Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adobe and google redirect issue


  • This topic is locked This topic is locked
4 replies to this topic

#1 Kris5711

Kris5711

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 20 July 2012 - 01:40 PM

Hi, I'm having the same issue as described here: http://www.bleepingcomputer.com/forums/topic459767.html.

Adobe Flash Player Installer is popping up every 10 minutes and sites are being redirected to random ads. Originally, I had the Live Platinum thing coming up all the time, but I managed to either stop it or get rid of it (if its not the same virus).

I tried to use Norton, but when I tried to download Norton Power Eraser, it said it could not finish/fix the problem. I've downloaded Malwarebytes and it finds a virus, but I'm not sure if its the same one b/c the Adobe thing is still popping up. I'm not sure how to resolve this.

I've done the minitoolbox and TDSSkiller, but don't know what I'm looking for and it didn't kill anything!

Any help would be greatly appreciated!

Thanks!

Hi, I just read the prep guide, so I'm going to attach my DDS logs for you. GMER didn't work for me b/c the sections you need me to check are grayed out.

Thanks!

Do you need me to attach the attach file? For some reason, I can't find the attachment function.

DDS logs

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Home at 15:26:18 on 2012-07-20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1979.389 [GMT -4:00]
.
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Spybot - Search & Destroy *Disabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Home\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Special Savings: {74f475fa-6c75-43bd-aab9-ecda6184f600} - C:\Program Files (x86)\Superfish\Special Savings\SpecialSavings.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [fsm]
uRun: [Spotify Web Helper] "C:\Users\Home\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [TaskTray]
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Special Savings\SpecialSavings.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
LSP: mswsock.dll
Trusted Zone: viprasys.org\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AC3105BC-22CC-4CDC-809E-ABF6DB4995BD} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AC3105BC-22CC-4CDC-809E-ABF6DB4995BD}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-X64: StartNow Toolbar Helper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: Special Savings: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Special Savings\SpecialSavings.dll
BHO-X64: Special Savings - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
BHO-X64: Searchqu Toolbar - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [TaskTray]
mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\9t20omm5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\9t20omm5.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 SMR300;Symantec SMR Utility Service 3.0.0;C:\Windows\system32\drivers\SMR300.SYS --> C:\Windows\system32\drivers\SMR300.SYS [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-7-11 1161376]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys --> C:\Windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120719.002\IDSviA64.sys [2012-7-19 509088]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS --> C:\Windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NAVx64\1307010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\NAVx64\1307010.005\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-20 655944]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccsvchst.exe [2012-7-20 138232]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-7-20 138912]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-10 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-10 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-10 113120]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-1 228408]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S4 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2010-6-24 341296]
.
=============== Created Last 30 ================
.
2012-07-20 15:38:37 451192 ----a-r- C:\Windows\System32\drivers\NAVx64\1307010.005\symds64.sys
2012-07-20 15:38:37 405624 ----a-w- C:\Windows\System32\drivers\NAVx64\1307010.005\symnets.sys
2012-07-20 15:38:37 1092728 ----a-w- C:\Windows\System32\drivers\NAVx64\1307010.005\symefa64.sys
2012-07-20 15:38:36 737912 ----a-w- C:\Windows\System32\drivers\NAVx64\1307010.005\srtsp64.sys
2012-07-20 15:38:36 37496 ----a-w- C:\Windows\System32\drivers\NAVx64\1307010.005\srtspx64.sys
2012-07-20 15:38:36 190072 ----a-w- C:\Windows\System32\drivers\NAVx64\1307010.005\ironx64.sys
2012-07-20 15:38:36 167048 ----a-w- C:\Windows\System32\drivers\NAVx64\1307010.005\ccsetx64.sys
2012-07-20 15:38:28 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1307010.005
2012-07-20 15:09:57 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-07-20 15:06:09 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-07-20 15:04:02 -------- d-----w- C:\Program Files (x86)\Norton AntiVirus
2012-07-20 07:02:45 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-20 07:02:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-19 02:46:20 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-07-19 02:45:58 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-07-19 02:45:58 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-07-19 02:45:33 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64\0500000.05A
2012-07-19 02:45:33 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64
2012-07-19 02:45:30 -------- d-----w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2012-07-19 01:43:01 96376 ----a-w- C:\Windows\System32\drivers\SMR300.SYS
2012-07-19 01:42:47 -------- d-----w- C:\Users\Home\AppData\Local\NPE
2012-07-16 17:29:57 -------- d-----w- C:\Users\Home\AppData\Roaming\Malwarebytes
2012-07-16 17:29:44 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-16 02:58:08 -------- d-----w- C:\ProgramData\781287A80008976902979529E56C34C7
2012-07-16 02:28:54 -------- d-----w- C:\ProgramData\781287A800089769029795294F147CE7
2012-07-13 09:34:51 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22DFB250-5CB4-4017-B05D-EF4FF9717106}\mpengine.dll
2012-07-12 07:59:33 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-06-22 05:05:17 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 05:04:54 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 05:04:13 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 05:04:13 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 10:52:22 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:08:16 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08:15 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:59:45 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:59:45 1460224 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 05:59:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 04:47:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:47:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-24 04:47:03 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll
.
============= FINISH: 15:29:39.75 ===============

*moved from Am I Infected to Malware Removal Logs. DDS Logs are not allowed in any other forum. Post with log merged into the original post ~ Queen-Evie*

Edited by Queen-Evie, 20 July 2012 - 03:14 PM.


BC AdBot (Login to Remove)

 


#2 Kris5711

Kris5711
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 20 July 2012 - 07:34 PM

TDSSkiller logs

02:57:05.0699 3684 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
02:57:06.0100 3684 ============================================================
02:57:06.0100 3684 Current date / time: 2012/07/20 02:57:06.0100
02:57:06.0100 3684 SystemInfo:
02:57:06.0100 3684
02:57:06.0100 3684 OS Version: 6.1.7600 ServicePack: 0.0
02:57:06.0100 3684 Product type: Workstation
02:57:06.0101 3684 ComputerName: HOME-PC
02:57:06.0102 3684 UserName: Home
02:57:06.0102 3684 Windows directory: C:\Windows
02:57:06.0102 3684 System windows directory: C:\Windows
02:57:06.0102 3684 Running under WOW64
02:57:06.0102 3684 Processor architecture: Intel x64
02:57:06.0102 3684 Number of processors: 1
02:57:06.0102 3684 Page size: 0x1000
02:57:06.0102 3684 Boot type: Normal boot
02:57:06.0102 3684 ============================================================
02:57:10.0065 3684 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x13B718, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x6, Type 'K0', Flags 0x00000040
02:57:10.0161 3684 ============================================================
02:57:10.0161 3684 \Device\Harddisk0\DR0:
02:57:10.0161 3684 MBR partitions:
02:57:10.0162 3684 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
02:57:10.0162 3684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B8CC000
02:57:10.0162 3684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B930000, BlocksNum 0x1895000
02:57:10.0162 3684 ============================================================
02:57:10.0200 3684 C: <-> \Device\Harddisk0\DR0\Partition1
02:57:10.0259 3684 D: <-> \Device\Harddisk0\DR0\Partition2
02:57:10.0362 3684 ============================================================
02:57:10.0362 3684 Initialize success
02:57:10.0362 3684 ============================================================
02:57:14.0310 4068 ============================================================
02:57:14.0310 4068 Scan started
02:57:14.0310 4068 Mode: Manual;
02:57:14.0311 4068 ============================================================
02:57:17.0643 4068 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
02:57:17.0662 4068 1394ohci - ok
02:57:17.0714 4068 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
02:57:17.0743 4068 ACPI - ok
02:57:17.0779 4068 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
02:57:17.0799 4068 AcpiPmi - ok
02:57:17.0876 4068 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:57:17.0884 4068 adp94xx - ok
02:57:18.0016 4068 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:57:18.0042 4068 adpahci - ok
02:57:18.0071 4068 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:57:18.0077 4068 adpu320 - ok
02:57:18.0118 4068 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:57:18.0119 4068 AeLookupSvc - ok
02:57:18.0205 4068 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
02:57:18.0226 4068 AFD - ok
02:57:18.0456 4068 AffinegyService (b29bc445561f1ac7b1daf67af954c36b) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
02:57:18.0463 4068 AffinegyService - ok
02:57:18.0498 4068 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
02:57:18.0501 4068 agp440 - ok
02:57:18.0539 4068 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:57:18.0563 4068 ALG - ok
02:57:18.0597 4068 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
02:57:18.0599 4068 aliide - ok
02:57:18.0621 4068 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
02:57:18.0623 4068 amdide - ok
02:57:18.0666 4068 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:57:18.0720 4068 AmdK8 - ok
02:57:18.0777 4068 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:57:18.0783 4068 AmdPPM - ok
02:57:18.0818 4068 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
02:57:18.0841 4068 amdsata - ok
02:57:18.0888 4068 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:57:18.0907 4068 amdsbs - ok
02:57:18.0933 4068 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
02:57:18.0951 4068 amdxata - ok
02:57:19.0105 4068 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
02:57:19.0122 4068 AppID - ok
02:57:19.0152 4068 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:57:19.0169 4068 AppIDSvc - ok
02:57:19.0211 4068 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
02:57:19.0218 4068 Appinfo - ok
02:57:19.0265 4068 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:57:19.0278 4068 arc - ok
02:57:19.0372 4068 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:57:19.0375 4068 arcsas - ok
02:57:19.0481 4068 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:57:19.0490 4068 AsyncMac - ok
02:57:19.0520 4068 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
02:57:19.0521 4068 atapi - ok
02:57:19.0738 4068 athr (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
02:57:19.0792 4068 athr - ok
02:57:19.0926 4068 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
02:57:19.0935 4068 AudioEndpointBuilder - ok
02:57:19.0950 4068 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
02:57:19.0958 4068 AudioSrv - ok
02:57:19.0992 4068 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
02:57:20.0010 4068 AxInstSV - ok
02:57:20.0082 4068 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:57:20.0091 4068 b06bdrv - ok
02:57:20.0160 4068 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:57:20.0166 4068 b57nd60a - ok
02:57:20.0233 4068 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:57:20.0250 4068 BDESVC - ok
02:57:20.0290 4068 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:57:20.0309 4068 Beep - ok
02:57:20.0725 4068 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
02:57:20.0865 4068 BHDrvx64 - ok
02:57:20.0974 4068 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
02:57:21.0065 4068 BITS - ok
02:57:21.0123 4068 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:57:21.0140 4068 blbdrive - ok
02:57:21.0187 4068 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
02:57:21.0205 4068 bowser - ok
02:57:21.0235 4068 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:57:21.0266 4068 BrFiltLo - ok
02:57:21.0333 4068 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:57:21.0335 4068 BrFiltUp - ok
02:57:21.0388 4068 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
02:57:21.0402 4068 Browser - ok
02:57:21.0458 4068 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:57:21.0465 4068 Brserid - ok
02:57:21.0484 4068 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:57:21.0487 4068 BrSerWdm - ok
02:57:21.0511 4068 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:57:21.0533 4068 BrUsbMdm - ok
02:57:21.0556 4068 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:57:21.0557 4068 BrUsbSer - ok
02:57:21.0593 4068 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:57:21.0595 4068 BTHMODEM - ok
02:57:21.0666 4068 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:57:21.0684 4068 bthserv - ok
02:57:21.0739 4068 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
02:57:21.0757 4068 CAXHWAZL - ok
02:57:21.0856 4068 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys
02:57:21.0869 4068 ccSet_NAV - ok
02:57:21.0905 4068 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:57:21.0907 4068 cdfs - ok
02:57:22.0057 4068 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
02:57:22.0090 4068 cdrom - ok
02:57:22.0135 4068 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
02:57:22.0138 4068 CertPropSvc - ok
02:57:22.0170 4068 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:57:22.0173 4068 circlass - ok
02:57:22.0214 4068 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:57:22.0220 4068 CLFS - ok
02:57:22.0292 4068 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:57:22.0306 4068 clr_optimization_v2.0.50727_32 - ok
02:57:22.0446 4068 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:57:22.0461 4068 clr_optimization_v2.0.50727_64 - ok
02:57:22.0567 4068 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:57:22.0630 4068 clr_optimization_v4.0.30319_32 - ok
02:57:22.0679 4068 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:57:22.0709 4068 clr_optimization_v4.0.30319_64 - ok
02:57:22.0779 4068 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:57:22.0781 4068 CmBatt - ok
02:57:22.0801 4068 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
02:57:22.0802 4068 cmdide - ok
02:57:22.0870 4068 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
02:57:22.0877 4068 CNG - ok
02:57:22.0938 4068 CnxtHdAudService (3cb10294f7a59fd22501f4bad915f250) C:\Windows\system32\drivers\CHDRT64.sys
02:57:22.0961 4068 CnxtHdAudService - ok
02:57:23.0291 4068 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
02:57:23.0327 4068 Com4QLBEx - ok
02:57:23.0380 4068 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:57:23.0382 4068 Compbatt - ok
02:57:23.0412 4068 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
02:57:23.0414 4068 CompositeBus - ok
02:57:23.0436 4068 COMSysApp - ok
02:57:23.0495 4068 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:57:23.0497 4068 crcdisk - ok
02:57:23.0567 4068 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
02:57:23.0570 4068 CryptSvc - ok
02:57:23.0623 4068 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
02:57:23.0633 4068 DcomLaunch - ok
02:57:23.0670 4068 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:57:23.0675 4068 defragsvc - ok
02:57:23.0733 4068 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
02:57:23.0758 4068 DfsC - ok
02:57:23.0855 4068 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
02:57:23.0894 4068 Dhcp - ok
02:57:23.0931 4068 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:57:23.0951 4068 discache - ok
02:57:24.0019 4068 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:57:24.0037 4068 Disk - ok
02:57:24.0093 4068 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
02:57:24.0123 4068 Dnscache - ok
02:57:24.0205 4068 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
02:57:24.0227 4068 dot3svc - ok
02:57:24.0257 4068 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
02:57:24.0260 4068 DPS - ok
02:57:24.0310 4068 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:57:24.0311 4068 drmkaud - ok
02:57:24.0391 4068 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
02:57:24.0415 4068 DXGKrnl - ok
02:57:24.0454 4068 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:57:24.0457 4068 EapHost - ok
02:57:24.0686 4068 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:57:24.0771 4068 ebdrv - ok
02:57:24.0868 4068 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
02:57:24.0874 4068 eeCtrl - ok
02:57:25.0066 4068 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
02:57:25.0067 4068 EFS - ok
02:57:25.0168 4068 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
02:57:25.0203 4068 ehRecvr - ok
02:57:25.0241 4068 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:57:25.0260 4068 ehSched - ok
02:57:25.0394 4068 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:57:25.0430 4068 elxstor - ok
02:57:25.0538 4068 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:57:25.0726 4068 EraserUtilRebootDrv - ok
02:57:25.0760 4068 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
02:57:25.0762 4068 ErrDev - ok
02:57:25.0818 4068 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:57:25.0895 4068 EventSystem - ok
02:57:25.0940 4068 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:57:25.0946 4068 exfat - ok
02:57:25.0977 4068 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:57:25.0981 4068 fastfat - ok
02:57:26.0112 4068 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
02:57:26.0130 4068 Fax - ok
02:57:26.0165 4068 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:57:26.0167 4068 fdc - ok
02:57:26.0205 4068 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:57:26.0225 4068 fdPHost - ok
02:57:26.0250 4068 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:57:26.0253 4068 FDResPub - ok
02:57:26.0283 4068 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:57:26.0286 4068 FileInfo - ok
02:57:26.0307 4068 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:57:26.0309 4068 Filetrace - ok
02:57:26.0342 4068 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:57:26.0348 4068 flpydisk - ok
02:57:26.0470 4068 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
02:57:26.0473 4068 FltMgr - ok
02:57:26.0560 4068 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
02:57:26.0597 4068 FontCache - ok
02:57:26.0679 4068 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:57:26.0694 4068 FontCache3.0.0.0 - ok
02:57:26.0742 4068 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:57:26.0744 4068 FsDepends - ok
02:57:26.0801 4068 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
02:57:26.0837 4068 Fs_Rec - ok
02:57:26.0911 4068 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:57:26.0953 4068 fvevol - ok
02:57:26.0999 4068 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:57:27.0002 4068 gagp30kx - ok
02:57:27.0088 4068 GameConsoleService (551d463e4cceb5240234da6718c93a44) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
02:57:27.0115 4068 GameConsoleService - ok
02:57:27.0213 4068 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:57:27.0227 4068 GEARAspiWDM - ok
02:57:27.0301 4068 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
02:57:27.0334 4068 gpsvc - ok
02:57:27.0404 4068 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:57:27.0406 4068 gupdate - ok
02:57:27.0443 4068 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:57:27.0444 4068 gupdatem - ok
02:57:27.0472 4068 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:57:27.0500 4068 hcw85cir - ok
02:57:27.0619 4068 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
02:57:27.0639 4068 HdAudAddService - ok
02:57:27.0673 4068 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:57:27.0676 4068 HDAudBus - ok
02:57:27.0696 4068 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:57:27.0698 4068 HidBatt - ok
02:57:27.0738 4068 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:57:27.0741 4068 HidBth - ok
02:57:27.0761 4068 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:57:27.0780 4068 HidIr - ok
02:57:27.0813 4068 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
02:57:27.0815 4068 hidserv - ok
02:57:27.0875 4068 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
02:57:27.0877 4068 HidUsb - ok
02:57:27.0910 4068 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
02:57:27.0964 4068 hkmsvc - ok
02:57:28.0001 4068 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
02:57:28.0020 4068 HomeGroupListener - ok
02:57:28.0066 4068 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
02:57:28.0070 4068 HomeGroupProvider - ok
02:57:28.0205 4068 HP Health Check Service (45a12cacb97b4f15858fcfd59355a1e9) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
02:57:28.0213 4068 HP Health Check Service - ok
02:57:28.0330 4068 HPDrvMntSvc.exe (f55442690a70a0278a7eed4faaebf576) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
02:57:28.0349 4068 HPDrvMntSvc.exe - ok
02:57:28.0394 4068 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
02:57:28.0396 4068 HpqKbFiltr - ok
02:57:28.0456 4068 hpqwmiex (640e51db253265c3eac075866b3d2b33) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
02:57:28.0473 4068 hpqwmiex - ok
02:57:28.0525 4068 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
02:57:28.0528 4068 HpSAMD - ok
02:57:28.0657 4068 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
02:57:28.0665 4068 HsfXAudioService - ok
02:57:28.0743 4068 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
02:57:28.0761 4068 HSF_DPV - ok
02:57:28.0877 4068 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
02:57:28.0892 4068 HTTP - ok
02:57:28.0923 4068 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
02:57:28.0925 4068 hwpolicy - ok
02:57:28.0976 4068 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
02:57:28.0979 4068 i8042prt - ok
02:57:29.0045 4068 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
02:57:29.0054 4068 iaStorV - ok
02:57:29.0176 4068 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
02:57:29.0206 4068 IDriverT - ok
02:57:29.0331 4068 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:57:29.0353 4068 idsvc - ok
02:57:29.0615 4068 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120719.002\IDSvia64.sys
02:57:29.0688 4068 IDSVia64 - ok
02:57:30.0223 4068 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
02:57:30.0431 4068 igfx - ok
02:57:30.0552 4068 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:57:30.0555 4068 iirsp - ok
02:57:30.0635 4068 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
02:57:30.0648 4068 IKEEXT - ok
02:57:30.0677 4068 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
02:57:30.0679 4068 intelide - ok
02:57:30.0723 4068 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:57:30.0727 4068 intelppm - ok
02:57:30.0748 4068 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:57:30.0768 4068 IPBusEnum - ok
02:57:30.0834 4068 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:57:30.0847 4068 IpFilterDriver - ok
02:57:30.0898 4068 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
02:57:30.0911 4068 IPMIDRV - ok
02:57:30.0949 4068 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:57:30.0952 4068 IPNAT - ok
02:57:30.0979 4068 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:57:30.0981 4068 IRENUM - ok
02:57:31.0002 4068 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
02:57:31.0015 4068 isapnp - ok
02:57:31.0049 4068 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
02:57:31.0053 4068 iScsiPrt - ok
02:57:31.0084 4068 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:57:31.0087 4068 kbdclass - ok
02:57:31.0113 4068 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
02:57:31.0115 4068 kbdhid - ok
02:57:31.0155 4068 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
02:57:31.0156 4068 KeyIso - ok
02:57:31.0235 4068 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
02:57:31.0264 4068 KSecDD - ok
02:57:31.0289 4068 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
02:57:31.0315 4068 KSecPkg - ok
02:57:31.0373 4068 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:57:31.0375 4068 ksthunk - ok
02:57:31.0443 4068 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:57:31.0459 4068 KtmRm - ok
02:57:31.0537 4068 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
02:57:31.0542 4068 LanmanServer - ok
02:57:31.0654 4068 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
02:57:31.0678 4068 LanmanWorkstation - ok
02:57:31.0734 4068 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:57:31.0737 4068 lltdio - ok
02:57:31.0791 4068 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:57:31.0796 4068 lltdsvc - ok
02:57:31.0836 4068 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:57:31.0865 4068 lmhosts - ok
02:57:31.0945 4068 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:57:31.0948 4068 LSI_FC - ok
02:57:32.0008 4068 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:57:32.0011 4068 LSI_SAS - ok
02:57:32.0065 4068 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:57:32.0070 4068 LSI_SAS2 - ok
02:57:32.0116 4068 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:57:32.0140 4068 LSI_SCSI - ok
02:57:32.0179 4068 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:57:32.0199 4068 luafv - ok
02:57:32.0308 4068 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
02:57:32.0335 4068 McComponentHostService - ok
02:57:32.0374 4068 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
02:57:32.0390 4068 Mcx2Svc - ok
02:57:32.0467 4068 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
02:57:32.0469 4068 mdmxsdk - ok
02:57:32.0555 4068 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:57:32.0556 4068 megasas - ok
02:57:32.0620 4068 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:57:32.0637 4068 MegaSR - ok
02:57:32.0713 4068 Microsoft SharePoint Workspace Audit Service - ok
02:57:32.0760 4068 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:57:32.0762 4068 MMCSS - ok
02:57:32.0829 4068 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:57:32.0831 4068 Modem - ok
02:57:32.0868 4068 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:57:32.0870 4068 monitor - ok
02:57:32.0909 4068 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:57:32.0911 4068 mouclass - ok
02:57:32.0938 4068 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:57:32.0967 4068 mouhid - ok
02:57:33.0083 4068 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
02:57:33.0095 4068 mountmgr - ok
02:57:33.0173 4068 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:57:33.0212 4068 MozillaMaintenance - ok
02:57:33.0270 4068 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
02:57:33.0273 4068 mpio - ok
02:57:33.0326 4068 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:57:33.0341 4068 mpsdrv - ok
02:57:33.0375 4068 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
02:57:33.0381 4068 MRxDAV - ok
02:57:33.0434 4068 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:57:33.0458 4068 mrxsmb - ok
02:57:33.0607 4068 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:57:33.0622 4068 mrxsmb10 - ok
02:57:33.0681 4068 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:57:33.0712 4068 mrxsmb20 - ok
02:57:33.0749 4068 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
02:57:33.0751 4068 msahci - ok
02:57:33.0803 4068 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
02:57:33.0806 4068 msdsm - ok
02:57:33.0884 4068 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:57:33.0888 4068 MSDTC - ok
02:57:33.0984 4068 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:57:33.0986 4068 Msfs - ok
02:57:34.0007 4068 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:57:34.0009 4068 mshidkmdf - ok
02:57:34.0028 4068 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
02:57:34.0030 4068 msisadrv - ok
02:57:34.0090 4068 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:57:34.0103 4068 MSiSCSI - ok
02:57:34.0118 4068 msiserver - ok
02:57:34.0155 4068 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:57:34.0157 4068 MSKSSRV - ok
02:57:34.0170 4068 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:57:34.0172 4068 MSPCLOCK - ok
02:57:34.0185 4068 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:57:34.0197 4068 MSPQM - ok
02:57:34.0205 4068 Scan interrupted by user!
02:57:34.0205 4068 Scan interrupted by user!
02:57:34.0205 4068 Scan interrupted by user!
02:57:34.0205 4068 ============================================================
02:57:34.0205 4068 Scan finished
02:57:34.0205 4068 ============================================================
02:57:34.0224 3968 Detected object count: 0
02:57:34.0224 3968 Actual detected object count: 0
02:57:54.0039 3824 ============================================================
02:57:54.0039 3824 Scan started
02:57:54.0039 3824 Mode: Manual; TDLFS;
02:57:54.0039 3824 ============================================================
02:57:54.0650 3824 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
02:57:54.0652 3824 1394ohci - ok
02:57:54.0697 3824 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
02:57:54.0700 3824 ACPI - ok
02:57:54.0768 3824 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
02:57:54.0768 3824 AcpiPmi - ok
02:57:54.0836 3824 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:57:54.0841 3824 adp94xx - ok
02:57:54.0914 3824 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:57:54.0917 3824 adpahci - ok
02:57:54.0991 3824 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:57:54.0992 3824 adpu320 - ok
02:57:55.0029 3824 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:57:55.0030 3824 AeLookupSvc - ok
02:57:55.0166 3824 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
02:57:55.0170 3824 AFD - ok
02:57:55.0327 3824 AffinegyService (b29bc445561f1ac7b1daf67af954c36b) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
02:57:55.0331 3824 AffinegyService - ok
02:57:55.0409 3824 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
02:57:55.0410 3824 agp440 - ok
02:57:55.0450 3824 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:57:55.0451 3824 ALG - ok
02:57:55.0501 3824 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
02:57:55.0502 3824 aliide - ok
02:57:55.0551 3824 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
02:57:55.0551 3824 amdide - ok
02:57:55.0608 3824 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:57:55.0608 3824 AmdK8 - ok
02:57:55.0659 3824 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:57:55.0660 3824 AmdPPM - ok
02:57:55.0704 3824 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
02:57:55.0705 3824 amdsata - ok
02:57:55.0770 3824 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:57:55.0771 3824 amdsbs - ok
02:57:55.0803 3824 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
02:57:55.0803 3824 amdxata - ok
02:57:55.0874 3824 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
02:57:55.0875 3824 AppID - ok
02:57:55.0922 3824 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:57:55.0923 3824 AppIDSvc - ok
02:57:55.0969 3824 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
02:57:55.0970 3824 Appinfo - ok
02:57:56.0002 3824 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:57:56.0004 3824 arc - ok
02:57:56.0038 3824 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:57:56.0039 3824 arcsas - ok
02:57:56.0060 3824 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:57:56.0061 3824 AsyncMac - ok
02:57:56.0118 3824 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
02:57:56.0118 3824 atapi - ok
02:57:56.0533 3824 athr (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
02:57:56.0549 3824 athr - ok
02:57:56.0893 3824 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
02:57:56.0898 3824 AudioEndpointBuilder - ok
02:57:56.0911 3824 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
02:57:56.0915 3824 AudioSrv - ok
02:57:56.0942 3824 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
02:57:56.0943 3824 AxInstSV - ok
02:57:57.0048 3824 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:57:57.0051 3824 b06bdrv - ok
02:57:57.0101 3824 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:57:57.0104 3824 b57nd60a - ok
02:57:57.0137 3824 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:57:57.0138 3824 BDESVC - ok
02:57:57.0159 3824 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:57:57.0160 3824 Beep - ok
02:57:57.0561 3824 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
02:57:57.0569 3824 BHDrvx64 - ok
02:57:57.0760 3824 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
02:57:57.0806 3824 BITS - ok
02:57:57.0863 3824 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:57:57.0864 3824 blbdrive - ok
02:57:57.0907 3824 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
02:57:57.0909 3824 bowser - ok
02:57:57.0938 3824 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:57:57.0939 3824 BrFiltLo - ok
02:57:57.0954 3824 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:57:57.0955 3824 BrFiltUp - ok
02:57:57.0991 3824 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
02:57:57.0993 3824 Browser - ok
02:57:58.0036 3824 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:57:58.0038 3824 Brserid - ok
02:57:58.0131 3824 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:57:58.0132 3824 BrSerWdm - ok
02:57:58.0164 3824 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:57:58.0165 3824 BrUsbMdm - ok
02:57:58.0184 3824 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:57:58.0184 3824 BrUsbSer - ok
02:57:58.0212 3824 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:57:58.0213 3824 BTHMODEM - ok
02:57:58.0246 3824 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:57:58.0247 3824 bthserv - ok
02:57:58.0297 3824 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
02:57:58.0299 3824 CAXHWAZL - ok
02:57:58.0388 3824 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys
02:57:58.0390 3824 ccSet_NAV - ok
02:57:58.0502 3824 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:57:58.0503 3824 cdfs - ok
02:57:58.0536 3824 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
02:57:58.0537 3824 cdrom - ok
02:57:58.0572 3824 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
02:57:58.0573 3824 CertPropSvc - ok
02:57:58.0595 3824 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:57:58.0597 3824 circlass - ok
02:57:58.0717 3824 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:57:58.0720 3824 CLFS - ok
02:57:58.0823 3824 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:57:58.0824 3824 clr_optimization_v2.0.50727_32 - ok
02:57:58.0873 3824 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:57:58.0874 3824 clr_optimization_v2.0.50727_64 - ok
02:57:58.0963 3824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:57:58.0964 3824 clr_optimization_v4.0.30319_32 - ok
02:57:59.0015 3824 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:57:59.0017 3824 clr_optimization_v4.0.30319_64 - ok
02:57:59.0055 3824 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:57:59.0056 3824 CmBatt - ok
02:57:59.0071 3824 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
02:57:59.0071 3824 cmdide - ok
02:57:59.0152 3824 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
02:57:59.0155 3824 CNG - ok
02:57:59.0288 3824 CnxtHdAudService (3cb10294f7a59fd22501f4bad915f250) C:\Windows\system32\drivers\CHDRT64.sys
02:57:59.0293 3824 CnxtHdAudService - ok
02:57:59.0440 3824 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
02:57:59.0442 3824 Com4QLBEx - ok
02:57:59.0480 3824 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:57:59.0481 3824 Compbatt - ok
02:57:59.0506 3824 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
02:57:59.0507 3824 CompositeBus - ok
02:57:59.0517 3824 COMSysApp - ok
02:57:59.0538 3824 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:57:59.0539 3824 crcdisk - ok
02:57:59.0608 3824 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
02:57:59.0610 3824 CryptSvc - ok
02:57:59.0753 3824 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
02:57:59.0757 3824 DcomLaunch - ok
02:57:59.0834 3824 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:57:59.0837 3824 defragsvc - ok
02:57:59.0878 3824 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
02:57:59.0879 3824 DfsC - ok
02:57:59.0928 3824 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
02:57:59.0931 3824 Dhcp - ok
02:58:00.0010 3824 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:58:00.0011 3824 discache - ok
02:58:00.0064 3824 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:58:00.0065 3824 Disk - ok
02:58:00.0112 3824 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
02:58:00.0114 3824 Dnscache - ok
02:58:00.0207 3824 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
02:58:00.0209 3824 dot3svc - ok
02:58:00.0231 3824 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
02:58:00.0232 3824 DPS - ok
02:58:00.0254 3824 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:58:00.0255 3824 drmkaud - ok
02:58:00.0335 3824 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
02:58:00.0342 3824 DXGKrnl - ok
02:58:00.0365 3824 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:58:00.0367 3824 EapHost - ok
02:58:00.0597 3824 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:58:00.0619 3824 ebdrv - ok
02:58:00.0702 3824 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
02:58:00.0705 3824 eeCtrl - ok
02:58:00.0832 3824 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
02:58:00.0833 3824 EFS - ok
02:58:00.0918 3824 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
02:58:00.0922 3824 ehRecvr - ok
02:58:00.0950 3824 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:58:00.0951 3824 ehSched - ok
02:58:00.0999 3824 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:58:01.0003 3824 elxstor - ok
02:58:01.0091 3824 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:58:01.0092 3824 EraserUtilRebootDrv - ok
02:58:01.0162 3824 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
02:58:01.0163 3824 ErrDev - ok
02:58:01.0219 3824 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:58:01.0245 3824 EventSystem - ok
02:58:01.0289 3824 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:58:01.0291 3824 exfat - ok
02:58:01.0337 3824 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:58:01.0339 3824 fastfat - ok
02:58:01.0383 3824 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
02:58:01.0388 3824 Fax - ok
02:58:01.0418 3824 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:58:01.0419 3824 fdc - ok
02:58:01.0442 3824 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:58:01.0443 3824 fdPHost - ok
02:58:01.0461 3824 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:58:01.0462 3824 FDResPub - ok
02:58:01.0568 3824 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:58:01.0569 3824 FileInfo - ok
02:58:01.0585 3824 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:58:01.0586 3824 Filetrace - ok
02:58:01.0620 3824 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:58:01.0621 3824 flpydisk - ok
02:58:01.0661 3824 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
02:58:01.0663 3824 FltMgr - ok
02:58:01.0750 3824 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
02:58:01.0758 3824 FontCache - ok
02:58:01.0824 3824 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:58:01.0825 3824 FontCache3.0.0.0 - ok
02:58:01.0916 3824 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:58:01.0916 3824 FsDepends - ok
02:58:02.0039 3824 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
02:58:02.0040 3824 Fs_Rec - ok
02:58:02.0107 3824 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:58:02.0108 3824 fvevol - ok
02:58:02.0148 3824 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:58:02.0149 3824 gagp30kx - ok
02:58:02.0256 3824 GameConsoleService (551d463e4cceb5240234da6718c93a44) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
02:58:02.0258 3824 GameConsoleService - ok
02:58:02.0305 3824 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:58:02.0306 3824 GEARAspiWDM - ok
02:58:02.0441 3824 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
02:58:02.0447 3824 gpsvc - ok
02:58:02.0482 3824 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:58:02.0483 3824 gupdate - ok
02:58:02.0489 3824 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:58:02.0491 3824 gupdatem - ok
02:58:02.0545 3824 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:58:02.0546 3824 hcw85cir - ok
02:58:02.0632 3824 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
02:58:02.0634 3824 HdAudAddService - ok
02:58:02.0672 3824 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:58:02.0674 3824 HDAudBus - ok
02:58:02.0691 3824 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:58:02.0692 3824 HidBatt - ok
02:58:02.0716 3824 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:58:02.0717 3824 HidBth - ok
02:58:02.0739 3824 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:58:02.0741 3824 HidIr - ok
02:58:02.0766 3824 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
02:58:02.0767 3824 hidserv - ok
02:58:02.0793 3824 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
02:58:02.0794 3824 HidUsb - ok
02:58:02.0829 3824 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
02:58:02.0830 3824 hkmsvc - ok
02:58:02.0855 3824 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
02:58:02.0857 3824 HomeGroupListener - ok
02:58:02.0895 3824 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
02:58:02.0898 3824 HomeGroupProvider - ok
02:58:03.0010 3824 HP Health Check Service (45a12cacb97b4f15858fcfd59355a1e9) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
02:58:03.0011 3824 HP Health Check Service - ok
02:58:03.0074 3824 HPDrvMntSvc.exe (f55442690a70a0278a7eed4faaebf576) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
02:58:03.0075 3824 HPDrvMntSvc.exe - ok
02:58:03.0088 3824 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
02:58:03.0089 3824 HpqKbFiltr - ok
02:58:03.0171 3824 hpqwmiex (640e51db253265c3eac075866b3d2b33) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
02:58:03.0177 3824 hpqwmiex - ok
02:58:03.0218 3824 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
02:58:03.0219 3824 HpSAMD - ok
02:58:03.0313 3824 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
02:58:03.0317 3824 HsfXAudioService - ok
02:58:03.0430 3824 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
02:58:03.0440 3824 HSF_DPV - ok
02:58:03.0561 3824 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
02:58:03.0566 3824 HTTP - ok
02:58:03.0584 3824 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
02:58:03.0584 3824 hwpolicy - ok
02:58:03.0629 3824 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
02:58:03.0630 3824 i8042prt - ok
02:58:03.0682 3824 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
02:58:03.0685 3824 iaStorV - ok
02:58:03.0763 3824 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
02:58:03.0764 3824 IDriverT - ok
02:58:03.0898 3824 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:58:03.0904 3824 idsvc - ok
02:58:04.0256 3824 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120719.002\IDSvia64.sys
02:58:04.0259 3824 IDSVia64 - ok
02:58:04.0982 3824 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
02:58:05.0054 3824 igfx - ok
02:58:05.0222 3824 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:58:05.0223 3824 iirsp - ok
02:58:05.0287 3824 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
02:58:05.0294 3824 IKEEXT - ok
02:58:05.0322 3824 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
02:58:05.0323 3824 intelide - ok
02:58:05.0368 3824 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:58:05.0369 3824 intelppm - ok
02:58:05.0402 3824 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:58:05.0403 3824 IPBusEnum - ok
02:58:05.0440 3824 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:58:05.0441 3824 IpFilterDriver - ok
02:58:05.0558 3824 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
02:58:05.0559 3824 IPMIDRV - ok
02:58:05.0586 3824 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:58:05.0587 3824 IPNAT - ok
02:58:05.0615 3824 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:58:05.0616 3824 IRENUM - ok
02:58:05.0641 3824 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
02:58:05.0642 3824 isapnp - ok
02:58:05.0675 3824 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
02:58:05.0678 3824 iScsiPrt - ok
02:58:05.0729 3824 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:58:05.0729 3824 kbdclass - ok
02:58:05.0765 3824 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
02:58:05.0766 3824 kbdhid - ok
02:58:05.0849 3824 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
02:58:05.0850 3824 KeyIso - ok
02:58:05.0939 3824 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
02:58:05.0940 3824 KSecDD - ok
02:58:05.0985 3824 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
02:58:05.0986 3824 KSecPkg - ok
02:58:06.0026 3824 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:58:06.0027 3824 ksthunk - ok
02:58:06.0108 3824 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:58:06.0123 3824 KtmRm - ok
02:58:06.0166 3824 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
02:58:06.0169 3824 LanmanServer - ok
02:58:06.0201 3824 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
02:58:06.0204 3824 LanmanWorkstation - ok
02:58:06.0229 3824 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:58:06.0230 3824 lltdio - ok
02:58:06.0281 3824 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:58:06.0286 3824 lltdsvc - ok
02:58:06.0311 3824 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:58:06.0312 3824 lmhosts - ok
02:58:06.0345 3824 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:58:06.0346 3824 LSI_FC - ok
02:58:06.0376 3824 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:58:06.0377 3824 LSI_SAS - ok
02:58:06.0399 3824 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:58:06.0400 3824 LSI_SAS2 - ok
02:58:06.0433 3824 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:58:06.0434 3824 LSI_SCSI - ok
02:58:06.0465 3824 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:58:06.0467 3824 luafv - ok
02:58:06.0602 3824 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
02:58:06.0603 3824 McComponentHostService - ok
02:58:06.0632 3824 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
02:58:06.0635 3824 Mcx2Svc - ok
02:58:06.0667 3824 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
02:58:06.0668 3824 mdmxsdk - ok
02:58:06.0705 3824 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:58:06.0706 3824 megasas - ok
02:58:06.0749 3824 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:58:06.0753 3824 MegaSR - ok
02:58:06.0875 3824 Microsoft SharePoint Workspace Audit Service - ok
02:58:06.0905 3824 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:58:06.0907 3824 MMCSS - ok
02:58:06.0943 3824 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:58:06.0944 3824 Modem - ok
02:58:06.0991 3824 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:58:06.0991 3824 monitor - ok
02:58:07.0039 3824 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:58:07.0040 3824 mouclass - ok
02:58:07.0058 3824 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:58:07.0059 3824 mouhid - ok
02:58:07.0258 3824 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
02:58:07.0259 3824 mountmgr - ok
02:58:07.0328 3824 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:58:07.0329 3824 MozillaMaintenance - ok
02:58:07.0378 3824 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
02:58:07.0379 3824 mpio - ok
02:58:07.0461 3824 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:58:07.0462 3824 mpsdrv - ok
02:58:07.0486 3824 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
02:58:07.0488 3824 MRxDAV - ok
02:58:07.0549 3824 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:58:07.0550 3824 mrxsmb - ok
02:58:07.0734 3824 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:58:07.0736 3824 mrxsmb10 - ok
02:58:07.0886 3824 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:58:07.0887 3824 mrxsmb20 - ok
02:58:07.0954 3824 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
02:58:07.0954 3824 msahci - ok
02:58:08.0020 3824 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
02:58:08.0021 3824 msdsm - ok
02:58:08.0153 3824 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:58:08.0155 3824 MSDTC - ok
02:58:08.0196 3824 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:58:08.0197 3824 Msfs - ok
02:58:08.0226 3824 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:58:08.0227 3824 mshidkmdf - ok
02:58:08.0239 3824 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
02:58:08.0239 3824 msisadrv - ok
02:58:08.0354 3824 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:58:08.0356 3824 MSiSCSI - ok
02:58:08.0368 3824 msiserver - ok
02:58:08.0402 3824 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:58:08.0403 3824 MSKSSRV - ok
02:58:08.0444 3824 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:58:08.0445 3824 MSPCLOCK - ok
02:58:08.0456 3824 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:58:08.0457 3824 MSPQM - ok
02:58:08.0526 3824 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
02:58:08.0552 3824 MsRPC - ok
02:58:08.0593 3824 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
02:58:08.0594 3824 mssmbios - ok
02:58:08.0632 3824 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:58:08.0634 3824 MSTEE - ok
02:58:08.0653 3824 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:58:08.0655 3824 MTConfig - ok
02:58:08.0679 3824 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:58:08.0682 3824 Mup - ok
02:58:08.0739 3824 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
02:58:08.0746 3824 napagent - ok
02:58:08.0793 3824 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:58:08.0808 3824 NativeWifiP - ok
02:58:09.0055 3824 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
02:58:09.0183 3824 NAV - ok
02:58:09.0767 3824 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120719.021\ENG64.SYS
02:58:09.0837 3824 NAVENG - ok
02:58:10.0029 3824 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120719.021\EX64.SYS
02:58:10.0092 3824 NAVEX15 - ok
02:58:10.0669 3824 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
02:58:10.0682 3824 NDIS - ok
02:58:10.0719 3824 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:58:10.0721 3824 NdisCap - ok
02:58:10.0754 3824 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:58:10.0771 3824 NdisTapi - ok
02:58:10.0806 3824 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
02:58:10.0809 3824 Ndisuio - ok
02:58:10.0836 3824 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
02:58:10.0840 3824 NdisWan - ok
02:58:10.0867 3824 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
02:58:10.0883 3824 NDProxy - ok
02:58:10.0906 3824 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:58:10.0908 3824 NetBIOS - ok
02:58:10.0979 3824 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
02:58:11.0004 3824 NetBT - ok
02:58:11.0058 3824 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
02:58:11.0059 3824 Netlogon - ok
02:58:11.0117 3824 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:58:11.0126 3824 Netman - ok
02:58:11.0161 3824 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:58:11.0186 3824 netprofm - ok
02:58:11.0322 3824 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:58:11.0326 3824 NetTcpPortSharing - ok
02:58:11.0717 3824 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
02:58:11.0798 3824 netw5v64 - ok
02:58:11.0897 3824 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:58:11.0915 3824 nfrd960 - ok
02:58:12.0096 3824 NitroReaderDriverReadSpool (eee7317cb422f051ebdf1a16a42fbbb2) C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
02:58:12.0139 3824 NitroReaderDriverReadSpool - ok
02:58:12.0193 3824 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
02:58:12.0199 3824 NlaSvc - ok
02:58:12.0254 3824 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:58:12.0256 3824 Npfs - ok
02:58:12.0382 3824 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:58:12.0407 3824 nsi - ok
02:58:12.0430 3824 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:58:12.0449 3824 nsiproxy - ok
02:58:12.0757 3824 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
02:58:12.0838 3824 Ntfs - ok
02:58:13.0028 3824 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:58:13.0030 3824 Null - ok
02:58:13.0108 3824 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
02:58:13.0112 3824 nvraid - ok
02:58:13.0137 3824 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
02:58:13.0152 3824 nvstor - ok
02:58:13.0199 3824 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
02:58:13.0202 3824 nv_agp - ok
02:58:13.0242 3824 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
02:58:13.0244 3824 ohci1394 - ok
02:58:13.0327 3824 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:58:13.0355 3824 ose - ok
02:58:13.0847 3824 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:58:13.0899 3824 osppsvc - ok
02:58:14.0027 3824 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:58:14.0033 3824 p2pimsvc - ok
02:58:14.0110 3824 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:58:14.0135 3824 p2psvc - ok
02:58:14.0181 3824 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:58:14.0183 3824 Parport - ok
02:58:14.0225 3824 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
02:58:14.0227 3824 partmgr - ok
02:58:14.0251 3824 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:58:14.0257 3824 PcaSvc - ok
02:58:14.0292 3824 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
02:58:14.0296 3824 pci - ok
02:58:14.0323 3824 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
02:58:14.0342 3824 pciide - ok
02:58:14.0378 3824 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:58:14.0382 3824 pcmcia - ok
02:58:14.0427 3824 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:58:14.0429 3824 pcw - ok
02:58:14.0507 3824 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:58:14.0517 3824 PEAUTH - ok
02:58:14.0588 3824 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:58:14.0591 3824 PerfHost - ok
02:58:14.0682 3824 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
02:58:14.0717 3824 pla - ok
02:58:14.0825 3824 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
02:58:14.0830 3824 PlugPlay - ok
02:58:14.0874 3824 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:58:14.0878 3824 PNRPAutoReg - ok
02:58:14.0911 3824 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:58:14.0914 3824 PNRPsvc - ok
02:58:14.0966 3824 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
02:58:14.0984 3824 PolicyAgent - ok
02:58:15.0029 3824 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
02:58:15.0045 3824 Power - ok
02:58:15.0167 3824 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
02:58:15.0186 3824 PptpMiniport - ok
02:58:15.0228 3824 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:58:15.0231 3824 Processor - ok
02:58:15.0279 3824 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
02:58:15.0297 3824 ProfSvc - ok
02:58:15.0350 3824 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
02:58:15.0351 3824 ProtectedStorage - ok
02:58:15.0375 3824 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
02:58:15.0381 3824 Psched - ok
02:58:15.0543 3824 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:58:15.0561 3824 ql2300 - ok
02:58:15.0732 3824 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:58:15.0805 3824 ql40xx - ok
02:58:15.0881 3824 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:58:15.0886 3824 QWAVE - ok
02:58:15.0921 3824 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:58:15.0923 3824 QWAVEdrv - ok
02:58:15.0949 3824 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:58:15.0951 3824 RasAcd - ok
02:58:15.0990 3824 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:58:15.0992 3824 RasAgileVpn - ok
02:58:16.0020 3824 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:58:16.0050 3824 RasAuto - ok
02:58:16.0096 3824 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:58:16.0102 3824 Rasl2tp - ok
02:58:16.0165 3824 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
02:58:16.0194 3824 RasMan - ok
02:58:16.0231 3824 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:58:16.0234 3824 RasPppoe - ok
02:58:16.0271 3824 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:58:16.0274 3824 RasSstp - ok
02:58:16.0321 3824 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
02:58:16.0341 3824 rdbss - ok
02:58:16.0380 3824 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:58:16.0397 3824 rdpbus - ok
02:58:16.0427 3824 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:58:16.0440 3824 RDPCDD - ok
02:58:16.0496 3824 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:58:16.0498 3824 RDPENCDD - ok
02:58:16.0520 3824 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:58:16.0522 3824 RDPREFMP - ok
02:58:16.0619 3824 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
02:58:16.0643 3824 RDPWD - ok
02:58:16.0680 3824 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
02:58:16.0716 3824 rdyboost - ok
02:58:16.0780 3824 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:58:16.0799 3824 RemoteAccess - ok
02:58:16.0843 3824 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:58:16.0862 3824 RemoteRegistry - ok
02:58:16.0976 3824 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
02:58:17.0005 3824 RichVideo - ok
02:58:17.0024 3824 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:58:17.0040 3824 RpcEptMapper - ok
02:58:17.0068 3824 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:58:17.0080 3824 RpcLocator - ok
02:58:17.0127 3824 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
02:58:17.0132 3824 RpcSs - ok
02:58:17.0196 3824 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:58:17.0198 3824 rspndr - ok
02:58:17.0262 3824 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\System32\Drivers\RtsUStor.sys
02:58:17.0266 3824 RSUSBSTOR - ok
02:58:17.0321 3824 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:58:17.0343 3824 RTL8167 - ok
02:58:17.0371 3824 RtsUIR - ok
02:58:17.0491 3824 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
02:58:17.0492 3824 SamSs - ok
02:58:17.0529 3824 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
02:58:17.0546 3824 sbp2port - ok
02:58:17.0599 3824 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:58:17.0603 3824 SCardSvr - ok
02:58:17.0647 3824 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
02:58:17.0662 3824 scfilter - ok
02:58:17.0799 3824 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
02:58:17.0818 3824 Schedule - ok
02:58:17.0849 3824 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
02:58:17.0850 3824 SCPolicySvc - ok
02:58:17.0890 3824 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
02:58:17.0895 3824 sdbus - ok
02:58:18.0018 3824 SDHookDriver - ok
02:58:18.0081 3824 SDHookService (5c31070d5a528d637322562e2a30e0e5) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
02:58:18.0083 3824 SDHookService - ok
02:58:18.0143 3824 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
02:58:18.0211 3824 SDRSVC - ok
02:58:18.0221 3824 SDScannerService - ok
02:58:18.0258 3824 SDUpdateService - ok
02:58:18.0335 3824 SDWSCService (c73b8c61891e1674d3f810cabf75ffe8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
02:58:18.0492 3824 SDWSCService - ok
02:58:18.0528 3824 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:58:18.0533 3824 secdrv - ok
02:58:18.0561 3824 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
02:58:18.0566 3824 seclogon - ok
02:58:18.0588 3824 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
02:58:18.0618 3824 SENS - ok
02:58:18.0645 3824 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:58:18.0659 3824 SensrSvc - ok
02:58:18.0717 3824 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:58:18.0719 3824 Serenum - ok
02:58:18.0744 3824 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:58:18.0746 3824 Serial - ok
02:58:18.0774 3824 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:58:18.0775 3824 sermouse - ok
02:58:18.0820 3824 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
02:58:18.0823 3824 SessionEnv - ok
02:58:18.0854 3824 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
02:58:18.0856 3824 sffdisk - ok
02:58:18.0876 3824 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
02:58:18.0878 3824 sffp_mmc - ok
02:58:18.0896 3824 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
02:58:18.0898 3824 sffp_sd - ok
02:58:18.0923 3824 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:58:18.0938 3824 sfloppy - ok
02:58:19.0021 3824 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
02:58:19.0041 3824 ShellHWDetection - ok
02:58:19.0089 3824 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:58:19.0091 3824 SiSRaid2 - ok
02:58:19.0108 3824 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:58:19.0110 3824 SiSRaid4 - ok
02:58:19.0155 3824 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:58:19.0172 3824 Smb - ok
02:58:19.0217 3824 SMR300 (10bc9f077fc149e4e0a40bae1d42a259) C:\Windows\system32\drivers\SMR300.SYS
02:58:19.0222 3824 SMR300 - ok
02:58:19.0265 3824 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:58:19.0280 3824 SNMPTRAP - ok
02:58:19.0310 3824 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:58:19.0347 3824 spldr - ok
02:58:19.0425 3824 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
02:58:19.0433 3824 Spooler - ok
02:58:19.0671 3824 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
02:58:19.0722 3824 sppsvc - ok
02:58:19.0795 3824 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:58:19.0798 3824 sppuinotify - ok
02:58:19.0980 3824 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1305000.091\SRTSP64.SYS
02:58:19.0989 3824 SRTSP - ok
02:58:20.0076 3824 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NAVx64\1307010.005\SRTSPX64.SYS
02:58:20.0117 3824 SRTSPX - ok
02:58:20.0168 3824 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
02:58:20.0190 3824 srv - ok
02:58:20.0292 3824 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
02:58:20.0297 3824 srv2 - ok
02:58:20.0423 3824 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
02:58:20.0454 3824 SrvHsfHDA - ok
02:58:20.0755 3824 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
02:58:20.0826 3824 SrvHsfV92 - ok
02:58:20.0936 3824 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
02:58:20.0959 3824 SrvHsfWinac - ok
02:58:21.0009 3824 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
02:58:21.0013 3824 srvnet - ok
02:58:21.0058 3824 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:58:21.0063 3824 SSDPSRV - ok
02:58:21.0130 3824 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:58:21.0150 3824 SstpSvc - ok
02:58:21.0185 3824 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:58:21.0188 3824 stexstor - ok
02:58:21.0232 3824 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
02:58:21.0274 3824 stisvc - ok
02:58:21.0310 3824 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
02:58:21.0312 3824 swenum - ok
02:58:21.0371 3824 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:58:21.0412 3824 swprv - ok
02:58:21.0566 3824 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS
02:58:21.0596 3824 SymDS - ok
02:58:21.0681 3824 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS
02:58:21.0704 3824 SymEFA - ok
02:58:21.0809 3824 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
02:58:21.0824 3824 SymEvent - ok
02:58:21.0893 3824 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS
02:58:21.0896 3824 SymIRON - ok
02:58:22.0024 3824 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1305000.091\SYMNETS.SYS
02:58:22.0030 3824 SymNetS - ok
02:58:22.0192 3824 SynTP (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys
02:58:22.0228 3824 SynTP - ok
02:58:22.0330 3824 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
02:58:22.0351 3824 SysMain - ok
02:58:22.0432 3824 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
02:58:22.0453 3824 TabletInputService - ok
02:58:22.0494 3824 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
02:58:22.0522 3824 TapiSrv - ok
02:58:22.0586 3824 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:58:22.0603 3824 TBS - ok
02:58:22.0748 3824 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
02:58:22.0799 3824 Tcpip - ok
02:58:23.0166 3824 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
02:58:23.0177 3824 TCPIP6 - ok
02:58:23.0329 3824 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
02:58:23.0346 3824 tcpipreg - ok
02:58:23.0406 3824 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:58:23.0425 3824 TDPIPE - ok
02:58:23.0501 3824 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
02:58:23.0518 3824 TDTCP - ok
02:58:23.0546 3824 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
02:58:23.0552 3824 tdx - ok
02:58:23.0586 3824 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
02:58:23.0588 3824 TermDD - ok
02:58:23.0644 3824 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
02:58:23.0665 3824 TermService - ok
02:58:23.0690 3824 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:58:23.0728 3824 Themes - ok
02:58:23.0764 3824 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:58:23.0766 3824 THREADORDER - ok
02:58:23.0846 3824 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:58:23.0849 3824 TrkWks - ok
02:58:23.0915 3824 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
02:58:23.0937 3824 TrustedInstaller - ok
02:58:23.0967 3824 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:58:23.0972 3824 tssecsrv - ok
02:58:24.0006 3824 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
02:58:24.0009 3824 tunnel - ok
02:58:24.0043 3824 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:58:24.0061 3824 uagp35 - ok
02:58:24.0175 3824 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
02:58:24.0193 3824 udfs - ok
02:58:24.0227 3824 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:58:24.0244 3824 UI0Detect - ok
02:58:24.0287 3824 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
02:58:24.0289 3824 uliagpkx - ok
02:58:24.0325 3824 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
02:58:24.0327 3824 umbus - ok
02:58:24.0356 3824 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:58:24.0374 3824 UmPass - ok
02:58:24.0533 3824 Updater Service for StartNow Toolbar (e13419c67987e7832915789da6d99637) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
02:58:24.0538 3824 Updater Service for StartNow Toolbar - ok
02:58:24.0585 3824 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:58:24.0593 3824 upnphost - ok
02:58:24.0635 3824 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
02:58:24.0647 3824 usbccgp - ok
02:58:24.0657 3824 USBCCID - ok
02:58:24.0704 3824 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
02:58:24.0706 3824 usbcir - ok
02:58:24.0730 3824 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
02:58:24.0732 3824 usbehci - ok
02:58:24.0769 3824 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
02:58:24.0777 3824 usbhub - ok
02:58:24.0809 3824 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
02:58:24.0811 3824 usbohci - ok
02:58:24.0894 3824 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:58:24.0896 3824 usbprint - ok
02:58:24.0928 3824 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
02:58:24.0951 3824 usbscan - ok
02:58:24.0982 3824 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:58:25.0004 3824 USBSTOR - ok
02:58:25.0032 3824 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
02:58:25.0035 3824 usbuhci - ok
02:58:25.0062 3824 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:58:25.0083 3824 UxSms - ok
02:58:25.0134 3824 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
02:58:25.0135 3824 VaultSvc - ok
02:58:25.0168 3824 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
02:58:25.0181 3824 vdrvroot - ok
02:58:25.0227 3824 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
02:58:25.0300 3824 vds - ok
02:58:25.0340 3824 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:58:25.0342 3824 vga - ok
02:58:25.0366 3824 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:58:25.0368 3824 VgaSave - ok
02:58:25.0408 3824 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
02:58:25.0414 3824 vhdmp - ok
02:58:25.0469 3824 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
02:58:25.0470 3824 viaide - ok
02:58:25.0516 3824 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
02:58:25.0518 3824 volmgr - ok
02:58:25.0583 3824 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
02:58:25.0611 3824 volmgrx - ok
02:58:25.0689 3824 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
02:58:25.0693 3824 volsnap - ok
02:58:25.0786 3824 vseamps (a4356f3fc228b905f8960b975d2a8ff1) C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
02:58:25.0788 3824 vseamps - ok
02:58:25.0836 3824 vsedsps (19d181cc6cd3c835919124f9a72d3fef) C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
02:58:25.0838 3824 vsedsps - ok
02:58:25.0873 3824 vseqrts (1ee3cdac118c06a3c771b1b35c85b739) C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
02:58:25.0874 3824 vseqrts - ok
02:58:25.0926 3824 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:58:25.0930 3824 vsmraid - ok
02:58:26.0204 3824 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
02:58:26.0228 3824 VSS - ok
02:58:26.0378 3824 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:58:26.0397 3824 vwifibus - ok
02:58:26.0439 3824 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:58:26.0455 3824 vwififlt - ok
02:58:26.0499 3824 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:58:26.0527 3824 W32Time - ok
02:58:26.0566 3824 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:58:26.0568 3824 WacomPen - ok
02:58:26.0607 3824 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
02:58:26.0609 3824 WANARP - ok
02:58:26.0621 3824 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
02:58:26.0622 3824 Wanarpv6 - ok
02:58:26.0782 3824 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:58:26.0809 3824 WatAdminSvc - ok
02:58:26.0888 3824 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
02:58:26.0907 3824 wbengine - ok
02:58:26.0986 3824 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:58:26.0993 3824 WbioSrvc - ok
02:58:27.0068 3824 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
02:58:27.0074 3824 wcncsvc - ok
02:58:27.0092 3824 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:58:27.0109 3824 WcsPlugInService - ok
02:58:27.0151 3824 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:58:27.0167 3824 Wd - ok
02:58:27.0235 3824 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:58:27.0254 3824 Wdf01000 - ok
02:58:27.0288 3824 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:58:27.0294 3824 WdiServiceHost - ok
02:58:27.0304 3824 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:58:27.0306 3824 WdiSystemHost - ok
02:58:27.0386 3824 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
02:58:27.0403 3824 WebClient - ok
02:58:27.0436 3824 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:58:27.0456 3824 Wecsvc - ok
02:58:27.0490 3824 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:58:27.0496 3824 wercplsupport - ok
02:58:27.0530 3824 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:58:27.0533 3824 WerSvc - ok
02:58:27.0598 3824 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:58:27.0616 3824 WfpLwf - ok
02:58:27.0645 3824 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:58:27.0647 3824 WIMMount - ok
02:58:27.0752 3824 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
02:58:27.0762 3824 winachsf - ok
02:58:27.0779 3824 WinHttpAutoProxySvc - ok
02:58:27.0842 3824 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:58:27.0847 3824 Winmgmt - ok
02:58:27.0952 3824 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
02:58:28.0024 3824 WinRM - ok
02:58:28.0189 3824 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
02:58:28.0207 3824 WinUsb - ok
02:58:28.0278 3824 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:58:28.0291 3824 Wlansvc - ok
02:58:28.0326 3824 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
02:58:28.0327 3824 WmiAcpi - ok
02:58:28.0429 3824 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:58:28.0466 3824 wmiApSrv - ok
02:58:28.0508 3824 WMPNetworkSvc - ok
02:58:28.0534 3824 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:58:28.0538 3824 WPCSvc - ok
02:58:28.0568 3824 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
02:58:28.0583 3824 WPDBusEnum - ok
02:58:28.0621 3824 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:58:28.0623 3824 ws2ifsl - ok
02:58:28.0637 3824 WSearch - ok
02:58:29.0007 3824 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
02:58:29.0088 3824 wuauserv - ok
02:58:29.0234 3824 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
02:58:29.0244 3824 WudfPf - ok
02:58:29.0292 3824 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:58:29.0314 3824 WUDFRd - ok
02:58:29.0362 3824 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
02:58:29.0381 3824 wudfsvc - ok
02:58:29.0413 3824 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:58:29.0434 3824 WwanSvc - ok
02:58:29.0491 3824 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
02:58:29.0497 3824 XAudio - ok
02:58:29.0538 3824 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
02:58:29.0548 3824 yukonw7 - ok
02:58:29.0581 3824 MBR (0x1B8) (aee357d355d7f06dfec420a755c0b947) \Device\Harddisk0\DR0
02:58:29.0782 3824 \Device\Harddisk0\DR0 - ok
02:58:29.0793 3824 Boot (0x1200) (c13ecc8d0c86bbb3f8ae4492cb637d4d) \Device\Harddisk0\DR0\Partition0
02:58:29.0794 3824 \Device\Harddisk0\DR0\Partition0 - ok
02:58:29.0825 3824 Boot (0x1200) (f8548a7425099849538093684c9fc1f2) \Device\Harddisk0\DR0\Partition1
02:58:29.0826 3824 \Device\Harddisk0\DR0\Partition1 - ok
02:58:29.0856 3824 Boot (0x1200) (5e815f67201686a53d30f48829bb3be3) \Device\Harddisk0\DR0\Partition2
02:58:29.0859 3824 \Device\Harddisk0\DR0\Partition2 - ok
02:58:29.0863 3824 ============================================================
02:58:29.0863 3824 Scan finished
02:58:29.0863 3824 ============================================================
02:58:29.0881 2120 Detected object count: 0
02:58:29.0881 2120 Actual detected object count: 0
02:59:34.0948 4044 Deinitialize success


aswMBR logs

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-20 15:57:01
-----------------------------
15:57:01.672 OS Version: Windows x64 6.1.7600
15:57:01.672 Number of processors: 1 586 0x170A
15:57:01.674 ComputerName: HOME-PC UserName: Home
15:57:04.324 Initialize success
15:58:12.147 AVAST engine defs: 12072000
15:58:19.674 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:58:19.676 Disk 0 Vendor: Hitachi_HTS725025A9A364 PC2OC72E Size: 238475MB BusType: 11
15:58:19.886 Disk 0 MBR read successfully
15:58:19.889 Disk 0 MBR scan
15:58:19.949 Disk 0 unknown MBR code
15:58:20.041 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
15:58:20.086 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 225688 MB offset 409600
15:58:20.141 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12586 MB offset 462618624
15:58:20.283 Disk 0 scanning C:\Windows\system32\drivers
15:58:37.389 Service scanning
15:59:10.752 Modules scanning
15:59:10.760 Disk 0 trace - called modules:
15:59:10.787 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:59:11.123 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80027664b0]
15:59:11.130 3 CLASSPNP.SYS[fffff8800114a43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800265d060]
15:59:12.232 AVAST engine scan C:\Windows
15:59:15.072 AVAST engine scan C:\Windows\system32
16:01:30.016 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:01:33.946 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:04:14.280 AVAST engine scan C:\Windows\system32\drivers
16:04:36.427 AVAST engine scan C:\Users\Home
16:05:30.429 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
16:05:30.438 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"


ESET is coming....it is taking forever.

#3 Kris5711

Kris5711
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 20 July 2012 - 10:57 PM

Okay, ESET just got done...phew.


C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll Win32/Toolbar.Zugo.A application cleaned by deleting - quarantined
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Home\AppData\Local\Temp\ibtmpa2e2358\component_85.decrpt multiple threats cleaned by deleting - quarantined
C:\Users\Home\AppData\Local\Temp\ICReinstall\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Home\AppData\Local\Temp\nspC9F.tmp\Install.dll probably a variant of Win32/Adware.HotBar.E application cleaned by deleting - quarantined
C:\Users\Home\AppData\Local\Temp\nst9431.tmp\Install.dll probably a variant of Win32/Adware.HotBar.E application cleaned by deleting - quarantined
C:\Users\Home\Downloads\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Home\Downloads\F.exe Win32/Adware.1ClickDownload.C application cleaned by deleting - quarantined
C:\Users\Home\Downloads\gtk2123setup.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined
C:\Users\Home\Downloads\Xvid-Setup-dm-9.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Windows\Installer\{19373efe-0217-4ef7-eb0b-a0a55ad8667d}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{19373efe-0217-4ef7-eb0b-a0a55ad8667d}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
C:\Windows\Temp\BAS7B43.tmp\upgrade.exe a variant of Win32/Adware.OneStep.BS application cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

Edited by Kris5711, 20 July 2012 - 10:59 PM.


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:20 AM

Posted 21 July 2012 - 03:58 PM

Please do the following:


download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to the disclaimer.
[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there
[*]Press Scan button.
[*]FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:
services.exe
[*]now press the search button
[*]when the search is complete, search.txt will also be written to your USB
[*]type exit and reboot the computer normally
[*]please copy and paste both logs in your reply.(FRST.txt and Search.txt)[/list]

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:20 AM

Posted 29 July 2012 - 04:30 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users