SRTSP - ok
11:10:18.0010 5948 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS
11:10:18.0011 5948 SRTSPX - ok
11:10:18.0049 5948 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:10:18.0064 5948 srv - ok
11:10:18.0085 5948 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:10:18.0100 5948 srv2 - ok
11:10:18.0131 5948 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:10:18.0133 5948 srvnet - ok
11:10:18.0203 5948 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:10:18.0205 5948 SSDPSRV - ok
11:10:18.0218 5948 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:10:18.0222 5948 SstpSvc - ok
11:10:18.0330 5948 Stereo Service (6086b60f2e36d06a063cb07ed0524332) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:10:18.0333 5948 Stereo Service - ok
11:10:18.0372 5948 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:10:18.0372 5948 stexstor - ok
11:10:18.0542 5948 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:10:18.0566 5948 stisvc - ok
11:10:18.0600 5948 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:10:18.0601 5948 swenum - ok
11:10:18.0636 5948 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:10:18.0653 5948 swprv - ok
11:10:18.0772 5948 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
11:10:18.0775 5948 Symantec RemoteAssist - ok
11:10:18.0842 5948 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS
11:10:18.0856 5948 SymDS - ok
11:10:18.0922 5948 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS
11:10:18.0950 5948 SymEFA - ok
11:10:18.0978 5948 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:10:18.0979 5948 SymEvent - ok
11:10:18.0998 5948 SymIM (b681d1b0f9596684225dcc9b94c6bacf) C:\Windows\system32\DRIVERS\SymIMv.sys
11:10:18.0999 5948 SymIM - ok
11:10:19.0027 5948 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS
11:10:19.0029 5948 SymIRON - ok
11:10:19.0053 5948 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS
11:10:19.0056 5948 SymNetS - ok
11:10:19.0143 5948 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:10:19.0177 5948 SysMain - ok
11:10:19.0277 5948 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:10:19.0282 5948 TabletInputService - ok
11:10:19.0305 5948 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:10:19.0317 5948 TapiSrv - ok
11:10:19.0334 5948 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:10:19.0336 5948 TBS - ok
11:10:19.0439 5948 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
11:10:19.0450 5948 Tcpip - ok
11:10:19.0580 5948 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
11:10:19.0591 5948 TCPIP6 - ok
11:10:19.0695 5948 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:10:19.0696 5948 tcpipreg - ok
11:10:19.0715 5948 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:10:19.0716 5948 TDPIPE - ok
11:10:19.0809 5948 tdrpman258 (bf7ac81df6fbe09438d9dc7188178ea9) C:\Windows\system32\DRIVERS\tdrpm258.sys
11:10:19.0847 5948 tdrpman258 - ok
11:10:19.0933 5948 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:10:19.0934 5948 TDTCP - ok
11:10:19.0958 5948 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:10:19.0960 5948 tdx - ok
11:10:20.0148 5948 TeamViewer7 (4a84526076717f87f3e1ad24ab28fb5a) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:10:20.0164 5948 TeamViewer7 - ok
11:10:20.0248 5948 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
11:10:20.0249 5948 teamviewervpn - ok
11:10:20.0260 5948 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:10:20.0262 5948 TermDD - ok
11:10:20.0306 5948 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:10:20.0323 5948 TermService - ok
11:10:20.0334 5948 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:10:20.0336 5948 Themes - ok
11:10:20.0388 5948 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:10:20.0389 5948 THREADORDER - ok
11:10:20.0455 5948 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:10:20.0458 5948 TrkWks - ok
11:10:20.0554 5948 truecrypt (ea43de1743c1ba0d2d17b8db90c91d88) C:\Windows\system32\drivers\truecrypt.sys
11:10:20.0564 5948 truecrypt - ok
11:10:20.0636 5948 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:10:20.0638 5948 TrustedInstaller - ok
11:10:20.0657 5948 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:10:20.0659 5948 tssecsrv - ok
11:10:20.0687 5948 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:10:20.0688 5948 tunnel - ok
11:10:20.0701 5948 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:10:20.0702 5948 uagp35 - ok
11:10:20.0725 5948 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:10:20.0742 5948 udfs - ok
11:10:20.0780 5948 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:10:20.0784 5948 UI0Detect - ok
11:10:20.0798 5948 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:10:20.0799 5948 uliagpkx - ok
11:10:20.0816 5948 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:10:20.0817 5948 umbus - ok
11:10:20.0832 5948 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:10:20.0832 5948 UmPass - ok
11:10:20.0946 5948 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
11:10:20.0949 5948 UMVPFSrv - ok
11:10:20.0970 5948 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:10:20.0975 5948 upnphost - ok
11:10:21.0016 5948 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
11:10:21.0017 5948 usbaudio - ok
11:10:21.0037 5948 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
11:10:21.0039 5948 usbccgp - ok
11:10:21.0065 5948 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:10:21.0066 5948 usbcir - ok
11:10:21.0093 5948 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
11:10:21.0094 5948 usbehci - ok
11:10:21.0127 5948 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
11:10:21.0137 5948 usbhub - ok
11:10:21.0165 5948 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
11:10:21.0166 5948 usbohci - ok
11:10:21.0196 5948 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:10:21.0196 5948 usbprint - ok
11:10:21.0228 5948 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:10:21.0229 5948 usbscan - ok
11:10:21.0263 5948 usbser (0f0c72a657c622286013788b886968ad) C:\Windows\system32\DRIVERS\usbser.sys
11:10:21.0264 5948 usbser - ok
11:10:21.0284 5948 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:10:21.0285 5948 USBSTOR - ok
11:10:21.0298 5948 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:10:21.0299 5948 usbuhci - ok
11:10:21.0335 5948 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:10:21.0337 5948 UxSms - ok
11:10:21.0358 5948 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:10:21.0359 5948 VaultSvc - ok
11:10:21.0375 5948 VComm - ok
11:10:21.0415 5948 VcommMgr - ok
11:10:21.0444 5948 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:10:21.0445 5948 vdrvroot - ok
11:10:21.0480 5948 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:10:21.0497 5948 vds - ok
11:10:21.0518 5948 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:10:21.0519 5948 vga - ok
11:10:21.0534 5948 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:10:21.0535 5948 VgaSave - ok
11:10:21.0558 5948 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:10:21.0561 5948 vhdmp - ok
11:10:21.0579 5948 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:10:21.0579 5948 viaide - ok
11:10:21.0677 5948 VMAuthdService (94cf2d157c8fd9089afa5da78aa64c65) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
11:10:21.0678 5948 VMAuthdService - ok
11:10:21.0707 5948 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
11:10:21.0708 5948 vmci - ok
11:10:21.0731 5948 vmkbd (0b13268268b3d2c99ba5021593d0f767) C:\Windows\system32\drivers\VMkbd.sys
11:10:21.0732 5948 vmkbd - ok
11:10:21.0754 5948 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:10:21.0754 5948 VMnetAdapter - ok
11:10:21.0791 5948 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:10:21.0792 5948 VMnetBridge - ok
11:10:21.0798 5948 VMnetDHCP - ok
11:10:21.0816 5948 VMnetuserif (518d188f04bc4c6ba0581775b9a5ea90) C:\Windows\system32\drivers\vmnetuserif.sys
11:10:21.0816 5948 VMnetuserif - ok
11:10:21.0880 5948 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:10:21.0886 5948 VMUSBArbService - ok
11:10:21.0900 5948 VMware NAT Service - ok
11:10:21.0926 5948 vmx86 (baf28a75b00b79dc92702af7acffd3e5) C:\Windows\system32\drivers\vmx86.sys
11:10:21.0927 5948 vmx86 - ok
11:10:21.0957 5948 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:10:21.0958 5948 volmgr - ok
11:10:21.0985 5948 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:10:21.0994 5948 volmgrx - ok
11:10:22.0020 5948 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:10:22.0022 5948 volsnap - ok
11:10:22.0036 5948 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:10:22.0039 5948 vsmraid - ok
11:10:22.0122 5948 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:10:22.0156 5948 VSS - ok
11:10:22.0271 5948 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:10:22.0272 5948 vwifibus - ok
11:10:22.0300 5948 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:10:22.0301 5948 vwififlt - ok
11:10:22.0328 5948 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:10:22.0329 5948 vwifimp - ok
11:10:22.0357 5948 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:10:22.0361 5948 W32Time - ok
11:10:22.0381 5948 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:10:22.0382 5948 WacomPen - ok
11:10:22.0435 5948 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:10:22.0436 5948 WANARP - ok
11:10:22.0457 5948 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:10:22.0458 5948 Wanarpv6 - ok
11:10:22.0534 5948 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:10:22.0562 5948 WatAdminSvc - ok
11:10:22.0622 5948 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:10:22.0657 5948 wbengine - ok
11:10:22.0771 5948 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:10:22.0777 5948 WbioSrvc - ok
11:10:22.0813 5948 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:10:22.0829 5948 wcncsvc - ok
11:10:22.0869 5948 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:10:22.0873 5948 WcsPlugInService - ok
11:10:22.0913 5948 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:10:22.0913 5948 Wd - ok
11:10:22.0942 5948 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:10:22.0956 5948 Wdf01000 - ok
11:10:22.0972 5948 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:10:22.0974 5948 WdiServiceHost - ok
11:10:22.0978 5948 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:10:22.0980 5948 WdiSystemHost - ok
11:10:23.0008 5948 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:10:23.0020 5948 WebClient - ok
11:10:23.0044 5948 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:10:23.0062 5948 Wecsvc - ok
11:10:23.0080 5948 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:10:23.0082 5948 wercplsupport - ok
11:10:23.0096 5948 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:10:23.0098 5948 WerSvc - ok
11:10:23.0120 5948 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:10:23.0121 5948 WfpLwf - ok
11:10:23.0130 5948 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:10:23.0133 5948 WIMMount - ok
11:10:23.0193 5948 WinDefend - ok
11:10:23.0202 5948 WinHttpAutoProxySvc - ok
11:10:23.0289 5948 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:10:23.0291 5948 Winmgmt - ok
11:10:23.0400 5948 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:10:23.0439 5948 WinRM - ok
11:10:23.0549 5948 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
11:10:23.0550 5948 WinUsb - ok
11:10:23.0623 5948 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:10:23.0644 5948 Wlansvc - ok
11:10:23.0657 5948 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:10:23.0657 5948 WmiAcpi - ok
11:10:23.0714 5948 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:10:23.0715 5948 wmiApSrv - ok
11:10:23.0736 5948 WMPNetworkSvc - ok
11:10:23.0754 5948 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:10:23.0762 5948 WPCSvc - ok
11:10:23.0780 5948 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:10:23.0783 5948 WPDBusEnum - ok
11:10:23.0796 5948 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:10:23.0797 5948 ws2ifsl - ok
11:10:23.0825 5948 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
11:10:23.0828 5948 wscsvc - ok
11:10:23.0831 5948 WSearch - ok
11:10:23.0928 5948 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:10:23.0974 5948 wuauserv - ok
11:10:24.0084 5948 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:10:24.0085 5948 WudfPf - ok
11:10:24.0122 5948 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:10:24.0125 5948 WUDFRd - ok
11:10:24.0138 5948 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:10:24.0140 5948 wudfsvc - ok
11:10:24.0162 5948 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:10:24.0176 5948 WwanSvc - ok
11:10:24.0194 5948 XAudio (747006e7b4029efef3e975f1de09b4da) C:\Windows\system32\DRIVERS\ACFXAU64.sys
11:10:24.0194 5948 XAudio - ok
11:10:24.0261 5948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:10:24.0454 5948 \Device\Harddisk0\DR0 - ok
11:10:24.0458 5948 Boot (0x1200) (c31dd60c1bc76297f5a16d4a72e32134) \Device\Harddisk0\DR0\Partition0
11:10:24.0461 5948 \Device\Harddisk0\DR0\Partition0 - ok
11:10:24.0501 5948 Boot (0x1200) (68429d47dd82e501b85de767029b6ee4) \Device\Harddisk0\DR0\Partition1
11:10:24.0503 5948 \Device\Harddisk0\DR0\Partition1 - ok
11:10:24.0504 5948 ============================================================
11:10:24.0504 5948 Scan finished
11:10:24.0504 5948 ============================================================
11:10:24.0514 2836 Detected object count: 1
11:10:24.0514 2836 Actual detected object count: 1
11:11:36.0495 2836 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
11:11:36.0495 2836 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#9 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 13 July 2012 - 10:51 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-13 11:14:01
-----------------------------
11:14:01.611 OS Version: Windows x64 6.1.7600
11:14:01.611 Number of processors: 4 586 0x1707
11:14:01.612 ComputerName: KAMIL-PC UserName: Kamil
11:14:03.299 Initialize success
11:16:03.473 AVAST engine defs: 12071300
11:16:55.395 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:16:55.397 Disk 0 Vendor: ST375063 HP26 Size: 715404MB BusType: 8
11:16:55.406 Disk 0 MBR read successfully
11:16:55.409 Disk 0 MBR scan
11:16:55.414 Disk 0 Windows 7 default MBR code
11:16:55.416 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 701776 MB offset 63
11:16:55.462 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13625 MB offset 1437239160
11:16:55.512 Disk 0 scanning C:\Windows\system32\drivers
11:17:07.743 Service scanning
11:17:30.455 Modules scanning
11:17:30.462 Disk 0 trace - called modules:
11:17:30.488 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys hal.dll
11:17:30.492 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80098f9060]
11:17:30.498 3 CLASSPNP.SYS[fffff8800124d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007802050]
11:17:31.990 AVAST engine scan C:\Windows
11:17:34.657 AVAST engine scan C:\Windows\system32
11:20:40.767 AVAST engine scan C:\Windows\system32\drivers
11:21:09.547 AVAST engine scan C:\Users\Kamil
11:27:33.510 AVAST engine scan C:\ProgramData
11:35:23.192 Scan finished successfully
11:48:09.322 Disk 0 MBR has been saved successfully to "C:\Users\Kamil\Desktop\MBR.dat"
11:48:09.328 The log file has been saved successfully to "C:\Users\Kamil\Desktop\aswMBR.txt"

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 13 July 2012 - 01:28 PM

Your logs are clean we can continue.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.

Please post the logs for my review.

#11 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 13 July 2012 - 01:55 PM

Okay, I'll do that ASAP. Please check your private message from me - very important.

#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 14 July 2012 - 07:45 AM

Yes I did see you Personal message.

If by any chance the topic is closed all you have to do is PM me and I will reopen the topic.

#13 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 14 July 2012 - 11:35 AM

Okay, thank you. I'll do CcomboFix & Security Check later.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 20 July 2012 - 09:58 AM

Are you still with me?

#15 kkoz83

kkoz83
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 23 July 2012 - 09:23 AM

I'm back. Can I have a day or two to continue with your assistance?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users