Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan zeroaccess!linf4


  • Please log in to reply
11 replies to this topic

#1 Pufio

Pufio

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 10 August 2012 - 10:28 PM

Hi
I have problem with Trojan zeroaccess . Everything was ok until norton find Trojan and said need manual remove action then transfer me to Symantec web and tell me to use removal tool.
Then starts problems I can use Internet but not all websites can't log in mail by web in outlook don't see folders and can't download new mails. Some programs and all computer run kinda slow and can't log on world of Warcraft game and blizzard web. I don't know how but other computer have similar problems but on him antivirus expire so can't check .
Really sorry for my English I try best . Please help if someone have time. I'm not really good with antivirus software so please use simple laungage.
Ty for help

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 AM

Posted 10 August 2012 - 10:38 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Pufio

Pufio
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 11 August 2012 - 05:35 AM

hi
ty for respond


TDS kiler log

05:03:57.0105 8944 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
05:03:57.0648 8944 ============================================================
05:03:57.0648 8944 Current date / time: 2012/08/11 05:03:57.0648
05:03:57.0648 8944 SystemInfo:
05:03:57.0648 8944
05:03:57.0648 8944 OS Version: 6.1.7601 ServicePack: 1.0
05:03:57.0648 8944 Product type: Workstation
05:03:57.0648 8944 ComputerName: PUFAJ-PC
05:03:57.0649 8944 UserName: pufaj
05:03:57.0649 8944 Windows directory: C:\Windows
05:03:57.0649 8944 System windows directory: C:\Windows
05:03:57.0649 8944 Running under WOW64
05:03:57.0649 8944 Processor architecture: Intel x64
05:03:57.0649 8944 Number of processors: 8
05:03:57.0649 8944 Page size: 0x1000
05:03:57.0649 8944 Boot type: Normal boot
05:03:57.0649 8944 ============================================================
05:03:57.0864 8944 Drive \Device\Harddisk4\DR4 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
05:03:57.0874 8944 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:03:57.0883 8944 Drive \Device\Harddisk1\DR1 - Size: 0x8BBA5F6000 (558.91 Gb), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:03:57.0902 8944 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:03:57.0922 8944 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
05:03:57.0931 8944 ============================================================
05:03:57.0931 8944 \Device\Harddisk4\DR4:
05:03:57.0942 8944 MBR partitions:
05:03:57.0942 8944 \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:03:57.0942 8944 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
05:03:57.0942 8944 \Device\Harddisk0\DR0:
05:03:57.0956 8944 MBR partitions:
05:03:57.0956 8944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
05:03:57.0957 8944 \Device\Harddisk1\DR1:
05:03:57.0957 8944 MBR partitions:
05:03:57.0957 8944 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x45DD1800
05:03:57.0957 8944 \Device\Harddisk2\DR2:
05:03:57.0957 8944 MBR partitions:
05:03:57.0957 8944 \Device\Harddisk2\DR2\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
05:03:57.0957 8944 \Device\Harddisk3\DR3:
05:03:57.0957 8944 GPT partitions:
05:03:57.0957 8944 \Device\Harddisk3\DR3\Partition0: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1AEAD9B2-5EEC-4C2F-A1D2-B72EF25DA334}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
05:03:57.0957 8944 \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFCFE4D8-A26C-4A96-A48F-F608B6F5A23B}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x3A345000
05:03:57.0957 8944 MBR partitions:
05:03:57.0957 8944 ============================================================
05:03:57.0969 8944 C: <-> \Device\Harddisk4\DR4\Partition1
05:03:57.0969 8944 F: <-> \Device\Harddisk2\DR2\Partition0
05:03:57.0991 8944 I: <-> \Device\Harddisk0\DR0\Partition0
05:03:58.0016 8944 J: <-> \Device\Harddisk3\DR3\Partition1
05:03:58.0021 8944 K: <-> \Device\Harddisk1\DR1\Partition0
05:03:58.0021 8944 ============================================================
05:03:58.0021 8944 Initialize success
05:03:58.0021 8944 ============================================================
05:04:25.0603 8760 ============================================================
05:04:25.0603 8760 Scan started
05:04:25.0603 8760 Mode: Manual; TDLFS;
05:04:25.0603 8760 ============================================================
05:04:26.0184 8760 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
05:04:26.0186 8760 1394ohci - ok
05:04:26.0197 8760 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
05:04:26.0200 8760 ACPI - ok
05:04:26.0203 8760 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
05:04:26.0205 8760 AcpiPmi - ok
05:04:26.0223 8760 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:04:26.0229 8760 adp94xx - ok
05:04:26.0241 8760 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:04:26.0245 8760 adpahci - ok
05:04:26.0252 8760 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:04:26.0255 8760 adpu320 - ok
05:04:26.0261 8760 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
05:04:26.0261 8760 AeLookupSvc - ok
05:04:26.0277 8760 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
05:04:26.0282 8760 AFD - ok
05:04:26.0287 8760 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
05:04:26.0288 8760 agp440 - ok
05:04:26.0293 8760 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
05:04:26.0294 8760 ALG - ok
05:04:26.0297 8760 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
05:04:26.0299 8760 aliide - ok
05:04:26.0302 8760 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
05:04:26.0303 8760 amdide - ok
05:04:26.0307 8760 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:04:26.0309 8760 AmdK8 - ok
05:04:26.0312 8760 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:04:26.0314 8760 AmdPPM - ok
05:04:26.0319 8760 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
05:04:26.0321 8760 amdsata - ok
05:04:26.0328 8760 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:04:26.0331 8760 amdsbs - ok
05:04:26.0333 8760 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
05:04:26.0334 8760 amdxata - ok
05:04:26.0340 8760 AnyDVD (a98662af1f4fe95e0b1daf75b98cfae3) C:\Windows\system32\Drivers\AnyDVD.sys
05:04:26.0347 8760 AnyDVD - ok
05:04:26.0352 8760 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
05:04:26.0353 8760 AppID - ok
05:04:26.0355 8760 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
05:04:26.0356 8760 AppIDSvc - ok
05:04:26.0360 8760 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
05:04:26.0361 8760 Appinfo - ok
05:04:26.0367 8760 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:04:26.0368 8760 Apple Mobile Device - ok
05:04:26.0371 8760 AppleCharger (a632d9ea15f37d2605a7fcaf3892ec96) C:\Windows\system32\DRIVERS\AppleCharger.sys
05:04:26.0376 8760 AppleCharger - ok
05:04:26.0379 8760 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
05:04:26.0380 8760 AppleChargerSrv - ok
05:04:26.0387 8760 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
05:04:26.0389 8760 AppMgmt - ok
05:04:26.0393 8760 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:04:26.0394 8760 arc - ok
05:04:26.0398 8760 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:04:26.0399 8760 arcsas - ok
05:04:26.0409 8760 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:04:26.0411 8760 aspnet_state - ok
05:04:26.0413 8760 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:04:26.0414 8760 AsyncMac - ok
05:04:26.0416 8760 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
05:04:26.0417 8760 atapi - ok
05:04:26.0437 8760 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
05:04:26.0444 8760 AudioEndpointBuilder - ok
05:04:26.0448 8760 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
05:04:26.0451 8760 AudioSrv - ok
05:04:26.0456 8760 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
05:04:26.0463 8760 Autodesk Content Service - ok
05:04:26.0468 8760 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
05:04:26.0469 8760 AxInstSV - ok
05:04:26.0483 8760 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:04:26.0487 8760 b06bdrv - ok
05:04:26.0496 8760 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:04:26.0499 8760 b57nd60a - ok
05:04:26.0508 8760 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
05:04:26.0547 8760 BCUService - ok
05:04:26.0552 8760 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
05:04:26.0553 8760 BDESVC - ok
05:04:26.0555 8760 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:04:26.0556 8760 Beep - ok
05:04:26.0590 8760 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
05:04:26.0600 8760 BHDrvx64 - ok
05:04:26.0625 8760 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
05:04:26.0635 8760 BITS - ok
05:04:26.0641 8760 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:04:26.0642 8760 blbdrive - ok
05:04:26.0658 8760 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
05:04:26.0662 8760 Bonjour Service - ok
05:04:26.0667 8760 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
05:04:26.0669 8760 bowser - ok
05:04:26.0672 8760 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:04:26.0673 8760 BrFiltLo - ok
05:04:26.0675 8760 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:04:26.0676 8760 BrFiltUp - ok
05:04:26.0681 8760 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
05:04:26.0683 8760 Browser - ok
05:04:26.0692 8760 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:04:26.0695 8760 Brserid - ok
05:04:26.0698 8760 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:04:26.0700 8760 BrSerWdm - ok
05:04:26.0702 8760 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:04:26.0703 8760 BrUsbMdm - ok
05:04:26.0705 8760 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:04:26.0706 8760 BrUsbSer - ok
05:04:26.0710 8760 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:04:26.0711 8760 BTHMODEM - ok
05:04:26.0717 8760 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
05:04:26.0719 8760 bthserv - ok
05:04:26.0728 8760 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys
05:04:26.0731 8760 ccSet_NIS - ok
05:04:26.0735 8760 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:04:26.0737 8760 cdfs - ok
05:04:26.0744 8760 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
05:04:26.0747 8760 cdrom - ok
05:04:26.0751 8760 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
05:04:26.0753 8760 CertPropSvc - ok
05:04:26.0756 8760 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:04:26.0757 8760 circlass - ok
05:04:26.0768 8760 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:04:26.0771 8760 CLFS - ok
05:04:26.0779 8760 CLHNServiceForPowerDVD12 (4c6406cf07d4ebb70c5774d55c6688fb) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
05:04:26.0790 8760 CLHNServiceForPowerDVD12 - ok
05:04:26.0795 8760 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:04:26.0797 8760 clr_optimization_v2.0.50727_32 - ok
05:04:26.0803 8760 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:04:26.0805 8760 clr_optimization_v2.0.50727_64 - ok
05:04:26.0815 8760 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:04:26.0820 8760 clr_optimization_v4.0.30319_32 - ok
05:04:26.0828 8760 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:04:26.0832 8760 clr_optimization_v4.0.30319_64 - ok
05:04:26.0837 8760 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:04:26.0838 8760 CmBatt - ok
05:04:26.0841 8760 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
05:04:26.0842 8760 cmdide - ok
05:04:26.0855 8760 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
05:04:26.0860 8760 CNG - ok
05:04:26.0862 8760 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:04:26.0864 8760 Compbatt - ok
05:04:26.0867 8760 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
05:04:26.0868 8760 CompositeBus - ok
05:04:26.0870 8760 COMSysApp - ok
05:04:26.0896 8760 cpuz134 - ok
05:04:26.0900 8760 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:04:26.0901 8760 crcdisk - ok
05:04:26.0909 8760 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
05:04:26.0911 8760 CryptSvc - ok
05:04:26.0926 8760 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
05:04:26.0931 8760 CSC - ok
05:04:26.0950 8760 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
05:04:26.0956 8760 CscService - ok
05:04:26.0965 8760 CyberLink PowerDVD 12 Media Server Monitor Service (ea22bca708b37b82adebc822a171b92e) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
05:04:26.0975 8760 CyberLink PowerDVD 12 Media Server Monitor Service - ok
05:04:26.0984 8760 CyberLink PowerDVD 12 Media Server Service (3168d2f171a64590e7a11355cae60a1e) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
05:04:27.0001 8760 CyberLink PowerDVD 12 Media Server Service - ok
05:04:27.0008 8760 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
05:04:27.0009 8760 dc3d - ok
05:04:27.0025 8760 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
05:04:27.0031 8760 DcomLaunch - ok
05:04:27.0040 8760 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
05:04:27.0044 8760 defragsvc - ok
05:04:27.0049 8760 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
05:04:27.0051 8760 DfsC - ok
05:04:27.0061 8760 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
05:04:27.0065 8760 Dhcp - ok
05:04:27.0068 8760 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:04:27.0068 8760 discache - ok
05:04:27.0072 8760 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:04:27.0073 8760 Disk - ok
05:04:27.0080 8760 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
05:04:27.0082 8760 Dnscache - ok
05:04:27.0091 8760 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
05:04:27.0094 8760 dot3svc - ok
05:04:27.0099 8760 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
05:04:27.0101 8760 Dot4 - ok
05:04:27.0104 8760 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
05:04:27.0105 8760 Dot4Print - ok
05:04:27.0108 8760 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
05:04:27.0109 8760 dot4usb - ok
05:04:27.0115 8760 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
05:04:27.0117 8760 DPS - ok
05:04:27.0119 8760 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:04:27.0120 8760 drmkaud - ok
05:04:27.0129 8760 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
05:04:27.0131 8760 dtsoftbus01 - ok
05:04:27.0158 8760 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
05:04:27.0167 8760 DXGKrnl - ok
05:04:27.0172 8760 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
05:04:27.0174 8760 EapHost - ok
05:04:27.0260 8760 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:04:27.0286 8760 ebdrv - ok
05:04:27.0303 8760 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
05:04:27.0307 8760 eeCtrl - ok
05:04:27.0329 8760 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
05:04:27.0331 8760 EFS - ok
05:04:27.0351 8760 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
05:04:27.0357 8760 ehRecvr - ok
05:04:27.0362 8760 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
05:04:27.0364 8760 ehSched - ok
05:04:27.0370 8760 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
05:04:27.0372 8760 ElbyCDIO - ok
05:04:27.0387 8760 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:04:27.0392 8760 elxstor - ok
05:04:27.0402 8760 EraserSvc11210 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
05:04:27.0404 8760 EraserSvc11210 - ok
05:04:27.0413 8760 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:04:27.0414 8760 EraserUtilRebootDrv - ok
05:04:27.0417 8760 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
05:04:27.0418 8760 ErrDev - ok
05:04:27.0433 8760 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
05:04:27.0437 8760 EventSystem - ok
05:04:27.0444 8760 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:04:27.0446 8760 exfat - ok
05:04:27.0453 8760 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:04:27.0456 8760 fastfat - ok
05:04:27.0475 8760 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
05:04:27.0482 8760 Fax - ok
05:04:27.0485 8760 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:04:27.0486 8760 fdc - ok
05:04:27.0489 8760 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
05:04:27.0490 8760 fdPHost - ok
05:04:27.0492 8760 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
05:04:27.0493 8760 FDResPub - ok
05:04:27.0497 8760 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:04:27.0498 8760 FileInfo - ok
05:04:27.0501 8760 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:04:27.0502 8760 Filetrace - ok
05:04:27.0541 8760 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
05:04:27.0561 8760 FLEXnet Licensing Service 64 - ok
05:04:27.0586 8760 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:04:27.0587 8760 flpydisk - ok
05:04:27.0595 8760 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
05:04:27.0598 8760 FltMgr - ok
05:04:27.0630 8760 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
05:04:27.0641 8760 FontCache - ok
05:04:27.0645 8760 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:04:27.0647 8760 FontCache3.0.0.0 - ok
05:04:27.0653 8760 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:04:27.0654 8760 FsDepends - ok
05:04:27.0656 8760 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
05:04:27.0657 8760 Fs_Rec - ok
05:04:27.0665 8760 Futuremark SystemInfo Service (bd8b74da98783bcdb410461e65868a60) C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
05:04:27.0677 8760 Futuremark SystemInfo Service - ok
05:04:27.0685 8760 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:04:27.0686 8760 fvevol - ok
05:04:27.0690 8760 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:04:27.0691 8760 gagp30kx - ok
05:04:27.0693 8760 gdrv - ok
05:04:27.0696 8760 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:04:27.0697 8760 GEARAspiWDM - ok
05:04:27.0717 8760 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
05:04:27.0723 8760 gpsvc - ok
05:04:27.0726 8760 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:04:27.0727 8760 hcw85cir - ok
05:04:27.0738 8760 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
05:04:27.0742 8760 HdAudAddService - ok
05:04:27.0747 8760 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
05:04:27.0748 8760 HDAudBus - ok
05:04:27.0750 8760 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:04:27.0751 8760 HidBatt - ok
05:04:27.0755 8760 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:04:27.0757 8760 HidBth - ok
05:04:27.0759 8760 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:04:27.0761 8760 HidIr - ok
05:04:27.0763 8760 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
05:04:27.0764 8760 hidserv - ok
05:04:27.0767 8760 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
05:04:27.0769 8760 HidUsb - ok
05:04:27.0773 8760 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
05:04:27.0774 8760 hkmsvc - ok
05:04:27.0782 8760 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
05:04:27.0784 8760 HomeGroupListener - ok
05:04:27.0791 8760 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
05:04:27.0793 8760 HomeGroupProvider - ok
05:04:27.0804 8760 hpqcxs08 (97aac45a375168c6a2297beeb9692e31) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
05:04:27.0807 8760 hpqcxs08 - ok
05:04:27.0812 8760 hpqddsvc (19a4fb67b1c97ea18edff44340973cd9) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
05:04:27.0814 8760 hpqddsvc - ok
05:04:27.0818 8760 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
05:04:27.0819 8760 HpSAMD - ok
05:04:27.0839 8760 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
05:04:27.0845 8760 HTTP - ok
05:04:27.0847 8760 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
05:04:27.0848 8760 hwpolicy - ok
05:04:27.0852 8760 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
05:04:27.0854 8760 i8042prt - ok
05:04:27.0866 8760 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
05:04:27.0870 8760 iaStorV - ok
05:04:27.0894 8760 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:04:27.0902 8760 idsvc - ok
05:04:27.0921 8760 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120810.001\IDSvia64.sys
05:04:27.0926 8760 IDSVia64 - ok
05:04:27.0950 8760 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:04:27.0952 8760 iirsp - ok
05:04:27.0975 8760 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
05:04:27.0984 8760 IKEEXT - ok
05:04:28.0048 8760 IntcAzAudAddService (163f94ebf8f8a98616a6b804af08d736) C:\Windows\system32\drivers\RTKVHD64.sys
05:04:28.0069 8760 IntcAzAudAddService - ok
05:04:28.0094 8760 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
05:04:28.0095 8760 intelide - ok
05:04:28.0099 8760 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:04:28.0100 8760 intelppm - ok
05:04:28.0106 8760 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
05:04:28.0108 8760 IPBusEnum - ok
05:04:28.0112 8760 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:04:28.0114 8760 IpFilterDriver - ok
05:04:28.0118 8760 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
05:04:28.0120 8760 IPMIDRV - ok
05:04:28.0125 8760 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:04:28.0127 8760 IPNAT - ok
05:04:28.0153 8760 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
05:04:28.0162 8760 iPod Service - ok
05:04:28.0165 8760 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:04:28.0166 8760 IRENUM - ok
05:04:28.0169 8760 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
05:04:28.0170 8760 isapnp - ok
05:04:28.0179 8760 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
05:04:28.0183 8760 iScsiPrt - ok
05:04:28.0208 8760 JMB36X (f3a41ec4c6506e76e07a219b3a1df8d2) C:\Windows\SysWOW64\XSrvSetup.exe
05:04:28.0220 8760 JMB36X - ok
05:04:28.0225 8760 JRAID (1c368c1a2733dcc5b8e15420aa2b0f6d) C:\Windows\system32\DRIVERS\jraid.sys
05:04:28.0227 8760 JRAID - ok
05:04:28.0231 8760 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
05:04:28.0232 8760 kbdclass - ok
05:04:28.0235 8760 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
05:04:28.0236 8760 kbdhid - ok
05:04:28.0239 8760 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:04:28.0240 8760 KeyIso - ok
05:04:28.0241 8760 KMService - ok
05:04:28.0247 8760 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
05:04:28.0248 8760 KSecDD - ok
05:04:28.0254 8760 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
05:04:28.0256 8760 KSecPkg - ok
05:04:28.0259 8760 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:04:28.0260 8760 ksthunk - ok
05:04:28.0271 8760 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
05:04:28.0275 8760 KtmRm - ok
05:04:28.0284 8760 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
05:04:28.0287 8760 LanmanServer - ok
05:04:28.0292 8760 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
05:04:28.0295 8760 LanmanWorkstation - ok
05:04:28.0300 8760 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:04:28.0301 8760 lltdio - ok
05:04:28.0311 8760 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
05:04:28.0315 8760 lltdsvc - ok
05:04:28.0317 8760 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
05:04:28.0318 8760 lmhosts - ok
05:04:28.0331 8760 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
05:04:28.0341 8760 LMIGuardianSvc - ok
05:04:28.0344 8760 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
05:04:28.0345 8760 LMIInfo - ok
05:04:28.0351 8760 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
05:04:28.0359 8760 LMIMaint - ok
05:04:28.0361 8760 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
05:04:28.0363 8760 lmimirr - ok
05:04:28.0365 8760 LMIRfsClientNP - ok
05:04:28.0370 8760 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
05:04:28.0371 8760 LMIRfsDriver - ok
05:04:28.0382 8760 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
05:04:28.0386 8760 LogMeIn - ok
05:04:28.0392 8760 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:04:28.0393 8760 LSI_FC - ok
05:04:28.0398 8760 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:04:28.0399 8760 LSI_SAS - ok
05:04:28.0402 8760 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:04:28.0404 8760 LSI_SAS2 - ok
05:04:28.0408 8760 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:04:28.0409 8760 LSI_SCSI - ok
05:04:28.0414 8760 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:04:28.0415 8760 luafv - ok
05:04:28.0419 8760 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
05:04:28.0421 8760 Mcx2Svc - ok
05:04:28.0423 8760 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:04:28.0424 8760 megasas - ok
05:04:28.0433 8760 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:04:28.0436 8760 MegaSR - ok
05:04:28.0441 8760 Microsoft SharePoint Workspace Audit Service - ok
05:04:28.0445 8760 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:04:28.0447 8760 MMCSS - ok
05:04:28.0449 8760 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:04:28.0450 8760 Modem - ok
05:04:28.0453 8760 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:04:28.0453 8760 monitor - ok
05:04:28.0456 8760 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:04:28.0457 8760 mouclass - ok
05:04:28.0460 8760 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:04:28.0461 8760 mouhid - ok
05:04:28.0465 8760 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
05:04:28.0466 8760 mountmgr - ok
05:04:28.0471 8760 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
05:04:28.0473 8760 mpio - ok
05:04:28.0477 8760 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:04:28.0478 8760 mpsdrv - ok
05:04:28.0484 8760 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
05:04:28.0486 8760 MRxDAV - ok
05:04:28.0492 8760 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:04:28.0494 8760 mrxsmb - ok
05:04:28.0503 8760 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:04:28.0506 8760 mrxsmb10 - ok
05:04:28.0511 8760 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:04:28.0512 8760 mrxsmb20 - ok
05:04:28.0515 8760 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
05:04:28.0516 8760 msahci - ok
05:04:28.0521 8760 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
05:04:28.0523 8760 msdsm - ok
05:04:28.0528 8760 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
05:04:28.0531 8760 MSDTC - ok
05:04:28.0535 8760 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:04:28.0536 8760 Msfs - ok
05:04:28.0538 8760 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:04:28.0539 8760 mshidkmdf - ok
05:04:28.0541 8760 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
05:04:28.0542 8760 msisadrv - ok
05:04:28.0548 8760 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
05:04:28.0550 8760 MSiSCSI - ok
05:04:28.0551 8760 msiserver - ok
05:04:28.0555 8760 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:04:28.0556 8760 MSKSSRV - ok
05:04:28.0557 8760 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:04:28.0558 8760 MSPCLOCK - ok
05:04:28.0564 8760 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:04:28.0565 8760 MSPQM - ok
05:04:28.0576 8760 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
05:04:28.0579 8760 MsRPC - ok
05:04:28.0583 8760 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
05:04:28.0584 8760 mssmbios - ok
05:04:28.0586 8760 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:04:28.0587 8760 MSTEE - ok
05:04:28.0714 8760 msvsmon90 (cb4a082af58d1a0969f931816d5cfb05) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
05:04:28.0760 8760 msvsmon90 - ok
05:04:28.0786 8760 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:04:28.0787 8760 MTConfig - ok
05:04:28.0792 8760 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:04:28.0793 8760 Mup - ok
05:04:28.0809 8760 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
05:04:28.0815 8760 napagent - ok
05:04:28.0827 8760 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:04:28.0831 8760 NativeWifiP - ok
05:04:28.0841 8760 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120810.035\ENG64.SYS
05:04:28.0844 8760 NAVENG - ok
05:04:28.0897 8760 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120810.035\EX64.SYS
05:04:28.0914 8760 NAVEX15 - ok
05:04:28.0961 8760 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
05:04:28.0969 8760 NDIS - ok
05:04:28.0973 8760 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:04:28.0974 8760 NdisCap - ok
05:04:28.0977 8760 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:04:28.0978 8760 NdisTapi - ok
05:04:28.0981 8760 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
05:04:28.0983 8760 Ndisuio - ok
05:04:28.0989 8760 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
05:04:28.0991 8760 NdisWan - ok
05:04:28.0995 8760 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
05:04:28.0996 8760 NDProxy - ok
05:04:28.0999 8760 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:04:29.0000 8760 NetBIOS - ok
05:04:29.0009 8760 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
05:04:29.0011 8760 NetBT - ok
05:04:29.0013 8760 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:04:29.0014 8760 Netlogon - ok
05:04:29.0025 8760 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
05:04:29.0029 8760 Netman - ok
05:04:29.0039 8760 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:04:29.0042 8760 NetMsmqActivator - ok
05:04:29.0044 8760 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:04:29.0044 8760 NetPipeActivator - ok
05:04:29.0058 8760 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
05:04:29.0063 8760 netprofm - ok
05:04:29.0065 8760 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:04:29.0066 8760 NetTcpActivator - ok
05:04:29.0068 8760 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:04:29.0069 8760 NetTcpPortSharing - ok
05:04:29.0074 8760 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:04:29.0076 8760 nfrd960 - ok
05:04:29.0085 8760 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
05:04:29.0086 8760 NIS - ok
05:04:29.0097 8760 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
05:04:29.0101 8760 NlaSvc - ok
05:04:29.0127 8760 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\SysWOW64\nlssrv32.exe
05:04:29.0129 8760 nlsX86cc - ok
05:04:29.0134 8760 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:04:29.0135 8760 Npfs - ok
05:04:29.0138 8760 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
05:04:29.0140 8760 nsi - ok
05:04:29.0142 8760 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:04:29.0143 8760 nsiproxy - ok
05:04:29.0191 8760 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
05:04:29.0207 8760 Ntfs - ok
05:04:29.0216 8760 ntk_PowerDVD12 (eaac965642ef5f818aed508cadf83e4b) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
05:04:29.0224 8760 ntk_PowerDVD12 - ok
05:04:29.0250 8760 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
05:04:29.0251 8760 NuidFltr - ok
05:04:29.0254 8760 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:04:29.0255 8760 Null - ok
05:04:29.0259 8760 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
05:04:29.0261 8760 nusb3hub - ok
05:04:29.0268 8760 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
05:04:29.0271 8760 nusb3xhc - ok
05:04:29.0279 8760 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
05:04:29.0281 8760 NVHDA - ok
05:04:29.0651 8760 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:04:29.0761 8760 nvlddmkm - ok
05:04:29.0792 8760 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
05:04:29.0795 8760 nvraid - ok
05:04:29.0801 8760 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
05:04:29.0803 8760 nvstor - ok
05:04:29.0826 8760 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
05:04:29.0834 8760 nvsvc - ok
05:04:29.0867 8760 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:04:29.0878 8760 nvUpdatusService - ok
05:04:29.0904 8760 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
05:04:29.0906 8760 nv_agp - ok
05:04:29.0909 8760 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
05:04:29.0911 8760 ohci1394 - ok
05:04:29.0918 8760 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:04:29.0920 8760 ose64 - ok
05:04:30.0054 8760 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
05:04:30.0101 8760 osppsvc - ok
05:04:30.0132 8760 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:04:30.0136 8760 p2pimsvc - ok
05:04:30.0148 8760 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
05:04:30.0153 8760 p2psvc - ok
05:04:30.0160 8760 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:04:30.0161 8760 Parport - ok
05:04:30.0165 8760 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
05:04:30.0166 8760 partmgr - ok
05:04:30.0172 8760 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
05:04:30.0175 8760 PcaSvc - ok
05:04:30.0182 8760 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
05:04:30.0184 8760 pci - ok
05:04:30.0186 8760 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
05:04:30.0188 8760 pciide - ok
05:04:30.0195 8760 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:04:30.0197 8760 pcmcia - ok
05:04:30.0200 8760 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:04:30.0201 8760 pcw - ok
05:04:30.0218 8760 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:04:30.0224 8760 PEAUTH - ok
05:04:30.0260 8760 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
05:04:30.0274 8760 PeerDistSvc - ok
05:04:30.0299 8760 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
05:04:30.0301 8760 PerfHost - ok
05:04:30.0361 8760 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
05:04:30.0374 8760 pla - ok
05:04:30.0388 8760 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
05:04:30.0393 8760 PlugPlay - ok
05:04:30.0397 8760 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
05:04:30.0398 8760 PNRPAutoReg - ok
05:04:30.0409 8760 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:04:30.0411 8760 PNRPsvc - ok
05:04:30.0418 8760 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
05:04:30.0420 8760 Point64 - ok
05:04:30.0435 8760 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
05:04:30.0441 8760 PolicyAgent - ok
05:04:30.0445 8760 PortTalk - ok
05:04:30.0453 8760 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
05:04:30.0456 8760 Power - ok
05:04:30.0461 8760 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
05:04:30.0463 8760 PptpMiniport - ok
05:04:30.0467 8760 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:04:30.0469 8760 Processor - ok
05:04:30.0476 8760 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
05:04:30.0479 8760 ProfSvc - ok
05:04:30.0483 8760 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:04:30.0483 8760 ProtectedStorage - ok
05:04:30.0490 8760 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
05:04:30.0491 8760 Psched - ok
05:04:30.0500 8760 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
05:04:30.0502 8760 PSI_SVC_2 - ok
05:04:30.0515 8760 PSI_SVC_2_x64 (788cb65d49d1162c5ee6814afe5b0a70) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
05:04:30.0519 8760 PSI_SVC_2_x64 - ok
05:04:30.0524 8760 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
05:04:30.0525 8760 PxHlpa64 - ok
05:04:30.0573 8760 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:04:30.0589 8760 ql2300 - ok
05:04:30.0616 8760 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:04:30.0619 8760 ql40xx - ok
05:04:30.0628 8760 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
05:04:30.0632 8760 QWAVE - ok
05:04:30.0636 8760 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:04:30.0637 8760 QWAVEdrv - ok
05:04:30.0640 8760 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:04:30.0641 8760 RasAcd - ok
05:04:30.0645 8760 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:04:30.0647 8760 RasAgileVpn - ok
05:04:30.0651 8760 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
05:04:30.0653 8760 RasAuto - ok
05:04:30.0658 8760 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:04:30.0665 8760 Rasl2tp - ok
05:04:30.0676 8760 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
05:04:30.0680 8760 RasMan - ok
05:04:30.0684 8760 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:04:30.0685 8760 RasPppoe - ok
05:04:30.0689 8760 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:04:30.0691 8760 RasSstp - ok
05:04:30.0700 8760 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
05:04:30.0703 8760 rdbss - ok
05:04:30.0706 8760 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:04:30.0707 8760 rdpbus - ok
05:04:30.0709 8760 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:04:30.0709 8760 RDPCDD - ok
05:04:30.0717 8760 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
05:04:30.0719 8760 RDPDR - ok
05:04:30.0721 8760 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:04:30.0721 8760 RDPENCDD - ok
05:04:30.0725 8760 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:04:30.0725 8760 RDPREFMP - ok
05:04:30.0730 8760 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
05:04:30.0732 8760 RdpVideoMiniport - ok
05:04:30.0739 8760 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
05:04:30.0747 8760 RDPWD - ok
05:04:30.0755 8760 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
05:04:30.0757 8760 rdyboost - ok
05:04:30.0760 8760 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
05:04:30.0761 8760 regi - ok
05:04:30.0783 8760 RemoteAccess - ok
05:04:30.0790 8760 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
05:04:30.0793 8760 RemoteRegistry - ok
05:04:30.0797 8760 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
05:04:30.0798 8760 RpcEptMapper - ok
05:04:30.0801 8760 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
05:04:30.0802 8760 RpcLocator - ok
05:04:30.0816 8760 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
05:04:30.0819 8760 RpcSs - ok
05:04:30.0826 8760 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:04:30.0828 8760 rspndr - ok
05:04:30.0838 8760 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
05:04:30.0841 8760 RTL8167 - ok
05:04:30.0844 8760 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
05:04:30.0845 8760 s3cap - ok
05:04:30.0847 8760 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:04:30.0848 8760 SamSs - ok
05:04:30.0856 8760 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
05:04:30.0857 8760 sbp2port - ok
05:04:30.0864 8760 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
05:04:30.0867 8760 SCardSvr - ok
05:04:30.0870 8760 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
05:04:30.0871 8760 scfilter - ok
05:04:30.0899 8760 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
05:04:30.0908 8760 Schedule - ok
05:04:30.0912 8760 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
05:04:30.0913 8760 SCPolicySvc - ok
05:04:30.0919 8760 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
05:04:30.0921 8760 SDRSVC - ok
05:04:30.0931 8760 SeaPort (3e0cff5f0a9d23e327703d72cea5253f) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
05:04:30.0933 8760 SeaPort - ok
05:04:30.0938 8760 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:04:30.0939 8760 secdrv - ok
05:04:30.0942 8760 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
05:04:30.0943 8760 seclogon - ok
05:04:30.0947 8760 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
05:04:30.0948 8760 SENS - ok
05:04:30.0951 8760 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
05:04:30.0953 8760 SensrSvc - ok
05:04:30.0955 8760 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:04:30.0956 8760 Serenum - ok
05:04:30.0959 8760 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:04:30.0961 8760 Serial - ok
05:04:30.0963 8760 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:04:30.0964 8760 sermouse - ok
05:04:30.0972 8760 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
05:04:30.0974 8760 SessionEnv - ok
05:04:30.0977 8760 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
05:04:30.0978 8760 sffdisk - ok
05:04:30.0980 8760 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
05:04:30.0981 8760 sffp_mmc - ok
05:04:30.0983 8760 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
05:04:30.0984 8760 sffp_sd - ok
05:04:30.0986 8760 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:04:30.0987 8760 sfloppy - ok
05:04:30.0998 8760 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
05:04:31.0002 8760 ShellHWDetection - ok
05:04:31.0005 8760 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:04:31.0006 8760 SiSRaid2 - ok
05:04:31.0010 8760 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:04:31.0011 8760 SiSRaid4 - ok
05:04:31.0015 8760 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:04:31.0017 8760 Smb - ok
05:04:31.0022 8760 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
05:04:31.0023 8760 SNMPTRAP - ok
05:04:31.0025 8760 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:04:31.0026 8760 spldr - ok
05:04:31.0041 8760 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
05:04:31.0047 8760 Spooler - ok
05:04:31.0137 8760 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
05:04:31.0165 8760 sppsvc - ok
05:04:31.0188 8760 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
05:04:31.0190 8760 sppuinotify - ok
05:04:31.0213 8760 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS
05:04:31.0219 8760 SRTSP - ok
05:04:31.0222 8760 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS
05:04:31.0224 8760 SRTSPX - ok
05:04:31.0237 8760 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
05:04:31.0242 8760 srv - ok
05:04:31.0254 8760 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
05:04:31.0258 8760 srv2 - ok
05:04:31.0264 8760 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
05:04:31.0266 8760 srvnet - ok
05:04:31.0273 8760 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
05:04:31.0276 8760 SSDPSRV - ok
05:04:31.0280 8760 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
05:04:31.0282 8760 SstpSvc - ok
05:04:31.0295 8760 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:04:31.0299 8760 Stereo Service - ok
05:04:31.0302 8760 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:04:31.0303 8760 stexstor - ok
05:04:31.0319 8760 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
05:04:31.0325 8760 stisvc - ok
05:04:31.0329 8760 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
05:04:31.0330 8760 storflt - ok
05:04:31.0333 8760 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
05:04:31.0334 8760 storvsc - ok
05:04:31.0336 8760 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
05:04:31.0337 8760 swenum - ok
05:04:31.0351 8760 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
05:04:31.0357 8760 swprv - ok
05:04:31.0372 8760 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS
05:04:31.0376 8760 SymDS - ok
05:04:31.0406 8760 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS
05:04:31.0415 8760 SymEFA - ok
05:04:31.0423 8760 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
05:04:31.0425 8760 SymEvent - ok
05:04:31.0432 8760 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS
05:04:31.0434 8760 SymIRON - ok
05:04:31.0449 8760 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS
05:04:31.0453 8760 SymNetS - ok
05:04:31.0455 8760 Synth3dVsc - ok
05:04:31.0502 8760 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
05:04:31.0516 8760 SysMain - ok
05:04:31.0540 8760 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
05:04:31.0543 8760 TabletInputService - ok
05:04:31.0553 8760 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
05:04:31.0557 8760 TapiSrv - ok
05:04:31.0565 8760 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
05:04:31.0567 8760 TBS - ok
05:04:31.0621 8760 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
05:04:31.0637 8760 Tcpip - ok
05:04:31.0709 8760 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
05:04:31.0718 8760 TCPIP6 - ok
05:04:31.0744 8760 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
05:04:31.0745 8760 tcpipreg - ok
05:04:31.0749 8760 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:04:31.0750 8760 TDPIPE - ok
05:04:31.0752 8760 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
05:04:31.0753 8760 TDTCP - ok
05:04:31.0758 8760 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
05:04:31.0760 8760 tdx - ok
05:04:31.0763 8760 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
05:04:31.0765 8760 TermDD - ok
05:04:31.0784 8760 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
05:04:31.0790 8760 TermService - ok
05:04:31.0794 8760 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
05:04:31.0796 8760 Themes - ok
05:04:31.0799 8760 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:04:31.0800 8760 THREADORDER - ok
05:04:31.0806 8760 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
05:04:31.0809 8760 TrkWks - ok
05:04:31.0816 8760 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
05:04:31.0817 8760 TrustedInstaller - ok
05:04:31.0821 8760 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:04:31.0823 8760 tssecsrv - ok
05:04:31.0826 8760 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
05:04:31.0828 8760 TsUsbFlt - ok
05:04:31.0829 8760 tsusbhub - ok
05:04:31.0835 8760 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
05:04:31.0837 8760 tunnel - ok
05:04:31.0841 8760 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:04:31.0842 8760 uagp35 - ok
05:04:31.0852 8760 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
05:04:31.0856 8760 udfs - ok
05:04:31.0862 8760 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
05:04:31.0864 8760 UI0Detect - ok
05:04:31.0867 8760 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
05:04:31.0869 8760 uliagpkx - ok
05:04:31.0872 8760 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
05:04:31.0874 8760 umbus - ok
05:04:31.0876 8760 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:04:31.0877 8760 UmPass - ok
05:04:31.0884 8760 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
05:04:31.0887 8760 UmRdpService - ok
05:04:31.0897 8760 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
05:04:31.0901 8760 upnphost - ok
05:04:31.0906 8760 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
05:04:31.0908 8760 USBAAPL64 - ok
05:04:31.0912 8760 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
05:04:31.0913 8760 usbccgp - ok
05:04:31.0918 8760 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
05:04:31.0920 8760 usbcir - ok
05:04:31.0923 8760 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
05:04:31.0924 8760 usbehci - ok
05:04:31.0934 8760 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
05:04:31.0938 8760 usbhub - ok
05:04:31.0940 8760 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
05:04:31.0942 8760 usbohci - ok
05:04:31.0944 8760 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:04:31.0945 8760 usbprint - ok
05:04:31.0948 8760 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
05:04:31.0950 8760 usbscan - ok
05:04:31.0954 8760 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:04:31.0955 8760 USBSTOR - ok
05:04:31.0958 8760 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
05:04:31.0959 8760 usbuhci - ok
05:04:31.0962 8760 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
05:04:31.0963 8760 UxSms - ok
05:04:31.0966 8760 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:04:31.0967 8760 VaultSvc - ok
05:04:31.0970 8760 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
05:04:31.0972 8760 vdrvroot - ok
05:04:31.0986 8760 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
05:04:31.0992 8760 vds - ok
05:04:31.0995 8760 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:04:31.0996 8760 vga - ok
05:04:31.0998 8760 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:04:31.0999 8760 VgaSave - ok
05:04:32.0001 8760 VGPU - ok
05:04:32.0009 8760 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
05:04:32.0011 8760 vhdmp - ok
05:04:32.0014 8760 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
05:04:32.0015 8760 viaide - ok
05:04:32.0022 8760 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
05:04:32.0025 8760 vmbus - ok
05:04:32.0027 8760 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
05:04:32.0029 8760 VMBusHID - ok
05:04:32.0032 8760 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
05:04:32.0034 8760 volmgr - ok
05:04:32.0045 8760 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
05:04:32.0047 8760 volmgrx - ok
05:04:32.0057 8760 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
05:04:32.0060 8760 volsnap - ok
05:04:32.0067 8760 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:04:32.0069 8760 vsmraid - ok
05:04:32.0112 8760 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
05:04:32.0127 8760 VSS - ok
05:04:32.0151 8760 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
05:04:32.0153 8760 vwifibus - ok
05:04:32.0165 8760 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
05:04:32.0170 8760 W32Time - ok
05:04:32.0175 8760 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:04:32.0177 8760 WacomPen - ok
05:04:32.0182 8760 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:04:32.0183 8760 WANARP - ok
05:04:32.0186 8760 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:04:32.0186 8760 Wanarpv6 - ok
05:04:32.0224 8760 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
05:04:32.0236 8760 WatAdminSvc - ok
05:04:32.0278 8760 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
05:04:32.0293 8760 wbengine - ok
05:04:32.0320 8760 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
05:04:32.0323 8760 WbioSrvc - ok
05:04:32.0334 8760 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
05:04:32.0338 8760 wcncsvc - ok
05:04:32.0341 8760 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
05:04:32.0343 8760 WcsPlugInService - ok
05:04:32.0348 8760 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:04:32.0349 8760 Wd - ok
05:04:32.0366 8760 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:04:32.0372 8760 Wdf01000 - ok
05:04:32.0376 8760 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:04:32.0378 8760 WdiServiceHost - ok
05:04:32.0380 8760 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:04:32.0381 8760 WdiSystemHost - ok
05:04:32.0390 8760 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
05:04:32.0393 8760 WebClient - ok
05:04:32.0400 8760 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
05:04:32.0403 8760 Wecsvc - ok
05:04:32.0407 8760 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
05:04:32.0410 8760 wercplsupport - ok
05:04:32.0413 8760 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
05:04:32.0415 8760 WerSvc - ok
05:04:32.0420 8760 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:04:32.0421 8760 WfpLwf - ok
05:04:32.0424 8760 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:04:32.0425 8760 WIMMount - ok
05:04:32.0428 8760 WinHttpAutoProxySvc - ok
05:04:32.0439 8760 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
05:04:32.0442 8760 Winmgmt - ok
05:04:32.0496 8760 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
05:04:32.0516 8760 WinRM - ok
05:04:32.0545 8760 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
05:04:32.0547 8760 WinUsb - ok
05:04:32.0578 8760 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
05:04:32.0588 8760 Wlansvc - ok
05:04:32.0653 8760 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:04:32.0677 8760 wlidsvc - ok
05:04:32.0703 8760 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
05:04:32.0703 8760 WmiAcpi - ok
05:04:32.0716 8760 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
05:04:32.0720 8760 wmiApSrv - ok
05:04:32.0724 8760 WMPNetworkSvc - ok
05:04:32.0729 8760 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
05:04:32.0731 8760 WPCSvc - ok
05:04:32.0737 8760 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
05:04:32.0741 8760 WPDBusEnum - ok
05:04:32.0744 8760 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:04:32.0746 8760 ws2ifsl - ok
05:04:32.0748 8760 WSearch - ok
05:04:32.0821 8760 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
05:04:32.0847 8760 wuauserv - ok
05:04:32.0875 8760 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
05:04:32.0877 8760 WudfPf - ok
05:04:32.0885 8760 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:04:32.0888 8760 WUDFRd - ok
05:04:32.0894 8760 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
05:04:32.0897 8760 wudfsvc - ok
05:04:32.0905 8760 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
05:04:32.0908 8760 WwanSvc - ok
05:04:32.0919 8760 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
05:04:32.0922 8760 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
05:04:32.0924 8760 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk4\DR4
05:04:33.0014 8760 \Device\Harddisk4\DR4 - ok
05:04:33.0017 8760 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
05:04:33.0090 8760 \Device\Harddisk0\DR0 - ok
05:04:33.0093 8760 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
05:04:33.0127 8760 \Device\Harddisk1\DR1 - ok
05:04:33.0130 8760 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk2\DR2
05:04:33.0192 8760 \Device\Harddisk2\DR2 - ok
05:04:33.0213 8760 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
05:04:33.0273 8760 \Device\Harddisk3\DR3 - ok
05:04:33.0277 8760 Boot (0x1200) (8755fa67e65c14878963f41cb3e6cc6c) \Device\Harddisk4\DR4\Partition0
05:04:33.0278 8760 \Device\Harddisk4\DR4\Partition0 - ok
05:04:33.0281 8760 Boot (0x1200) (e0adbda6e6e84c9ff3d49f5dd34f2295) \Device\Harddisk4\DR4\Partition1
05:04:33.0282 8760 \Device\Harddisk4\DR4\Partition1 - ok
05:04:33.0285 8760 Boot (0x1200) (b6426dbd97e581802467cbf3bada1669) \Device\Harddisk0\DR0\Partition0
05:04:33.0286 8760 \Device\Harddisk0\DR0\Partition0 - ok
05:04:33.0289 8760 Boot (0x1200) (b2967ef1d629ab849fff4e6eb27fe1d9) \Device\Harddisk1\DR1\Partition0
05:04:33.0291 8760 \Device\Harddisk1\DR1\Partition0 - ok
05:04:33.0294 8760 Boot (0x1200) (b5b10595b6f53b8d2103dfa378bc0216) \Device\Harddisk2\DR2\Partition0
05:04:33.0294 8760 \Device\Harddisk2\DR2\Partition0 - ok
05:04:33.0298 8760 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk3\DR3\Partition0
05:04:33.0298 8760 \Device\Harddisk3\DR3\Partition0 - ok
05:04:33.0320 8760 Boot (0x1200) (270658c0ff3dfc52346d409058ac59e9) \Device\Harddisk3\DR3\Partition1
05:04:33.0321 8760 \Device\Harddisk3\DR3\Partition1 - ok
05:04:33.0322 8760 ============================================================
05:04:33.0322 8760 Scan finished
05:04:33.0322 8760 ============================================================
05:04:33.0332 6492 Detected object count: 0
05:04:33.0332 6492 Actual detected object count: 0
05:05:38.0094 8748 ============================================================
05:05:38.0094 8748 Scan started
05:05:38.0094 8748 Mode: Manual; TDLFS;
05:05:38.0094 8748 ============================================================
05:05:38.0423 8748 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
05:05:38.0424 8748 1394ohci - ok
05:05:38.0434 8748 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
05:05:38.0435 8748 ACPI - ok
05:05:38.0437 8748 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
05:05:38.0438 8748 AcpiPmi - ok
05:05:38.0452 8748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:05:38.0454 8748 adp94xx - ok
05:05:38.0464 8748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:05:38.0466 8748 adpahci - ok
05:05:38.0472 8748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:05:38.0473 8748 adpu320 - ok
05:05:38.0477 8748 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
05:05:38.0478 8748 AeLookupSvc - ok
05:05:38.0492 8748 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
05:05:38.0494 8748 AFD - ok
05:05:38.0498 8748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
05:05:38.0498 8748 agp440 - ok
05:05:38.0502 8748 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
05:05:38.0502 8748 ALG - ok
05:05:38.0504 8748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
05:05:38.0504 8748 aliide - ok
05:05:38.0506 8748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
05:05:38.0507 8748 amdide - ok
05:05:38.0511 8748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:05:38.0511 8748 AmdK8 - ok
05:05:38.0514 8748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:05:38.0514 8748 AmdPPM - ok
05:05:38.0518 8748 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
05:05:38.0519 8748 amdsata - ok
05:05:38.0525 8748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:05:38.0526 8748 amdsbs - ok
05:05:38.0529 8748 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
05:05:38.0529 8748 amdxata - ok
05:05:38.0535 8748 AnyDVD (a98662af1f4fe95e0b1daf75b98cfae3) C:\Windows\system32\Drivers\AnyDVD.sys
05:05:38.0535 8748 AnyDVD - ok
05:05:38.0538 8748 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
05:05:38.0539 8748 AppID - ok
05:05:38.0541 8748 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
05:05:38.0542 8748 AppIDSvc - ok
05:05:38.0545 8748 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
05:05:38.0546 8748 Appinfo - ok
05:05:38.0551 8748 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:05:38.0551 8748 Apple Mobile Device - ok
05:05:38.0554 8748 AppleCharger (a632d9ea15f37d2605a7fcaf3892ec96) C:\Windows\system32\DRIVERS\AppleCharger.sys
05:05:38.0554 8748 AppleCharger - ok
05:05:38.0556 8748 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
05:05:38.0557 8748 AppleChargerSrv - ok
05:05:38.0563 8748 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
05:05:38.0564 8748 AppMgmt - ok
05:05:38.0568 8748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:05:38.0568 8748 arc - ok
05:05:38.0572 8748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:05:38.0573 8748 arcsas - ok
05:05:38.0583 8748 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:05:38.0583 8748 aspnet_state - ok
05:05:38.0585 8748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:05:38.0586 8748 AsyncMac - ok
05:05:38.0588 8748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
05:05:38.0588 8748 atapi - ok
05:05:38.0609 8748 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
05:05:38.0612 8748 AudioEndpointBuilder - ok
05:05:38.0616 8748 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
05:05:38.0619 8748 AudioSrv - ok
05:05:38.0623 8748 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
05:05:38.0624 8748 Autodesk Content Service - ok
05:05:38.0629 8748 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
05:05:38.0629 8748 AxInstSV - ok
05:05:38.0642 8748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:05:38.0645 8748 b06bdrv - ok
05:05:38.0653 8748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:05:38.0655 8748 b57nd60a - ok
05:05:38.0663 8748 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
05:05:38.0664 8748 BCUService - ok
05:05:38.0669 8748 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
05:05:38.0670 8748 BDESVC - ok
05:05:38.0672 8748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:05:38.0672 8748 Beep - ok
05:05:38.0706 8748 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
05:05:38.0712 8748 BHDrvx64 - ok
05:05:38.0736 8748 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
05:05:38.0740 8748 BITS - ok
05:05:38.0746 8748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:05:38.0747 8748 blbdrive - ok
05:05:38.0761 8748 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
05:05:38.0763 8748 Bonjour Service - ok
05:05:38.0767 8748 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
05:05:38.0768 8748 bowser - ok
05:05:38.0770 8748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:05:38.0771 8748 BrFiltLo - ok
05:05:38.0773 8748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:05:38.0773 8748 BrFiltUp - ok
05:05:38.0779 8748 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
05:05:38.0780 8748 Browser - ok
05:05:38.0788 8748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:05:38.0790 8748 Brserid - ok
05:05:38.0793 8748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:05:38.0793 8748 BrSerWdm - ok
05:05:38.0795 8748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:05:38.0795 8748 BrUsbMdm - ok
05:05:38.0798 8748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:05:38.0798 8748 BrUsbSer - ok
05:05:38.0802 8748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:05:38.0802 8748 BTHMODEM - ok
05:05:38.0808 8748 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
05:05:38.0808 8748 bthserv - ok
05:05:38.0817 8748 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys
05:05:38.0818 8748 ccSet_NIS - ok
05:05:38.0822 8748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:05:38.0822 8748 cdfs - ok
05:05:38.0829 8748 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
05:05:38.0829 8748 cdrom - ok
05:05:38.0833 8748 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
05:05:38.0834 8748 CertPropSvc - ok
05:05:38.0837 8748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:05:38.0837 8748 circlass - ok
05:05:38.0848 8748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:05:38.0849 8748 CLFS - ok
05:05:38.0856 8748 CLHNServiceForPowerDVD12 (4c6406cf07d4ebb70c5774d55c6688fb) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
05:05:38.0857 8748 CLHNServiceForPowerDVD12 - ok
05:05:38.0862 8748 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:05:38.0863 8748 clr_optimization_v2.0.50727_32 - ok
05:05:38.0868 8748 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:05:38.0869 8748 clr_optimization_v2.0.50727_64 - ok
05:05:38.0877 8748 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:05:38.0878 8748 clr_optimization_v4.0.30319_32 - ok
05:05:38.0886 8748 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:05:38.0887 8748 clr_optimization_v4.0.30319_64 - ok
05:05:38.0891 8748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:05:38.0892 8748 CmBatt - ok
05:05:38.0894 8748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
05:05:38.0894 8748 cmdide - ok
05:05:38.0907 8748 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
05:05:38.0909 8748 CNG - ok
05:05:38.0911 8748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:05:38.0912 8748 Compbatt - ok
05:05:38.0914 8748 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
05:05:38.0915 8748 CompositeBus - ok
05:05:38.0916 8748 COMSysApp - ok
05:05:38.0941 8748 cpuz134 - ok
05:05:38.0944 8748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:05:38.0944 8748 crcdisk - ok
05:05:38.0951 8748 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
05:05:38.0952 8748 CryptSvc - ok
05:05:38.0967 8748 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
05:05:38.0969 8748 CSC - ok
05:05:38.0987 8748 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
05:05:38.0990 8748 CscService - ok
05:05:38.0998 8748 CyberLink PowerDVD 12 Media Server Monitor Service (ea22bca708b37b82adebc822a171b92e) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
05:05:38.0999 8748 CyberLink PowerDVD 12 Media Server Monitor Service - ok
05:05:39.0008 8748 CyberLink PowerDVD 12 Media Server Service (3168d2f171a64590e7a11355cae60a1e) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
05:05:39.0009 8748 CyberLink PowerDVD 12 Media Server Service - ok
05:05:39.0015 8748 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
05:05:39.0015 8748 dc3d - ok
05:05:39.0031 8748 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
05:05:39.0034 8748 DcomLaunch - ok
05:05:39.0043 8748 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
05:05:39.0045 8748 defragsvc - ok
05:05:39.0049 8748 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
05:05:39.0050 8748 DfsC - ok
05:05:39.0059 8748 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
05:05:39.0061 8748 Dhcp - ok
05:05:39.0064 8748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:05:39.0064 8748 discache - ok
05:05:39.0068 8748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:05:39.0068 8748 Disk - ok
05:05:39.0074 8748 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
05:05:39.0076 8748 Dnscache - ok
05:05:39.0084 8748 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
05:05:39.0085 8748 dot3svc - ok
05:05:39.0090 8748 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
05:05:39.0091 8748 Dot4 - ok
05:05:39.0093 8748 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
05:05:39.0093 8748 Dot4Print - ok
05:05:39.0096 8748 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
05:05:39.0097 8748 dot4usb - ok
05:05:39.0102 8748 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
05:05:39.0103 8748 DPS - ok
05:05:39.0105 8748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:05:39.0106 8748 drmkaud - ok
05:05:39.0115 8748 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
05:05:39.0116 8748 dtsoftbus01 - ok
05:05:39.0142 8748 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
05:05:39.0146 8748 DXGKrnl - ok
05:05:39.0150 8748 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
05:05:39.0151 8748 EapHost - ok
05:05:39.0237 8748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:05:39.0256 8748 ebdrv - ok
05:05:39.0273 8748 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
05:05:39.0276 8748 eeCtrl - ok
05:05:39.0299 8748 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
05:05:39.0300 8748 EFS - ok
05:05:39.0321 8748 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
05:05:39.0325 8748 ehRecvr - ok
05:05:39.0331 8748 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
05:05:39.0332 8748 ehSched - ok
05:05:39.0337 8748 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
05:05:39.0338 8748 ElbyCDIO - ok
05:05:39.0355 8748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:05:39.0358 8748 elxstor - ok
05:05:39.0368 8748 EraserSvc11210 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
05:05:39.0369 8748 EraserSvc11210 - ok
05:05:39.0377 8748 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:05:39.0378 8748 EraserUtilRebootDrv - ok
05:05:39.0380 8748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
05:05:39.0381 8748 ErrDev - ok
05:05:39.0398 8748 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
05:05:39.0400 8748 EventSystem - ok
05:05:39.0408 8748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:05:39.0409 8748 exfat - ok
05:05:39.0417 8748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:05:39.0418 8748 fastfat - ok
05:05:39.0439 8748 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
05:05:39.0444 8748 Fax - ok
05:05:39.0447 8748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:05:39.0448 8748 fdc - ok
05:05:39.0451 8748 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
05:05:39.0451 8748 fdPHost - ok
05:05:39.0454 8748 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
05:05:39.0455 8748 FDResPub - ok
05:05:39.0459 8748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:05:39.0460 8748 FileInfo - ok
05:05:39.0463 8748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:05:39.0463 8748 Filetrace - ok
05:05:39.0504 8748 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
05:05:39.0511 8748 FLEXnet Licensing Service 64 - ok
05:05:39.0535 8748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:05:39.0536 8748 flpydisk - ok
05:05:39.0546 8748 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
05:05:39.0548 8748 FltMgr - ok
05:05:39.0580 8748 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
05:05:39.0586 8748 FontCache - ok
05:05:39.0591 8748 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:05:39.0591 8748 FontCache3.0.0.0 - ok
05:05:39.0597 8748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:05:39.0598 8748 FsDepends - ok
05:05:39.0601 8748 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
05:05:39.0601 8748 Fs_Rec - ok
05:05:39.0608 8748 Futuremark SystemInfo Service (bd8b74da98783bcdb410461e65868a60) C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
05:05:39.0609 8748 Futuremark SystemInfo Service - ok
05:05:39.0617 8748 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:05:39.0619 8748 fvevol - ok
05:05:39.0622 8748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:05:39.0623 8748 gagp30kx - ok
05:05:39.0625 8748 gdrv - ok
05:05:39.0629 8748 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:05:39.0630 8748 GEARAspiWDM - ok
05:05:39.0652 8748 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
05:05:39.0657 8748 gpsvc - ok
05:05:39.0660 8748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:05:39.0660 8748 hcw85cir - ok
05:05:39.0672 8748 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
05:05:39.0674 8748 HdAudAddService - ok
05:05:39.0680 8748 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
05:05:39.0681 8748 HDAudBus - ok
05:05:39.0684 8748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:05:39.0684 8748 HidBatt - ok
05:05:39.0689 8748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:05:39.0690 8748 HidBth - ok
05:05:39.0693 8748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:05:39.0694 8748 HidIr - ok
05:05:39.0697 8748 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
05:05:39.0698 8748 hidserv - ok
05:05:39.0701 8748 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
05:05:39.0701 8748 HidUsb - ok
05:05:39.0706 8748 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
05:05:39.0707 8748 hkmsvc - ok
05:05:39.0714 8748 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
05:05:39.0716 8748 HomeGroupListener - ok
05:05:39.0722 8748 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
05:05:39.0723 8748 HomeGroupProvider - ok
05:05:39.0734 8748 hpqcxs08 (97aac45a375168c6a2297beeb9692e31) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
05:05:39.0736 8748 hpqcxs08 - ok
05:05:39.0740 8748 hpqddsvc (19a4fb67b1c97ea18edff44340973cd9) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
05:05:39.0741 8748 hpqddsvc - ok
05:05:39.0745 8748 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
05:05:39.0745 8748 HpSAMD - ok
05:05:39.0765 8748 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
05:05:39.0768 8748 HTTP - ok
05:05:39.0770 8748 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
05:05:39.0771 8748 hwpolicy - ok
05:05:39.0775 8748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
05:05:39.0775 8748 i8042prt - ok
05:05:39.0787 8748 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
05:05:39.0789 8748 iaStorV - ok
05:05:39.0812 8748 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:05:39.0815 8748 idsvc - ok
05:05:39.0833 8748 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120810.001\IDSvia64.sys
05:05:39.0835 8748 IDSVia64 - ok
05:05:39.0858 8748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:05:39.0859 8748 iirsp - ok
05:05:39.0882 8748 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
05:05:39.0886 8748 IKEEXT - ok
05:05:39.0948 8748 IntcAzAudAddService (163f94ebf8f8a98616a6b804af08d736) C:\Windows\system32\drivers\RTKVHD64.sys
05:05:39.0960 8748 IntcAzAudAddService - ok
05:05:39.0984 8748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
05:05:39.0985 8748 intelide - ok
05:05:39.0989 8748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:05:39.0989 8748 intelppm - ok
05:05:39.0994 8748 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
05:05:39.0995 8748 IPBusEnum - ok
05:05:39.0999 8748 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:05:40.0000 8748 IpFilterDriver - ok
05:05:40.0004 8748 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
05:05:40.0005 8748 IPMIDRV - ok
05:05:40.0010 8748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:05:40.0011 8748 IPNAT - ok
05:05:40.0038 8748 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
05:05:40.0043 8748 iPod Service - ok
05:05:40.0046 8748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:05:40.0046 8748 IRENUM - ok
05:05:40.0049 8748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
05:05:40.0050 8748 isapnp - ok
05:05:40.0060 8748 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
05:05:40.0061 8748 iScsiPrt - ok
05:05:40.0086 8748 JMB36X (f3a41ec4c6506e76e07a219b3a1df8d2) C:\Windows\SysWOW64\XSrvSetup.exe
05:05:40.0087 8748 JMB36X - ok
05:05:40.0092 8748 JRAID (1c368c1a2733dcc5b8e15420aa2b0f6d) C:\Windows\system32\DRIVERS\jraid.sys
05:05:40.0092 8748 JRAID - ok
05:05:40.0095 8748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
05:05:40.0096 8748 kbdclass - ok
05:05:40.0098 8748 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
05:05:40.0098 8748 kbdhid - ok
05:05:40.0101 8748 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:05:40.0101 8748 KeyIso - ok
05:05:40.0103 8748 KMService - ok
05:05:40.0108 8748 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
05:05:40.0108 8748 KSecDD - ok
05:05:40.0114 8748 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
05:05:40.0114 8748 KSecPkg - ok
05:05:40.0117 8748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:05:40.0117 8748 ksthunk - ok
05:05:40.0127 8748 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
05:05:40.0129 8748 KtmRm - ok
05:05:40.0137 8748 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
05:05:40.0138 8748 LanmanServer - ok
05:05:40.0143 8748 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
05:05:40.0144 8748 LanmanWorkstation - ok
05:05:40.0148 8748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:05:40.0149 8748 lltdio - ok
05:05:40.0158 8748 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
05:05:40.0160 8748 lltdsvc - ok
05:05:40.0162 8748 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
05:05:40.0162 8748 lmhosts - ok
05:05:40.0175 8748 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
05:05:40.0176 8748 LMIGuardianSvc - ok
05:05:40.0178 8748 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
05:05:40.0179 8748 LMIInfo - ok
05:05:40.0184 8748 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
05:05:40.0185 8748 LMIMaint - ok
05:05:40.0187 8748 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
05:05:40.0187 8748 lmimirr - ok
05:05:40.0189 8748 LMIRfsClientNP - ok
05:05:40.0193 8748 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
05:05:40.0193 8748 LMIRfsDriver - ok
05:05:40.0205 8748 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
05:05:40.0206 8748 LogMeIn - ok
05:05:40.0212 8748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:05:40.0213 8748 LSI_FC - ok
05:05:40.0217 8748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:05:40.0218 8748 LSI_SAS - ok
05:05:40.0221 8748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:05:40.0221 8748 LSI_SAS2 - ok
05:05:40.0225 8748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:05:40.0226 8748 LSI_SCSI - ok
05:05:40.0230 8748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:05:40.0231 8748 luafv - ok
05:05:40.0234 8748 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
05:05:40.0235 8748 Mcx2Svc - ok
05:05:40.0238 8748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:05:40.0238 8748 megasas - ok
05:05:40.0246 8748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:05:40.0248 8748 MegaSR - ok
05:05:40.0252 8748 Microsoft SharePoint Workspace Audit Service - ok
05:05:40.0256 8748 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:05:40.0257 8748 MMCSS - ok
05:05:40.0260 8748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:05:40.0260 8748 Modem - ok
05:05:40.0262 8748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:05:40.0263 8748 monitor - ok
05:05:40.0266 8748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:05:40.0266 8748 mouclass - ok
05:05:40.0268 8748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:05:40.0269 8748 mouhid - ok
05:05:40.0272 8748 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
05:05:40.0273 8748 mountmgr - ok
05:05:40.0278 8748 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
05:05:40.0279 8748 mpio - ok
05:05:40.0283 8748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:05:40.0283 8748 mpsdrv - ok
05:05:40.0289 8748 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
05:05:40.0290 8748 MRxDAV - ok
05:05:40.0296 8748 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:05:40.0297 8748 mrxsmb - ok
05:05:40.0305 8748 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:05:40.0306 8748 mrxsmb10 - ok
05:05:40.0311 8748 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:05:40.0312 8748 mrxsmb20 - ok
05:05:40.0315 8748 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
05:05:40.0315 8748 msahci - ok
05:05:40.0320 8748 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
05:05:40.0320 8748 msdsm - ok
05:05:40.0326 8748 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
05:05:40.0327 8748 MSDTC - ok
05:05:40.0333 8748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:05:40.0333 8748 Msfs - ok
05:05:40.0335 8748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:05:40.0335 8748 mshidkmdf - ok
05:05:40.0338 8748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
05:05:40.0338 8748 msisadrv - ok
05:05:40.0344 8748 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
05:05:40.0345 8748 MSiSCSI - ok
05:05:40.0346 8748 msiserver - ok
05:05:40.0349 8748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:05:40.0350 8748 MSKSSRV - ok
05:05:40.0351 8748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:05:40.0352 8748 MSPCLOCK - ok
05:05:40.0354 8748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:05:40.0354 8748 MSPQM - ok
05:05:40.0365 8748 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
05:05:40.0367 8748 MsRPC - ok
05:05:40.0371 8748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
05:05:40.0371 8748 mssmbios - ok
05:05:40.0373 8748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:05:40.0373 8748 MSTEE - ok
05:05:40.0485 8748 msvsmon90 (cb4a082af58d1a0969f931816d5cfb05) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
05:05:40.0505 8748 msvsmon90 - ok
05:05:40.0529 8748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:05:40.0529 8748 MTConfig - ok
05:05:40.0532 8748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:05:40.0533 8748 Mup - ok
05:05:40.0546 8748 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
05:05:40.0549 8748 napagent - ok
05:05:40.0559 8748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:05:40.0560 8748 NativeWifiP - ok
05:05:40.0569 8748 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120810.035\ENG64.SYS
05:05:40.0570 8748 NAVENG - ok
05:05:40.0624 8748 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120810.035\EX64.SYS
05:05:40.0634 8748 NAVEX15 - ok
05:05:40.0683 8748 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
05:05:40.0689 8748 NDIS - ok
05:05:40.0693 8748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:05:40.0694 8748 NdisCap - ok
05:05:40.0697 8748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:05:40.0697 8748 NdisTapi - ok
05:05:40.0702 8748 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
05:05:40.0702 8748 Ndisuio - ok
05:05:40.0709 8748 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
05:05:40.0711 8748 NdisWan - ok
05:05:40.0715 8748 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
05:05:40.0716 8748 NDProxy - ok
05:05:40.0719 8748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:05:40.0720 8748 NetBIOS - ok
05:05:40.0729 8748 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
05:05:40.0731 8748 NetBT - ok
05:05:40.0734 8748 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:05:40.0735 8748 Netlogon - ok
05:05:40.0747 8748 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
05:05:40.0749 8748 Netman - ok
05:05:40.0760 8748 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:05:40.0761 8748 NetMsmqActivator - ok
05:05:40.0764 8748 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:05:40.0765 8748 NetPipeActivator - ok
05:05:40.0779 8748 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
05:05:40.0782 8748 netprofm - ok
05:05:40.0785 8748 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:05:40.0786 8748 NetTcpActivator - ok
05:05:40.0789 8748 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:05:40.0790 8748 NetTcpPortSharing - ok
05:05:40.0796 8748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:05:40.0797 8748 nfrd960 - ok
05:05:40.0807 8748 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
05:05:40.0808 8748 NIS - ok
05:05:40.0819 8748 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
05:05:40.0822 8748 NlaSvc - ok
05:05:40.0847 8748 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\SysWOW64\nlssrv32.exe
05:05:40.0848 8748 nlsX86cc - ok
05:05:40.0854 8748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:05:40.0854 8748 Npfs - ok
05:05:40.0858 8748 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
05:05:40.0859 8748 nsi - ok
05:05:40.0861 8748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:05:40.0862 8748 nsiproxy - ok
05:05:40.0910 8748 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
05:05:40.0919 8748 Ntfs - ok
05:05:40.0927 8748 ntk_PowerDVD12 (eaac965642ef5f818aed508cadf83e4b) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
05:05:40.0927 8748 ntk_PowerDVD12 - ok
05:05:40.0952 8748 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
05:05:40.0952 8748 NuidFltr - ok
05:05:40.0955 8748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:05:40.0955 8748 Null - ok
05:05:40.0960 8748 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
05:05:40.0961 8748 nusb3hub - ok
05:05:40.0968 8748 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
05:05:40.0969 8748 nusb3xhc - ok
05:05:40.0976 8748 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
05:05:40.0977 8748 NVHDA - ok
05:05:41.0350 8748 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:05:41.0404 8748 nvlddmkm - ok
05:05:41.0435 8748 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
05:05:41.0436 8748 nvraid - ok
05:05:41.0442 8748 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
05:05:41.0443 8748 nvstor - ok
05:05:41.0467 8748 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
05:05:41.0470 8748 nvsvc - ok
05:05:41.0506 8748 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:05:41.0511 8748 nvUpdatusService - ok
05:05:41.0537 8748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
05:05:41.0538 8748 nv_agp - ok
05:05:41.0542 8748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
05:05:41.0542 8748 ohci1394 - ok
05:05:41.0549 8748 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:05:41.0550 8748 ose64 - ok
05:05:41.0688 8748 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
05:05:41.0707 8748 osppsvc - ok
05:05:41.0737 8748 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:05:41.0739 8748 p2pimsvc - ok
05:05:41.0752 8748 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
05:05:41.0754 8748 p2psvc - ok
05:05:41.0762 8748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:05:41.0763 8748 Parport - ok
05:05:41.0766 8748 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
05:05:41.0767 8748 partmgr - ok
05:05:41.0773 8748 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
05:05:41.0775 8748 PcaSvc - ok
05:05:41.0782 8748 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
05:05:41.0783 8748 pci - ok
05:05:41.0786 8748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
05:05:41.0786 8748 pciide - ok
05:05:41.0794 8748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:05:41.0795 8748 pcmcia - ok
05:05:41.0798 8748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:05:41.0798 8748 pcw - ok
05:05:41.0816 8748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:05:41.0819 8748 PEAUTH - ok
05:05:41.0853 8748 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
05:05:41.0859 8748 PeerDistSvc - ok
05:05:41.0884 8748 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
05:05:41.0885 8748 PerfHost - ok
05:05:41.0942 8748 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
05:05:41.0949 8748 pla - ok
05:05:41.0962 8748 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
05:05:41.0964 8748 PlugPlay - ok
05:05:41.0967 8748 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
05:05:41.0968 8748 PNRPAutoReg - ok
05:05:41.0978 8748 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
05:05:41.0980 8748 PNRPsvc - ok
05:05:41.0986 8748 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
05:05:41.0986 8748 Point64 - ok
05:05:42.0001 8748 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
05:05:42.0003 8748 PolicyAgent - ok
05:05:42.0006 8748 PortTalk - ok
05:05:42.0013 8748 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
05:05:42.0015 8748 Power - ok
05:05:42.0020 8748 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
05:05:42.0020 8748 PptpMiniport - ok
05:05:42.0024 8748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:05:42.0024 8748 Processor - ok
05:05:42.0031 8748 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
05:05:42.0033 8748 ProfSvc - ok
05:05:42.0036 8748 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:05:42.0037 8748 ProtectedStorage - ok
05:05:42.0042 8748 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
05:05:42.0043 8748 Psched - ok
05:05:42.0051 8748 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
05:05:42.0052 8748 PSI_SVC_2 - ok
05:05:42.0063 8748 PSI_SVC_2_x64 (788cb65d49d1162c5ee6814afe5b0a70) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
05:05:42.0065 8748 PSI_SVC_2_x64 - ok
05:05:42.0068 8748 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
05:05:42.0069 8748 PxHlpa64 - ok
05:05:42.0109 8748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:05:42.0116 8748 ql2300 - ok
05:05:42.0143 8748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:05:42.0144 8748 ql40xx - ok
05:05:42.0152 8748 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
05:05:42.0154 8748 QWAVE - ok
05:05:42.0158 8748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:05:42.0158 8748 QWAVEdrv - ok
05:05:42.0160 8748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:05:42.0161 8748 RasAcd - ok
05:05:42.0165 8748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:05:42.0165 8748 RasAgileVpn - ok
05:05:42.0170 8748 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
05:05:42.0171 8748 RasAuto - ok
05:05:42.0176 8748 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:05:42.0177 8748 Rasl2tp - ok
05:05:42.0187 8748 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
05:05:42.0190 8748 RasMan - ok
05:05:42.0194 8748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:05:42.0195 8748 RasPppoe - ok
05:05:42.0199 8748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:05:42.0199 8748 RasSstp - ok
05:05:42.0209 8748 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
05:05:42.0211 8748 rdbss - ok
05:05:42.0213 8748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:05:42.0214 8748 rdpbus - ok
05:05:42.0216 8748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:05:42.0216 8748 RDPCDD - ok
05:05:42.0224 8748 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
05:05:42.0226 8748 RDPDR - ok
05:05:42.0228 8748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:05:42.0228 8748 RDPENCDD - ok
05:05:42.0232 8748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:05:42.0232 8748 RDPREFMP - ok
05:05:42.0237 8748 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
05:05:42.0237 8748 RdpVideoMiniport - ok
05:05:42.0245 8748 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
05:05:42.0246 8748 RDPWD - ok
05:05:42.0254 8748 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
05:05:42.0255 8748 rdyboost - ok
05:05:42.0257 8748 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
05:05:42.0258 8748 regi - ok
05:05:42.0281 8748 RemoteAccess - ok
05:05:42.0288 8748 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
05:05:42.0289 8748 RemoteRegistry - ok
05:05:42.0293 8748 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
05:05:42.0295 8748 RpcEptMapper - ok
05:05:42.0297 8748 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
05:05:42.0298 8748 RpcLocator - ok
05:05:42.0313 8748 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
05:05:42.0317 8748 RpcSs - ok
05:05:42.0323 8748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:05:42.0324 8748 rspndr - ok
05:05:42.0334 8748 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
05:05:42.0336 8748 RTL8167 - ok
05:05:42.0339 8748 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
05:05:42.0339 8748 s3cap - ok
05:05:42.0343 8748 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:05:42.0344 8748 SamSs - ok
05:05:42.0352 8748 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
05:05:42.0353 8748 sbp2port - ok
05:05:42.0360 8748 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
05:05:42.0362 8748 SCardSvr - ok
05:05:42.0365 8748 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
05:05:42.0365 8748 scfilter - ok
05:05:42.0395 8748 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
05:05:42.0401 8748 Schedule - ok
05:05:42.0406 8748 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
05:05:42.0407 8748 SCPolicySvc - ok
05:05:42.0414 8748 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
05:05:42.0416 8748 SDRSVC - ok
05:05:42.0425 8748 SeaPort (3e0cff5f0a9d23e327703d72cea5253f) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
05:05:42.0427 8748 SeaPort - ok
05:05:42.0432 8748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:05:42.0432 8748 secdrv - ok
05:05:42.0435 8748 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
05:05:42.0437 8748 seclogon - ok
05:05:42.0441 8748 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
05:05:42.0442 8748 SENS - ok
05:05:42.0445 8748 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
05:05:42.0446 8748 SensrSvc - ok
05:05:42.0448 8748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:05:42.0449 8748 Serenum - ok
05:05:42.0453 8748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:05:42.0454 8748 Serial - ok
05:05:42.0457 8748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:05:42.0457 8748 sermouse - ok
05:05:42.0466 8748 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
05:05:42.0468 8748 SessionEnv - ok
05:05:42.0471 8748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
05:05:42.0471 8748 sffdisk - ok
05:05:42.0474 8748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
05:05:42.0474 8748 sffp_mmc - ok
05:05:42.0477 8748 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
05:05:42.0477 8748 sffp_sd - ok
05:05:42.0480 8748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:05:42.0480 8748 sfloppy - ok
05:05:42.0494 8748 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
05:05:42.0497 8748 ShellHWDetection - ok
05:05:42.0500 8748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:05:42.0500 8748 SiSRaid2 - ok
05:05:42.0504 8748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:05:42.0504 8748 SiSRaid4 - ok
05:05:42.0508 8748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:05:42.0508 8748 Smb - ok
05:05:42.0513 8748 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
05:05:42.0514 8748 SNMPTRAP - ok
05:05:42.0516 8748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:05:42.0516 8748 spldr - ok
05:05:42.0532 8748 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
05:05:42.0535 8748 Spooler - ok
05:05:42.0635 8748 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
05:05:42.0654 8748 sppsvc - ok
05:05:42.0678 8748 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
05:05:42.0679 8748 sppuinotify - ok
05:05:42.0702 8748 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS
05:05:42.0705 8748 SRTSP - ok
05:05:42.0708 8748 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS
05:05:42.0709 8748 SRTSPX - ok
05:05:42.0723 8748 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
05:05:42.0725 8748 srv - ok
05:05:42.0737 8748 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
05:05:42.0739 8748 srv2 - ok
05:05:42.0745 8748 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
05:05:42.0746 8748 srvnet - ok
05:05:42.0753 8748 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
05:05:42.0755 8748 SSDPSRV - ok
05:05:42.0759 8748 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
05:05:42.0760 8748 SstpSvc - ok
05:05:42.0774 8748 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:05:42.0775 8748 Stereo Service - ok
05:05:42.0778 8748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:05:42.0779 8748 stexstor - ok
05:05:42.0795 8748 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
05:05:42.0798 8748 stisvc - ok
05:05:42.0802 8748 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
05:05:42.0803 8748 storflt - ok
05:05:42.0806 8748 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
05:05:42.0806 8748 storvsc - ok
05:05:42.0809 8748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
05:05:42.0809 8748 swenum - ok
05:05:42.0824 8748 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
05:05:42.0827 8748 swprv - ok
05:05:42.0842 8748 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS
05:05:42.0844 8748 SymDS - ok
05:05:42.0872 8748 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS
05:05:42.0877 8748 SymEFA - ok
05:05:42.0884 8748 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
05:05:42.0885 8748 SymEvent - ok
05:05:42.0892 8748 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS
05:05:42.0893 8748 SymIRON - ok
05:05:42.0906 8748 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS
05:05:42.0907 8748 SymNetS - ok
05:05:42.0909 8748 Synth3dVsc - ok
05:05:42.0957 8748 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
05:05:42.0965 8748 SysMain - ok
05:05:42.0989 8748 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
05:05:42.0991 8748 TabletInputService - ok
05:05:43.0001 8748 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
05:05:43.0003 8748 TapiSrv - ok
05:05:43.0006 8748 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
05:05:43.0007 8748 TBS - ok
05:05:43.0059 8748 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
05:05:43.0067 8748 Tcpip - ok
05:05:43.0141 8748 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
05:05:43.0153 8748 TCPIP6 - ok
05:05:43.0182 8748 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
05:05:43.0182 8748 tcpipreg - ok
05:05:43.0185 8748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:05:43.0186 8748 TDPIPE - ok
05:05:43.0188 8748 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
05:05:43.0189 8748 TDTCP - ok
05:05:43.0193 8748 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
05:05:43.0194 8748 tdx - ok
05:05:43.0198 8748 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
05:05:43.0198 8748 TermDD - ok
05:05:43.0217 8748 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
05:05:43.0220 8748 TermService - ok
05:05:43.0223 8748 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
05:05:43.0224 8748 Themes - ok
05:05:43.0228 8748 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
05:05:43.0229 8748 THREADORDER - ok
05:05:43.0234 8748 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
05:05:43.0236 8748 TrkWks - ok
05:05:43.0243 8748 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
05:05:43.0243 8748 TrustedInstaller - ok
05:05:43.0247 8748 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:05:43.0248 8748 tssecsrv - ok
05:05:43.0251 8748 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
05:05:43.0252 8748 TsUsbFlt - ok
05:05:43.0253 8748 tsusbhub - ok
05:05:43.0259 8748 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
05:05:43.0259 8748 tunnel - ok
05:05:43.0263 8748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:05:43.0263 8748 uagp35 - ok
05:05:43.0273 8748 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
05:05:43.0275 8748 udfs - ok
05:05:43.0280 8748 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
05:05:43.0281 8748 UI0Detect - ok
05:05:43.0284 8748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
05:05:43.0285 8748 uliagpkx - ok
05:05:43.0288 8748 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
05:05:43.0288 8748 umbus - ok
05:05:43.0290 8748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:05:43.0290 8748 UmPass - ok
05:05:43.0298 8748 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
05:05:43.0299 8748 UmRdpService - ok
05:05:43.0310 8748 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
05:05:43.0312 8748 upnphost - ok
05:05:43.0316 8748 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
05:05:43.0317 8748 USBAAPL64 - ok
05:05:43.0321 8748 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
05:05:43.0322 8748 usbccgp - ok
05:05:43.0326 8748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
05:05:43.0326 8748 usbcir - ok
05:05:43.0329 8748 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
05:05:43.0330 8748 usbehci - ok
05:05:43.0340 8748 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
05:05:43.0341 8748 usbhub - ok
05:05:43.0344 8748 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
05:05:43.0344 8748 usbohci - ok
05:05:43.0347 8748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:05:43.0347 8748 usbprint - ok
05:05:43.0350 8748 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
05:05:43.0351 8748 usbscan - ok
05:05:43.0355 8748 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:05:43.0355 8748 USBSTOR - ok
05:05:43.0358 8748 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
05:05:43.0358 8748 usbuhci - ok
05:05:43.0361 8748 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
05:05:43.0362 8748 UxSms - ok
05:05:43.0365 8748 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
05:05:43.0366 8748 VaultSvc - ok
05:05:43.0368 8748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
05:05:43.0369 8748 vdrvroot - ok
05:05:43.0384 8748 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
05:05:43.0386 8748 vds - ok
05:05:43.0389 8748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:05:43.0390 8748 vga - ok
05:05:43.0392 8748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:05:43.0393 8748 VgaSave - ok
05:05:43.0394 8748 VGPU - ok
05:05:43.0402 8748 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
05:05:43.0403 8748 vhdmp - ok
05:05:43.0406 8748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
05:05:43.0406 8748 viaide - ok
05:05:43.0414 8748 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
05:05:43.0415 8748 vmbus - ok
05:05:43.0417 8748 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
05:05:43.0418 8748 VMBusHID - ok
05:05:43.0421 8748 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
05:05:43.0422 8748 volmgr - ok
05:05:43.0432 8748 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
05:05:43.0434 8748 volmgrx - ok
05:05:43.0443 8748 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
05:05:43.0444 8748 volsnap - ok
05:05:43.0451 8748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:05:43.0452 8748 vsmraid - ok
05:05:43.0493 8748 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
05:05:43.0499 8748 VSS - ok
05:05:43.0524 8748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
05:05:43.0525 8748 vwifibus - ok
05:05:43.0536 8748 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
05:05:43.0539 8748 W32Time - ok
05:05:43.0543 8748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:05:43.0543 8748 WacomPen - ok
05:05:43.0548 8748 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:05:43.0548 8748 WANARP - ok
05:05:43.0550 8748 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:05:43.0551 8748 Wanarpv6 - ok
05:05:43.0587 8748 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
05:05:43.0593 8748 WatAdminSvc - ok
05:05:43.0636 8748 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
05:05:43.0645 8748 wbengine - ok
05:05:43.0673 8748 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
05:05:43.0675 8748 WbioSrvc - ok
05:05:43.0687 8748 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
05:05:43.0691 8748 wcncsvc - ok
05:05:43.0695 8748 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
05:05:43.0696 8748 WcsPlugInService - ok
05:05:43.0701 8748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:05:43.0702 8748 Wd - ok
05:05:43.0722 8748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:05:43.0725 8748 Wdf01000 - ok
05:05:43.0730 8748 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:05:43.0732 8748 WdiServiceHost - ok
05:05:43.0734 8748 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
05:05:43.0736 8748 WdiSystemHost - ok
05:05:43.0746 8748 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
05:05:43.0748 8748 WebClient - ok
05:05:43.0757 8748 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
05:05:43.0759 8748 Wecsvc - ok
05:05:43.0764 8748 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
05:05:43.0766 8748 wercplsupport - ok
05:05:43.0770 8748 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
05:05:43.0772 8748 WerSvc - ok
05:05:43.0777 8748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:05:43.0777 8748 WfpLwf - ok
05:05:43.0781 8748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:05:43.0781 8748 WIMMount - ok
05:05:43.0787 8748 WinHttpAutoProxySvc - ok
05:05:43.0798 8748 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
05:05:43.0799 8748 Winmgmt - ok
05:05:43.0852 8748 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
05:05:43.0863 8748 WinRM - ok
05:05:43.0891 8748 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
05:05:43.0891 8748 WinUsb - ok
05:05:43.0915 8748 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
05:05:43.0920 8748 Wlansvc - ok
05:05:43.0979 8748 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:05:43.0987 8748 wlidsvc - ok
05:05:44.0011 8748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
05:05:44.0012 8748 WmiAcpi - ok
05:05:44.0022 8748 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
05:05:44.0024 8748 wmiApSrv - ok
05:05:44.0027 8748 WMPNetworkSvc - ok
05:05:44.0030 8748 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
05:05:44.0032 8748 WPCSvc - ok
05:05:44.0037 8748 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
05:05:44.0039 8748 WPDBusEnum - ok
05:05:44.0041 8748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:05:44.0042 8748 ws2ifsl - ok
05:05:44.0044 8748 WSearch - ok
05:05:44.0111 8748 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
05:05:44.0126 8748 wuauserv - ok
05:05:44.0153 8748 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
05:05:44.0154 8748 WudfPf - ok
05:05:44.0161 8748 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:05:44.0163 8748 WUDFRd - ok
05:05:44.0168 8748 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
05:05:44.0170 8748 wudfsvc - ok
05:05:44.0179 8748 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
05:05:44.0181 8748 WwanSvc - ok
05:05:44.0194 8748 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
05:05:44.0195 8748 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
05:05:44.0198 8748 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk4\DR4
05:05:44.0288 8748 \Device\Harddisk4\DR4 - ok
05:05:44.0290 8748 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
05:05:44.0321 8748 \Device\Harddisk0\DR0 - ok
05:05:44.0323 8748 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
05:05:44.0340 8748 \Device\Harddisk1\DR1 - ok
05:05:44.0342 8748 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk2\DR2
05:05:44.0363 8748 \Device\Harddisk2\DR2 - ok
05:05:44.0385 8748 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
05:05:44.0445 8748 \Device\Harddisk3\DR3 - ok
05:05:44.0449 8748 Boot (0x1200) (8755fa67e65c14878963f41cb3e6cc6c) \Device\Harddisk4\DR4\Partition0
05:05:44.0451 8748 \Device\Harddisk4\DR4\Partition0 - ok
05:05:44.0454 8748 Boot (0x1200) (e0adbda6e6e84c9ff3d49f5dd34f2295) \Device\Harddisk4\DR4\Partition1
05:05:44.0455 8748 \Device\Harddisk4\DR4\Partition1 - ok
05:05:44.0458 8748 Boot (0x1200) (b6426dbd97e581802467cbf3bada1669) \Device\Harddisk0\DR0\Partition0
05:05:44.0459 8748 \Device\Harddisk0\DR0\Partition0 - ok
05:05:44.0462 8748 Boot (0x1200) (b2967ef1d629ab849fff4e6eb27fe1d9) \Device\Harddisk1\DR1\Partition0
05:05:44.0463 8748 \Device\Harddisk1\DR1\Partition0 - ok
05:05:44.0466 8748 Boot (0x1200) (b5b10595b6f53b8d2103dfa378bc0216) \Device\Harddisk2\DR2\Partition0
05:05:44.0467 8748 \Device\Harddisk2\DR2\Partition0 - ok
05:05:44.0470 8748 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk3\DR3\Partition0
05:05:44.0470 8748 \Device\Harddisk3\DR3\Partition0 - ok
05:05:44.0492 8748 Boot (0x1200) (270658c0ff3dfc52346d409058ac59e9) \Device\Harddisk3\DR3\Partition1
05:05:44.0493 8748 \Device\Harddisk3\DR3\Partition1 - ok
05:05:44.0494 8748 ============================================================
05:05:44.0494 8748 Scan finished
05:05:44.0494 8748 ============================================================
05:05:44.0501 8228 Detected object count: 0
05:05:44.0501 8228 Actual detected object count: 0



aswMBR log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-11 05:07:19
-----------------------------
05:07:19.261 OS Version: Windows x64 6.1.7601 Service Pack 1
05:07:19.261 Number of processors: 8 586 0x1A05
05:07:19.261 ComputerName: PUFAJ-PC UserName: pufaj
05:07:19.459 Initialize success
05:07:23.638 AVAST engine defs: 12081001
05:07:33.490 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
05:07:33.493 Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA39C Size: 953869MB BusType: 3
05:07:33.495 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-7
05:07:33.498 Disk 1 Vendor: WDC_WD6000HLHX-01JJPV0 04.05G04 Size: 572325MB BusType: 3
05:07:33.500 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP4T0L0-5
05:07:33.502 Disk 2 Vendor: WDC_WD5000AAKS-65A7B0 01.03B01 Size: 476940MB BusType: 3
05:07:33.504 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP5T0L0-6
05:07:33.506 Disk 3 Vendor: WDC_WD5000AAKS-00Z7B0 01.03B01 Size: 476940MB BusType: 3
05:07:33.509 Disk 4 (boot) \Device\Harddisk4\DR4 -> \Device\Ide\IdeDeviceP0T0L0-0
05:07:33.512 Disk 4 Vendor: OCZ-VERTEX3_MI 2.13 Size: 114473MB BusType: 3
05:07:33.534 Disk 4 MBR read successfully
05:07:33.537 Disk 4 MBR scan
05:07:33.542 Disk 4 Windows 7 default MBR code
05:07:33.550 Disk 4 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
05:07:33.556 Disk 4 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
05:07:33.594 Disk 4 scanning C:\Windows\system32\drivers
05:07:51.458 Service scanning
05:08:00.323 Modules scanning
05:08:00.330 Disk 4 trace - called modules:
05:08:00.356 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
05:08:00.361 1 nt!IofCallDriver -> \Device\Harddisk4\DR4[0xfffffa800a4a1060]
05:08:00.367 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8009e80060]
05:08:00.594 AVAST engine scan C:\Windows
05:08:08.322 AVAST engine scan C:\Windows\system32
05:13:54.008 AVAST engine scan C:\Windows\system32\drivers
05:14:27.087 AVAST engine scan C:\Users\pufaj
05:16:52.568 File: C:\Users\pufaj\AppData\Local\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}\U\00000001.@ **INFECTED** Win32:Malware-gen
05:16:52.627 File: C:\Users\pufaj\AppData\Local\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}\U\800000cb.@ **INFECTED** Win32:Malware-gen
05:27:29.790 AVAST engine scan C:\ProgramData
05:32:30.178 Scan finished successfully
05:33:34.587 Disk 4 MBR has been saved successfully to "C:\Users\pufaj\Desktop\MBR.dat"
05:33:34.591 The log file has been saved successfully to "C:\Users\pufaj\Desktop\aswMBR.txt"


eset online scaner

C:\KMSEMUTEMP\KMS.exe a variant of Win32/HackKMS.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Sony\keygen.exe a variant of Win32/Packed.VMProtect.AAD trojan cleaned by deleting - quarantined
C:\Windows\KMService.exe a variant of Win32/HackKMS.A application cleaned by deleting (after the next restart) - quarantined
C:\Windows\System32\ipnathlp.dll a variant of Win32/Delf.OGP trojan unable to clean
C:\Windows\SysWOW64\ipnathlp.dll a variant of Win32/Delf.OGP trojan cleaned by deleting - quarantined
J:\programy\office\mini-KMS_Activator_v1.053.exe a variant of Win32/HackKMS.A application deleted - quarantined
J:\programy\WinZip.Pro.v15.0.9302.Incl.Keygen-Lz0\Lz0\keygen.exe probably a variant of Win32/Agent.MLIGVGJ trojan cleaned by deleting - quarantined
J:\programy\Xilisoft.Blu-Ray.Creator.2.v2.0.4.0707.Incl.Keygen-Lz0\x-blu-ray-creator-2.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined


ty for respond

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 AM

Posted 11 August 2012 - 08:47 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Pufio

Pufio
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 11 August 2012 - 11:08 PM

ty for respond

SystemLook 30.07.11 by jpshortstuff
Log created at 15:08 on 11/08/2012 by pufaj
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}"
C:\Users\pufaj\AppData\Local\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c} d--hs-- [04:21 27/01/2012]
C:\Windows\Installer\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c} d--hs-- [04:21 27/01/2012]
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c} d--hs-- [04:21 27/01/2012]

-= EOF =-

Mbam log
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.11.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
pufaj :: PUFAJ-PC [administrator]

Protection: Enabled

8/11/2012 10:52:09 PM
mbam-log-2012-08-11 (22-52-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220044
Time elapsed: 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}\U\00000001.@ (RootKit.0Access.H) -> Quarantined and deleted successfully.

(end)

Minibox log

MiniToolBox by Farbar Version: 23-07-2012
Ran by pufaj (administrator) on 11-08-2012 at 22:53:58
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 m6.xilisoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 www.xilisoft.com
127.0.0.1 www.xilisoft.net
127.0.0.1 xilisoft.com
127.0.0.1 xilisoft.net
127.0.0.1 cms.olym.xilisoft.net
127.0.0.1 online.xilisoft.com
127.0.0.1 online.xilisoft.net
127.0.0.1 service2.xilisoft.net
127.0.0.1 www.xilimobile.com
127.0.0.1 xilimobile.com
127.0.0.1 crm.xilisoft.com
127.0.0.1 onlinevideoconverter.xilisoft.com
127.0.0.1 m1.xilisoft.com
127.0.0.1 m2.xilisoft.com
127.0.0.1 m3.xilisoft.com
127.0.0.1 m4.xilisoft.com
127.0.0.1 m5.xilisoft.com

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : pufaj-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.il.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-3C-53-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4920:da05:3b78:9863%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 11, 2012 10:50:43 PM
Lease Expires . . . . . . . . . . : Saturday, August 18, 2012 10:50:43 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 236744549
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B3-D9-B5-1C-6F-65-3C-53-8F
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.il.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4009:800::100e
74.125.225.66
74.125.225.73
74.125.225.68
74.125.225.71
74.125.225.78
74.125.225.65
74.125.225.70
74.125.225.72
74.125.225.64
74.125.225.67
74.125.225.69


Pinging google.com [74.125.225.69] with 32 bytes of data:
Reply from 74.125.225.69: bytes=32 time=12ms TTL=55
Reply from 74.125.225.69: bytes=32 time=11ms TTL=55

Ping statistics for 74.125.225.69:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 12ms, Average = 11ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=45ms TTL=52
Reply from 209.191.122.70: bytes=32 time=45ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 45ms, Average = 45ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...1c 6f 65 3c 53 8f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.100 266
192.168.0.100 255.255.255.255 On-link 192.168.0.100 266
192.168.0.255 255.255.255.255 On-link 192.168.0.100 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.100 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.100 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::4920:da05:3b78:9863/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/11/2012 10:50:46 PM) (Source: LogMeIn Guardian) (User: NT AUTHORITY)NT AUTHORITY
Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: '926705f2526a472e9a67bfd624370037'.

Error: (08/11/2012 09:56:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: Connect.Service.ContentService.exe, version: 2.0.90.0, time stamp: 0x4d49aaf8
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e211319
Exception code: 0xe0434352
Fault offset: 0x0000b9bc
Faulting process id: 0x724
Faulting application start time: 0xConnect.Service.ContentService.exe0
Faulting application path: Connect.Service.ContentService.exe1
Faulting module path: Connect.Service.ContentService.exe2
Report Id: Connect.Service.ContentService.exe3

Error: (08/11/2012 09:56:01 PM) (Source: .NET Runtime) (User: )
Description: Application: Connect.Service.ContentService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Data.SqlServerCe.SqlCeException
Stack:
at System.Data.SqlServerCe.SqlCeDataReader.ProcessResults(Int32)
at System.Data.SqlServerCe.SqlCeDataReader.FetchValue(Int32)
at System.Data.SqlServerCe.SqlCeDataReader.IsDBNull(Int32)
at Connect.Utilities.SqlCEUtil.ReadBytesFromBlob(System.Data.SqlServerCe.SqlCeDataReader, Int32)
at Connect.Utilities.SqlCEUtil.GetObjectFromBlob(System.Data.SqlServerCe.SqlCeDataReader, Int32)
at Connect.Scheduler.JobStore.GetJob(System.Data.SqlServerCe.SqlCeDataReader)
at Connect.Scheduler.JobStore.GetNextFutureJob()
at Connect.Scheduler.JobWorker.DoWork()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (08/11/2012 03:18:17 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12d0

Start Time: 01cd77fe076bbdbb

Termination Time: 0

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 960711ed-e3f1-11e1-bb5b-1c6f653c538f

Error: (08/11/2012 03:16:40 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1e84

Start Time: 01cd77fe10d70fb0

Termination Time: 0

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 6a6fdee8-e3f1-11e1-bb5b-1c6f653c538f

Error: (08/11/2012 03:14:38 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1390

Start Time: 01cd77fda88d0bf5

Termination Time: 0

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 1a786632-e3f1-11e1-bb5b-1c6f653c538f

Error: (08/11/2012 03:02:29 PM) (Source: LogMeIn Guardian) (User: NT AUTHORITY)NT AUTHORITY
Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: '2487ff4d53bbf4054eedd92f0e642693'.

Error: (08/11/2012 01:46:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/11/2012 01:46:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/11/2012 01:46:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/11/2012 10:52:47 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/11/2012 10:52:47 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/11/2012 10:50:55 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/11/2012 10:50:55 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/11/2012 10:50:47 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/11/2012 10:50:46 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn service terminated unexpectedly. It has done this 1 time(s).

Error: (08/11/2012 10:50:45 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/11/2012 10:50:45 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/11/2012 10:35:42 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/11/2012 10:35:42 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (08/11/2012 10:50:46 PM) (Source: LogMeIn Guardian)(User: NT AUTHORITY)NT AUTHORITY
Description: 926705f2526a472e9a67bfd624370037

Error: (08/11/2012 09:56:07 PM) (Source: Application Error)(User: )
Description: Connect.Service.ContentService.exe2.0.90.04d49aaf8KERNELBASE.dll6.1.7601.176514e211319e04343520000b9bc72401cd783600df4710C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exeC:\Windows\syswow64\KERNELBASE.dll42c2cd30-e429-11e1-8656-1c6f653c538f

Error: (08/11/2012 09:56:01 PM) (Source: .NET Runtime)(User: )
Description: Application: Connect.Service.ContentService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Data.SqlServerCe.SqlCeException
Stack:
at System.Data.SqlServerCe.SqlCeDataReader.ProcessResults(Int32)
at System.Data.SqlServerCe.SqlCeDataReader.FetchValue(Int32)
at System.Data.SqlServerCe.SqlCeDataReader.IsDBNull(Int32)
at Connect.Utilities.SqlCEUtil.ReadBytesFromBlob(System.Data.SqlServerCe.SqlCeDataReader, Int32)
at Connect.Utilities.SqlCEUtil.GetObjectFromBlob(System.Data.SqlServerCe.SqlCeDataReader, Int32)
at Connect.Scheduler.JobStore.GetJob(System.Data.SqlServerCe.SqlCeDataReader)
at Connect.Scheduler.JobStore.GetNextFutureJob()
at Connect.Scheduler.JobWorker.DoWork()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (08/11/2012 03:18:17 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.8712d001cd77fe076bbdbb0C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe960711ed-e3f1-11e1-bb5b-1c6f653c538f

Error: (08/11/2012 03:16:40 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.871e8401cd77fe10d70fb00C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe6a6fdee8-e3f1-11e1-bb5b-1c6f653c538f

Error: (08/11/2012 03:14:38 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.87139001cd77fda88d0bf50C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe1a786632-e3f1-11e1-bb5b-1c6f653c538f

Error: (08/11/2012 03:02:29 PM) (Source: LogMeIn Guardian)(User: NT AUTHORITY)NT AUTHORITY
Description: 2487ff4d53bbf4054eedd92f0e642693

Error: (08/11/2012 01:46:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\pufaj\Downloads\esetsmartinstaller_enu.exe

Error: (08/11/2012 01:46:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\pufaj\Downloads\esetsmartinstaller_enu.exe

Error: (08/11/2012 01:46:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\pufaj\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7500_7600_7700_Help1 (Version: 1.00.0000)
A-Z iPod Video Converter 4.57 (Version: V4.57)
ACDSee Photo Manager 12 (Version: 12.0.342)
Adobe Acrobat X Pro - English, Franšais, Deutsch (Version: 10.0.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Flash Player 10 Plugin (Version: 10.2.153.1)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Photoshop Lightroom 3.4 64-bit (Version: 3.4.1)
Adobe Photoshop Lightroom 4 64-bit (Version: 4.0.1)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
AKVIS ArtSuite (Version: 6.7.2156.7525)
AKVIS ArtWork (Version: 5.0.1296.7573)
AKVIS Chameleon (Version: 7.0.1603.7585)
AKVIS Coloriage (Version: 7.5.916.7585)
AKVIS Decorator (Version: 2.0.416.7012)
AKVIS Enhancer (Version: 11.5.1577.6946)
AKVIS Lightshop (Version: 3.0.843.7004)
AKVIS Magnifier (Version: 4.0.825.7460)
AKVIS MultiBrush (Version: 5.5.1344.6870)
AKVIS NatureArt (Version: 2.0.944.7482)
AKVIS Noise Buster (Version: 7.5.2457.6947)
AKVIS Refocus (Version: 1.0.149.7428)
AKVIS Retoucher (Version: 4.5.774.7440)
AKVIS Sketch (Version: 12.0.2209.7519)
AKVIS SmartMask (Version: 3.0.1027.7011)
Alien Skin Bokeh 2
Alien Skin Exposure 4
Alien Skin Eye Candy 6
Alien Skin Image Doctor 2
Alien Skin Snap Art 3
AnyDVD (Version: 7.0.2.0)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AutoCAD 2012 - English (Version: 18.2.51.0)
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0)
Autodesk Content Service (Version: 2.0.90)
Autodesk Design Review 2012 (Version: 12.0.0.93)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138)
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Low Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Revit Architecture 2012 (Version: 11.03.09231)
Bing Bar (Version: 5.0.1449.0)
Bing Bar Platform (Version: 5.0.1449.0)
Bonjour (Version: 3.0.0.10)
bpd_scan_Carrier (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
Browser Configuration Utility (Version: 1.1.18.0)
BS.Player PRO (Version: 2.56.1043)
BufferChm (Version: 140.0.213.000)
CCleaner (Version: 3.15)
Chief Architect Premier X4 (Version: 14.3.0.0)
Color Efex Pro 4 (Version: 4.0.0.1)
Common (Version: 14.0.0.342)
Contents (Version: 14.0.0.342)
Corel AfterShot Pro (Version: 1.0.0.39)
Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)
Corel Graphics - Windows Shell Extension (Version: 16.0.707)
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707)
Corel PaintShop Pro X4 (Version: 14.0.0.332)
Corel VideoStudio Pro X4 (Version: 14.0.0.342)
Corel WinDVD 2010 (Version: 10.0.5.298)
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487)
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.0.0.707)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0)
CyberLink PowerDVD 12 (Version: 12.0.1312.54)
DAEMON Tools Lite (Version: 4.45.2.0287)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DeviceIO (Version: 14.0.0.342)
Dfine 2.0 (Version: 2.1.0.7)
Dfx (Version: 3.0)
Diablo III (Version: 1.0.1.9558)
DivX Setup (Version: 2.6.1.5)
DocProc (Version: 140.0.100.000)
DVD Architect Pro 5.2 (Version: 5.2.133)
DVDFab 8.1.7.8 (17/04/2012) Qt
ESET Online Scanner v3
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FARO LS 1.1.408.2 (Version: 4.8.2.25521)
FARO LS 4.8.2.25521
Fax (Version: 140.0.213.000)
Futuremark SystemInfo (Version: 3.54.1.1)
Gigabyte Raid Configurer (Version: 1.00.0001)
GPBaseService2 (Version: 140.0.212.000)
HDR Efex Pro (Version: 1.2.0.0)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP OfficeJet L7300/L7500/7600/7700 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 140.0.213.000)
HPSSupply (Version: 140.0.212.000)
ICA (Version: 14.0.0.332)
ICA (Version: 14.0.0.342)
Imagenomic Portraiture 2.3 Plug-in (build 2308)
IPM_PSP_COM (Version: 14.0.0.332)
IPM_VS_Pro (Version: 13.0)
ISCOM (Version: 14.0.0.342)
iTunes (Version: 10.5.3.3)
Joboshare iPhone Video Converter (Version: 2.9.1.0317)
K-Lite Codec Pack 8.1.0 (Full) (Version: 8.1.0)
L7600 (Version: 140.0.000.000)
LightScribe System Software (Version: 1.18.6.1)
LogMeIn (Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 140.0.214.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.55.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Visio 2010 (Version: 14.0.4763.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Search Enhancement Pack (Version: 2.0.271.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visio Premium 2010 (Version: 14.0.4763.1000)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MPM (Version: 1.00.0000)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 11 Creative Collections Pack
Nero 11 Mini Repack
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Noise Reduction Plug-in 2.0i (Version: 2.0.455)
Norton Internet Security (Version: 19.7.1.5)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
ON_OFF Charge B10.0422.2 (Version: 1.00.0001)
Opera 11.61 (Version: 11.61.1250)
PDF Settings CS5 (Version: 10.0)
Perfect Photo Suite 6 (Version: 6.0.0)
Photo To Color Sketch 6.51
Photomatix Pro version 4.1.3 (Version: 4.1.3)
PhotoPresets with One-Click WOW! for Adobe Camera Raw (Version: 1.0)
PhotoPresets Wow Effects for Adobe Camera Raw (Version: 1.0)
Privoxy (remove only)
ProductContext (Version: 140.0.000.000)
PSPPContent (Version: 14.0.0.332)
PSPPHelp (Version: 14.0.0.332)
PSPPro64 (Version: 14.0.0.332)
PureHD (Version: 14.0.0.342)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6077)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0)
Revit Architecture 2012 Language Pack - English (Version: 11.03.09231)
Scan (Version: 140.0.167.000)
Setup (Version: 14.0.0.332)
Setup (Version: 14.0.0.342)
Share (Version: 14.0.0.342)
Share64 (Version: 14.0.0.342)
Sharpener Pro 3.0 (Version: 3.0.0.5)
Shop for HP Supplies (Version: 14.0)
Silver Efex Pro 2 (Version: 2.0.0.3)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
SmartWebPrinting (Version: 140.0.213.000)
Snapseed (Version: 1.1.0)
SolutionCenter (Version: 140.0.214.000)
Sound Forge Pro 10.0 (Version: 10.0.491)
Status (Version: 140.0.256.000)
Tintii
Toolbox (Version: 140.0.428.000)
Topaz InFocus (Version: 1.0.0)
Topaz Adjust 5 (64-bit) (Version: 5.0.0)
Topaz Adjust 5 (Version: 5.0.0)
Topaz B&W Effects (64-bit) (Version: 1.0.0)
Topaz B&W Effects (Version: 1.0.0)
Topaz Clean 3 (64-bit) (Version: 3.0.2)
Topaz Clean 3 (Version: 3.0.2)
Topaz DeJpeg 4 (64-bit) (Version: 4.0.2)
Topaz DeJpeg 4 (Version: 4.0.2)
Topaz DeNoise 5 (64-bit) (Version: 5.0.1)
Topaz DeNoise 5 (Version: 5.0.1)
Topaz Detail 2 (64-bit) (Version: 2.0.5)
Topaz Detail 2 (Version: 2.0.5)
Topaz Fusion Express 2 (64-bit) (Version: 2.0.2)
Topaz Fusion Express 2 (Version: 2.0.2)
Topaz InFocus (64-bit) (Version: 1.0.0)
Topaz ReMask 3 (64-bit) (Version: 3.1.0)
Topaz ReMask 3 (Version: 3.1.0)
Topaz Simplify 3 (64-bit) (Version: 3.0.2)
Topaz Simplify 3 (Version: 3.0.2)
Topaz Star Effects (64-bit) (Version: 1.0.0)
Topaz Star Effects (Version: 1.0.0)
Total Commander (Remove or Repair) (Version: 8.0 beta 17a)
TrayApp (Version: 140.0.213.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vegas Movie Studio HD Platinum 10.0 (Version: 10.0.179)
Vegas Pro 11.0 (64-bit) (Version: 11.0.595)
VIO (Version: 14.0.0.342)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)
Viveza 2 (Version: 2.0.0.6)
VLC media player 1.1.11 (Version: 1.1.11)
VSClassic (Version: 14.0.0.342)
VSPro (Version: 14.0.0.342)
WebReg (Version: 140.0.213.017)
WinArchiver (Version: 2.8)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
WinRAR 4.10 beta 1 (64-bit) (Version: 4.10.1)
WinZip 15.0 (Version: 15.0.9302)
Xilisoft Audio Converter Pro (Version: 6.3.0.20120227)
Xilisoft Blu-ray Creator 2 (Version: 2.0.4.0707)
Xilisoft Video Converter Platinum (Version: 7.0.1.1221)
Xilisoft Video Converter Ultimate (Version: 7.1.0.20120222)

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 12286.49 MB
Available physical RAM: 9998.27 MB
Total Pagefile: 24571.18 MB
Available Pagefile: 22090.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.49 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:111.69 GB) (Free:5.36 GB) NTFS
5 Drive f: (Elements) (Fixed) (Total:465.64 GB) (Free:41.62 GB) FAT32
7 Drive i: (New Volume) (Fixed) (Total:931.51 GB) (Free:42.91 GB) NTFS
8 Drive j: (New Volume) (Fixed) (Total:465.63 GB) (Free:120.94 GB) NTFS
9 Drive k: (storage) (Fixed) (Total:558.91 GB) (Free:105.81 GB) NTFS

========================= Users: ========================================

User accounts for \\PUFAJ-PC

Administrator Guest LogMeInRemoteUser
pufaj UpdatusUser


**** End of log ****
Fss log
Farbar Service Scanner Version: 06-08-2012
Ran by pufaj (administrator) on 11-08-2012 at 22:55:37
Running from "C:\Users\pufaj\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware

# AdwCleaner v1.800 - Logfile created 08/11/2012 at 22:56:35
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : pufaj - PUFAJ-PC
# Running from : C:\Users\pufaj\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\pufaj\AppData\Roaming\Mozilla\Firefox\Profiles\9lfhjl0m.default\prefs.js

[OK] File is clean.

-\\ Opera v11.61.1250.0

File : C:\Users\pufaj\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1213 octets] - [11/08/2012 22:49:08]
AdwCleaner[S1].txt - [1240 octets] - [11/08/2012 22:49:27]
AdwCleaner[S2].txt - [953 octets] - [11/08/2012 22:56:35]

########## EOF - C:\AdwCleaner[S2].txt - [1080 octets] ##########


I did everything but still when im do mbam scan its show me rootkit.0,access.H then remove restart and again again

Log from scan every restart

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.11.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
pufaj :: PUFAJ-PC [administrator]

Protection: Enabled

8/11/2012 11:01:36 PM
mbam-log-2012-08-11 (23-01-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220056
Time elapsed: 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}\U\00000001.@ (RootKit.0Access.H) -> Quarantined and deleted successfully.

(end)

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 AM

Posted 12 August 2012 - 04:22 AM

Press Windows+R key and type

notepad and click ok
copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:services.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Restart the PC

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\pufaj\AppData\Local\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}
C:\Windows\Installer\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}

delete the folders

Post the new system look log

Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 Pufio

Pufio
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 12 August 2012 - 08:31 AM

hi
dont know how to do system log

fss log

Farbar Service Scanner Version: 06-08-2012
Ran by pufaj (administrator) on 12-08-2012 at 08:29:43
Running from "C:\Users\pufaj\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


looks ok now antivirus didnt find anything
ty for help

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 AM

Posted 12 August 2012 - 09:13 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}

Click on LOOK,post the generated log

#9 Pufio

Pufio
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 12 August 2012 - 06:01 PM

hi

SystemLook 30.07.11 by jpshortstuff
Log created at 17:58 on 12/08/2012 by pufaj
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{fbda9dd8-11f2-f0fb-2d9c-be88f314e50c}"
No folders found.

-= EOF =-

ty for help everything looks ok now. Ty for help one again :)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 AM

Posted 12 August 2012 - 09:53 PM

Grt :thumbup2:

Delete this file

C:\windows\services.exe.old


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 12 August 2012 - 09:53 PM.


#11 Pufio

Pufio
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 14 August 2012 - 07:03 PM

ty for help :)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 AM

Posted 14 August 2012 - 07:17 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users