Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware


  • This topic is locked This topic is locked
5 replies to this topic

#1 eepolio

eepolio

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:14 AM

Posted 11 September 2012 - 07:17 PM

Hi all,
I keep getting ads in the bottom right corner of the screen when using the Internet(IE) , sometimes they are the shape of an iPhone and usually advertise stuff related to my searches. Sometimes (at random) when I click on a link, it gets hijacked to a completely different advertisement site. I've done a little research on this very helpful forum but it seems that the resolution for everyone is somewhat different. I've ran malewarebytes but have found nothing. Any help would be greatly appreciated.

Thanks

Edited by Orange Blossom, 11 September 2012 - 07:55 PM.
Moved to AII for initial assistance. ~ OB


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:14 AM

Posted 11 September 2012 - 08:19 PM

Hello and welcome eepolio

Please run these ,post the logs and let me know how it is.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


TDSS Killer

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.


Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 eepolio

eepolio
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:14 AM

Posted 12 September 2012 - 08:59 AM

Hi boopme, Thanks for your interest!
I did everything in the requested order. Everything is the same: Ads at the bottom corners of my screen and links being hijacked randomly.

side note: After running TDSS Killer, a reboot was necessary.





MiniToolBox by Farbar Version: 23-07-2012
Ran by malena (administrator) on 11-09-2012 at 22:50:47
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost








































































































































































































176.9.75.3 www.google-analytics.com.
176.9.75.3 ad-emea.doubleclick.net.
176.9.75.3 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Efrain-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-21-5C-22-7C-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::697a:2502:2511:a0d4%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 11, 2012 10:19:25 PM
Lease Expires . . . . . . . . . . : Wednesday, September 12, 2012 10:19:24 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 352330076
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-2F-0B-F9-00-1E-68-BD-01-3A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-1E-68-BD-01-3A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{55526514-9B48-4105-9F0B-7FEABC34EAA0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A4D9636E-8AB6-4C68-99E7-2C94F47A56AA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.137.113] with 32 bytes of data:
Reply from 74.125.137.113: bytes=32 time=32ms TTL=46
Reply from 74.125.137.113: bytes=32 time=36ms TTL=46

Ping statistics for 74.125.137.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 36ms, Average = 34ms

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=507ms TTL=50
Reply from 72.30.38.140: bytes=32 time=325ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 325ms, Maximum = 507ms, Average = 416ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 21 5c 22 7c 3b ......Intel® Wireless WiFi Link 4965AGN
11...00 1e 68 bd 01 3a ......Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
12 276 fe80::697a:2502:2511:a0d4/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/11/2012 10:39:20 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13f8

Start Time: 01cd90981ce9f5a4

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/11/2012 10:38:45 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d10

Start Time: 01cd9097f32c6a85

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/11/2012 10:35:07 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1130

Start Time: 01cd909786d8e249

Termination Time: 32

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/11/2012 10:34:34 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 110c

Start Time: 01cd909764a531bf

Termination Time: 37

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/11/2012 10:20:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2012 10:04:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2012 09:38:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/11/2012 09:37:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (09/11/2012 07:04:37 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15ac

Start Time: 01cd9079fdbf83a9

Termination Time: 37

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/11/2012 06:15:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/11/2012 10:30:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2741355).

Error: (09/11/2012 10:19:40 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (09/11/2012 10:19:26 PM) (Source: Service Control Manager) (User: )
Description: The lxduCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/11/2012 10:19:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxduCATSCustConnectService service to connect.

Error: (09/11/2012 10:19:23 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (09/11/2012 10:19:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/11/2012 10:04:01 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Pervasive PSQL Workgroup Engine service to connect.

Error: (09/11/2012 10:03:31 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (09/11/2012 10:03:28 PM) (Source: Service Control Manager) (User: )
Description: The lxduCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/11/2012 10:03:28 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxduCATSCustConnectService service to connect.


Microsoft Office Sessions:
=========================
Error: (09/11/2012 10:39:20 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1644813f801cd90981ce9f5a415C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/11/2012 10:38:45 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16448d1001cd9097f32c6a8515C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/11/2012 10:35:07 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16448113001cd909786d8e24932C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/11/2012 10:34:34 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16448110c01cd909764a531bf37C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/11/2012 10:20:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2012 10:04:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2012 09:38:40 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/11/2012 09:37:15 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Google\Connect\Office\2.0\adxloader.dll.ManifestC:\Program Files (x86)\Google\Connect\Office\2.0\adxloader.dll.Manifest2

Error: (09/11/2012 07:04:37 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1644815ac01cd9079fdbf83a937C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/11/2012 06:15:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Acrobat.com (Version: 1.7.186)
Adobe AIR (Version: 1.5.2.8900)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Reader 9.5.0 (Version: 9.5.0)
AIM 6
Akamai NetSession Interface
Akamai NetSession Interface Service
AppCore (Version: 1.3)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000)
ccCommon (Version: 107.0.0.102)
ccCommon64 (Version: 107.0.0.102)
Component Framework (Version: 2006.1.3.35)
Crystal Reports 2008 Runtime (Version: 12.0.0.683)
CyberLink YouCam (Version: 1.0.1002)
DecisionTools Suite Industrial 5.7 Edu Edition (Version: 5.7.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dexterity Shared Components 10.0 (Version: 10.0.313.0)
DVD Suite (Version: 5.5.0928)
FrostWire 5.0.8 (Version: 5.0.8.0)
GIRDAC Free PDF Creator (Version: 3.0.1.1)
GIRDAC Port
Google Chrome (Version: 21.0.1180.83)
Google Cloud Connect for Microsoft Office (Version: 2.0.2662.0553)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (Version: 2.0.25149)
Hewlett-Packard Active Check (Version: 1.1.11.0)
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5)
HP Active Support Library (Version: 2.3.0.2)
HP Customer Experience Enhancements (Version: 5.4.0.2430)
HP Doc Viewer (Version: 1.02.0001)
HP Easy Setup - Frontend (Version: 5.4.0.2430)
HP Help and Support (Version: 1.5.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Quick Launch Buttons 6.30 E1 (Version: 6.30 E1)
HP QuickPlay 3.6
HP QuickTouch 1.00 C3 (Version: 1.0.5)
HP Smart Web Printing (Version: 3.0.17.0)
HP Update (Version: 4.000.009.002)
HP User Guides 0087 (Version: 1.02.0000)
HP Wireless Assistant (Version: 3.00 H2)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000)
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000)
hpphotosmartdisclabelplugin (Version: 2.02.0000)
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000)
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000)
iCloud (Version: 1.0.2.17)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® Matrix Storage Manager
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 30 (Version: 6.0.300)
LabelPrint (Version: 2.20.2128)
Lexmark 5600-6600 Series
Lexmark Printable Web (Version: 1.0.0.0)
LightScribe System Software 1.10.13.1 (Version: 1.10.13.1)
LiveUpdate (Symantec Corporation) (Version: 3.4.0.162)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 11.0.8156.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Dynamics GP-Education 10.0 (Version: 10.1.0009.000)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (DYNAMICSGPEDU) (Version: 9.2.3042.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Motorola SM56 Data Fax Modem
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.1 (Version: 6.10.050)
My HP Games (Version: HPCMPQ1902)
Norton AntiVirus (Version: 15.0.0.58)
Norton AntiVirus Help (Version: 15.0)
Norton Confidential Core (Version: 2.0.0.84)
Norton Internet Security (Symantec Corporation) (Version: 15.0.0.60)
Norton Internet Security (Version: 15.0.0.60)
Norton Protection Center (Version: 3.1.0.98)
Peachtree Accounting 2009 (Version: 16.00.00)
Peachtree Complete Accounting 2009 (Version: 16.00.00)
PeachTree Signature Ready Forms (Version: 6.3.0)
Pervasive PSQL v10 Workgroup (32-bit) (Version: 10.0.204.000)
Power2Go (Version: 5.6.3327)
PowerDirector (Version: 6.5.2129)
PSSWCORE (Version: 2.02.0000)
Quick Screen Capture 3.0 (Version: 3.0)
QuickPlay SlingPlayer 0.4.6 (Version: 0.4.6)
QuickTime (Version: 7.71.80.42)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
Safari (Version: 5.34.52.7)
Sage Software Integration Services (Version: 2.2.2240)
Skype web features (Version: 1.0.3971)
Skype™ 4.1 (Version: 4.1.179)
Slingbox Flash Tour (Version: 1.0.0)
SlingPlayer (Version: 1.04.0206)
SPBBC 64bit (Version: 107.0.0.134)
Symantec Real Time Storage Protection Component (x64) (Version: 10.2.0.57)
SymNet x64 (Version: 8.0.0.129)
Synaptics Pointing Device Driver (Version: 10.2.4.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
WeatherBug Gadget (Version: 1.0.0.6)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 4086.43 MB
Available physical RAM: 2621.1 MB
Total Pagefile: 8171 MB
Available Pagefile: 6494.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.4 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:220.03 GB) (Free:155.32 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.85 GB) (Free:2.45 GB) NTFS

========================= Users: ========================================

User accounts for \\EFRAIN-PC

Administrator Guest malena


**** End of log ****





Rkill 2.3.11 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/11/2012 10:55:10 PM in x64 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/11/2012 10:55:12 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)



22:56:36.0383 4344 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:56:37.0980 4344 ============================================================
22:56:37.0980 4344 Current date / time: 2012/09/11 22:56:37.0980
22:56:37.0980 4344 SystemInfo:
22:56:37.0980 4344
22:56:37.0980 4344 OS Version: 6.1.7600 ServicePack: 0.0
22:56:37.0980 4344 Product type: Workstation
22:56:37.0980 4344 ComputerName: EFRAIN-PC
22:56:37.0980 4344 UserName: malena
22:56:37.0981 4344 Windows directory: C:\Windows
22:56:37.0981 4344 System windows directory: C:\Windows
22:56:37.0981 4344 Running under WOW64
22:56:37.0981 4344 Processor architecture: Intel x64
22:56:37.0981 4344 Number of processors: 2
22:56:37.0981 4344 Page size: 0x1000
22:56:37.0981 4344 Boot type: Normal boot
22:56:37.0981 4344 ============================================================
22:56:38.0812 4344 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:56:38.0853 4344 ============================================================
22:56:38.0853 4344 \Device\Harddisk0\DR0:
22:56:38.0853 4344 MBR partitions:
22:56:38.0853 4344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B80F034
22:56:38.0853 4344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B80F073, BlocksNum 0x19B550E
22:56:38.0853 4344 ============================================================
22:56:38.0880 4344 C: <-> \Device\Harddisk0\DR0\Partition1
22:56:38.0923 4344 D: <-> \Device\Harddisk0\DR0\Partition2
22:56:38.0923 4344 ============================================================
22:56:38.0923 4344 Initialize success
22:56:38.0923 4344 ============================================================
22:59:50.0986 5048 ============================================================
22:59:50.0986 5048 Scan started
22:59:50.0986 5048 Mode: Manual; TDLFS;
22:59:50.0986 5048 ============================================================
22:59:51.0477 5048 ================ Scan system memory ========================
22:59:51.0477 5048 System memory - ok
22:59:51.0478 5048 ================ Scan services =============================
22:59:51.0751 5048 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:59:51.0756 5048 1394ohci - ok
22:59:51.0802 5048 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
22:59:51.0809 5048 ACPI - ok
22:59:51.0830 5048 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
22:59:51.0831 5048 AcpiPmi - ok
22:59:52.0029 5048 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:59:52.0032 5048 AdobeFlashPlayerUpdateSvc - ok
22:59:52.0090 5048 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:59:52.0100 5048 adp94xx - ok
22:59:52.0142 5048 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:59:52.0150 5048 adpahci - ok
22:59:52.0198 5048 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:59:52.0202 5048 adpu320 - ok
22:59:52.0248 5048 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:59:52.0250 5048 AeLookupSvc - ok
22:59:52.0308 5048 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
22:59:52.0316 5048 AFD - ok
22:59:52.0343 5048 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
22:59:52.0344 5048 agp440 - ok
22:59:52.0631 5048 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
22:59:52.0631 5048 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
22:59:52.0646 5048 Akamai ( HiddenFile.Multi.Generic ) - warning
22:59:52.0646 5048 Akamai - detected HiddenFile.Multi.Generic (1)
22:59:52.0663 5048 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:59:52.0665 5048 ALG - ok
22:59:52.0710 5048 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
22:59:52.0711 5048 aliide - ok
22:59:52.0719 5048 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
22:59:52.0721 5048 amdide - ok
22:59:52.0755 5048 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:59:52.0757 5048 AmdK8 - ok
22:59:52.0775 5048 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:59:52.0777 5048 AmdPPM - ok
22:59:52.0830 5048 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:59:52.0833 5048 amdsata - ok
22:59:52.0871 5048 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:59:52.0875 5048 amdsbs - ok
22:59:52.0895 5048 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:59:52.0897 5048 amdxata - ok
22:59:52.0941 5048 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
22:59:52.0943 5048 AppID - ok
22:59:52.0982 5048 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:59:52.0983 5048 AppIDSvc - ok
22:59:53.0005 5048 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
22:59:53.0007 5048 Appinfo - ok
22:59:53.0134 5048 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:59:53.0136 5048 Apple Mobile Device - ok
22:59:53.0196 5048 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:59:53.0200 5048 AppMgmt - ok
22:59:53.0230 5048 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:59:53.0232 5048 arc - ok
22:59:53.0254 5048 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:59:53.0257 5048 arcsas - ok
22:59:53.0291 5048 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:59:53.0293 5048 AsyncMac - ok
22:59:53.0325 5048 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
22:59:53.0326 5048 atapi - ok
22:59:53.0395 5048 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:59:53.0415 5048 AudioEndpointBuilder - ok
22:59:53.0436 5048 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:59:53.0444 5048 AudioSrv - ok
22:59:53.0523 5048 [ DE220DCEA74E13E659FF6192C3AFE49C ] Automatic LiveUpdate Scheduler c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
22:59:53.0526 5048 Automatic LiveUpdate Scheduler - ok
22:59:53.0572 5048 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:59:53.0575 5048 AxInstSV - ok
22:59:53.0655 5048 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:59:53.0675 5048 b06bdrv - ok
22:59:53.0758 5048 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:59:53.0764 5048 b57nd60a - ok
22:59:53.0847 5048 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:59:53.0850 5048 BBSvc - ok
22:59:53.0880 5048 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:59:53.0882 5048 BDESVC - ok
22:59:53.0900 5048 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:59:53.0901 5048 Beep - ok
22:59:53.0972 5048 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
22:59:54.0010 5048 BITS - ok
22:59:54.0058 5048 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:59:54.0060 5048 blbdrive - ok
22:59:54.0157 5048 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:59:54.0163 5048 Bonjour Service - ok
22:59:54.0212 5048 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:59:54.0214 5048 bowser - ok
22:59:54.0253 5048 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:59:54.0254 5048 BrFiltLo - ok
22:59:54.0272 5048 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:59:54.0273 5048 BrFiltUp - ok
22:59:54.0322 5048 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
22:59:54.0325 5048 Browser - ok
22:59:54.0355 5048 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:59:54.0361 5048 Brserid - ok
22:59:54.0410 5048 [ 34F6C504B150F99DAE69D7073D2A4DF4 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
22:59:54.0413 5048 BrSerIf - ok
22:59:54.0439 5048 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:59:54.0440 5048 BrSerWdm - ok
22:59:54.0463 5048 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:59:54.0464 5048 BrUsbMdm - ok
22:59:54.0490 5048 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
22:59:54.0491 5048 BrUsbSer - ok
22:59:54.0525 5048 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:59:54.0526 5048 BTHMODEM - ok
22:59:54.0584 5048 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:59:54.0586 5048 bthserv - ok
22:59:54.0637 5048 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
22:59:54.0638 5048 BVRPMPR5a64 - ok
22:59:54.0703 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] ccEvtMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
22:59:54.0705 5048 ccEvtMgr - ok
22:59:54.0715 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] ccSetMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
22:59:54.0718 5048 ccSetMgr - ok
22:59:54.0763 5048 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:59:54.0766 5048 cdfs - ok
22:59:54.0809 5048 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:59:54.0811 5048 cdrom - ok
22:59:54.0857 5048 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
22:59:54.0859 5048 CertPropSvc - ok
22:59:54.0891 5048 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:59:54.0892 5048 circlass - ok
22:59:54.0934 5048 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:59:54.0939 5048 CLFS - ok
22:59:55.0026 5048 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:59:55.0028 5048 clr_optimization_v2.0.50727_32 - ok
22:59:55.0094 5048 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:59:55.0097 5048 clr_optimization_v2.0.50727_64 - ok
22:59:55.0190 5048 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:59:55.0193 5048 clr_optimization_v4.0.30319_32 - ok
22:59:55.0229 5048 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:59:55.0233 5048 clr_optimization_v4.0.30319_64 - ok
22:59:55.0259 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] CLTNetCnService c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
22:59:55.0261 5048 CLTNetCnService - ok
22:59:55.0307 5048 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:59:55.0309 5048 CmBatt - ok
22:59:55.0333 5048 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
22:59:55.0334 5048 cmdide - ok
22:59:55.0382 5048 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
22:59:55.0391 5048 CNG - ok
22:59:55.0494 5048 [ D8774ACE03B46C9B01A49818055F9AD4 ] Com4Qlb C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
22:59:55.0496 5048 Com4Qlb - ok
22:59:55.0563 5048 [ 41CC83C49CED7EBC4D6C5ADFB4EAFF00 ] comHost c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
22:59:55.0567 5048 comHost - ok
22:59:55.0602 5048 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:59:55.0603 5048 Compbatt - ok
22:59:55.0640 5048 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:59:55.0641 5048 CompositeBus - ok
22:59:55.0660 5048 COMSysApp - ok
22:59:55.0682 5048 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:59:55.0683 5048 crcdisk - ok
22:59:55.0740 5048 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:59:55.0744 5048 CryptSvc - ok
22:59:55.0808 5048 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
22:59:55.0828 5048 CSC - ok
22:59:55.0886 5048 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
22:59:55.0909 5048 CscService - ok
22:59:55.0982 5048 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:59:56.0002 5048 DcomLaunch - ok
22:59:56.0054 5048 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:59:56.0061 5048 defragsvc - ok
22:59:56.0103 5048 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:59:56.0106 5048 DfsC - ok
22:59:56.0155 5048 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
22:59:56.0163 5048 Dhcp - ok
22:59:56.0197 5048 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:59:56.0198 5048 discache - ok
22:59:56.0245 5048 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:59:56.0247 5048 Disk - ok
22:59:56.0283 5048 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:59:56.0288 5048 Dnscache - ok
22:59:56.0338 5048 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
22:59:56.0345 5048 dot3svc - ok
22:59:56.0371 5048 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
22:59:56.0376 5048 DPS - ok
22:59:56.0421 5048 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:59:56.0422 5048 drmkaud - ok
22:59:56.0491 5048 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:59:56.0502 5048 DXGKrnl - ok
22:59:56.0572 5048 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:59:56.0575 5048 EapHost - ok
22:59:56.0715 5048 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:59:56.0844 5048 ebdrv - ok
22:59:56.0887 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
22:59:56.0890 5048 EFS - ok
22:59:56.0972 5048 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:59:57.0002 5048 ehRecvr - ok
22:59:57.0053 5048 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:59:57.0056 5048 ehSched - ok
22:59:57.0114 5048 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:59:57.0134 5048 elxstor - ok
22:59:57.0153 5048 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
22:59:57.0154 5048 ErrDev - ok
22:59:57.0211 5048 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:59:57.0222 5048 EventSystem - ok
22:59:57.0252 5048 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:59:57.0256 5048 exfat - ok
22:59:57.0291 5048 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:59:57.0296 5048 fastfat - ok
22:59:57.0358 5048 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
22:59:57.0379 5048 Fax - ok
22:59:57.0415 5048 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:59:57.0416 5048 fdc - ok
22:59:57.0448 5048 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:59:57.0450 5048 fdPHost - ok
22:59:57.0465 5048 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:59:57.0467 5048 FDResPub - ok
22:59:57.0491 5048 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:59:57.0492 5048 FileInfo - ok
22:59:57.0506 5048 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:59:57.0507 5048 Filetrace - ok
22:59:57.0603 5048 [ D778107D7C2A19D7E7A884A9F0D79581 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:59:57.0626 5048 FLEXnet Licensing Service - ok
22:59:57.0667 5048 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:59:57.0668 5048 flpydisk - ok
22:59:57.0702 5048 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:59:57.0708 5048 FltMgr - ok
22:59:57.0783 5048 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
22:59:57.0868 5048 FontCache - ok
22:59:57.0943 5048 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:59:57.0944 5048 FontCache3.0.0.0 - ok
22:59:57.0965 5048 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:59:57.0966 5048 FsDepends - ok
22:59:58.0000 5048 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:59:58.0001 5048 Fs_Rec - ok
22:59:58.0058 5048 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:59:58.0061 5048 fvevol - ok
22:59:58.0101 5048 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:59:58.0103 5048 gagp30kx - ok
22:59:58.0202 5048 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
22:59:58.0204 5048 GameConsoleService - ok
22:59:58.0233 5048 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:59:58.0234 5048 GEARAspiWDM - ok
22:59:58.0294 5048 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
22:59:58.0331 5048 gpsvc - ok
22:59:58.0459 5048 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:59:58.0462 5048 gupdate - ok
22:59:58.0478 5048 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:59:58.0480 5048 gupdatem - ok
22:59:58.0538 5048 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:59:58.0541 5048 gusvc - ok
22:59:58.0560 5048 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:59:58.0561 5048 hcw85cir - ok
22:59:58.0595 5048 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:59:58.0598 5048 HDAudBus - ok
22:59:58.0615 5048 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:59:58.0617 5048 HidBatt - ok
22:59:58.0642 5048 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:59:58.0644 5048 HidBth - ok
22:59:58.0667 5048 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:59:58.0668 5048 HidIr - ok
22:59:58.0704 5048 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:59:58.0707 5048 hidserv - ok
22:59:58.0744 5048 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:59:58.0745 5048 HidUsb - ok
22:59:58.0781 5048 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:59:58.0784 5048 hkmsvc - ok
22:59:58.0810 5048 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:59:58.0817 5048 HomeGroupListener - ok
22:59:58.0868 5048 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:59:58.0875 5048 HomeGroupProvider - ok
22:59:58.0933 5048 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
22:59:58.0935 5048 HP Health Check Service - ok
22:59:58.0974 5048 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:59:58.0975 5048 HpqKbFiltr - ok
22:59:59.0021 5048 [ E53D53D66D61794AF8160741946D0B43 ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
22:59:59.0022 5048 HpqRemHid - ok
22:59:59.0085 5048 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:59:59.0087 5048 hpqwmiex - ok
22:59:59.0116 5048 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
22:59:59.0119 5048 HpSAMD - ok
22:59:59.0183 5048 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:59:59.0203 5048 HTTP - ok
22:59:59.0218 5048 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:59:59.0219 5048 hwpolicy - ok
22:59:59.0257 5048 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:59:59.0260 5048 i8042prt - ok
22:59:59.0327 5048 [ 681EF6E0CC7BBAA0C09ACABEB91F669E ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:59:59.0333 5048 IAANTMON - ok
22:59:59.0394 5048 [ 16A4671255CFB842225F0FDB6DBDB414 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:59:59.0399 5048 iaStor - ok
22:59:59.0461 5048 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:59:59.0469 5048 iaStorV - ok
22:59:59.0520 5048 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:59:59.0522 5048 IDriverT - ok
22:59:59.0589 5048 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:59:59.0627 5048 idsvc - ok
22:59:59.0744 5048 [ 74D853B594521CF804C9A3F04A50F97E ] IDSvia64 C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSviA64.sys
22:59:59.0749 5048 IDSvia64 - ok
22:59:59.0947 5048 [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:00:00.0155 5048 igfx - ok
23:00:00.0191 5048 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:00:00.0192 5048 iirsp - ok
23:00:00.0259 5048 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
23:00:00.0296 5048 IKEEXT - ok
23:00:00.0368 5048 [ 296A2C63C4115A6E368F4C1C54E6D904 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:00:00.0383 5048 IntcAzAudAddService - ok
23:00:00.0408 5048 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:00:00.0409 5048 intelide - ok
23:00:00.0447 5048 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:00:00.0448 5048 intelppm - ok
23:00:00.0475 5048 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:00:00.0479 5048 IPBusEnum - ok
23:00:00.0505 5048 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:00:00.0507 5048 IpFilterDriver - ok
23:00:00.0528 5048 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:00:00.0530 5048 IPMIDRV - ok
23:00:00.0552 5048 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:00:00.0555 5048 IPNAT - ok
23:00:00.0664 5048 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:00:00.0694 5048 iPod Service - ok
23:00:00.0724 5048 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:00:00.0725 5048 IRENUM - ok
23:00:00.0747 5048 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:00:00.0748 5048 isapnp - ok
23:00:00.0791 5048 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:00:00.0794 5048 iScsiPrt - ok
23:00:00.0824 5048 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:00:00.0828 5048 kbdclass - ok
23:00:00.0863 5048 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:00:00.0864 5048 kbdhid - ok
23:00:00.0883 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
23:00:00.0886 5048 KeyIso - ok
23:00:00.0923 5048 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:00:00.0925 5048 KSecDD - ok
23:00:00.0942 5048 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:00:00.0945 5048 KSecPkg - ok
23:00:00.0965 5048 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:00:00.0966 5048 ksthunk - ok
23:00:01.0031 5048 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:00:01.0041 5048 KtmRm - ok
23:00:01.0082 5048 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:00:01.0091 5048 LanmanServer - ok
23:00:01.0142 5048 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:00:01.0149 5048 LanmanWorkstation - ok
23:00:01.0229 5048 [ 53710476495886D9961BE46983A6A33F ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:00:01.0230 5048 LightScribeService - ok
23:00:01.0360 5048 [ 63ED50A6ED61829C2DEF5B733D258A05 ] LiveUpdate c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
23:00:01.0474 5048 LiveUpdate - ok
23:00:01.0502 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] LiveUpdate Notice c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
23:00:01.0503 5048 LiveUpdate Notice - ok
23:00:01.0551 5048 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:00:01.0553 5048 lltdio - ok
23:00:01.0600 5048 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:00:01.0608 5048 lltdsvc - ok
23:00:01.0629 5048 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:00:01.0632 5048 lmhosts - ok
23:00:01.0678 5048 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:00:01.0681 5048 LSI_FC - ok
23:00:01.0703 5048 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:00:01.0705 5048 LSI_SAS - ok
23:00:01.0725 5048 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:00:01.0727 5048 LSI_SAS2 - ok
23:00:01.0748 5048 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:00:01.0751 5048 LSI_SCSI - ok
23:00:01.0791 5048 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:00:01.0794 5048 luafv - ok
23:00:01.0889 5048 [ AE14CA6B4AEA31388F825EFBBD51E807 ] lxduCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe
23:00:01.0891 5048 lxduCATSCustConnectService - ok
23:00:01.0897 5048 lxdu_device - ok
23:00:01.0955 5048 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:00:01.0957 5048 Mcx2Svc - ok
23:00:02.0050 5048 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:00:02.0054 5048 MDM - ok
23:00:02.0072 5048 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:00:02.0073 5048 megasas - ok
23:00:02.0098 5048 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:00:02.0107 5048 MegaSR - ok
23:00:02.0206 5048 Microsoft SharePoint Workspace Audit Service - ok
23:00:02.0239 5048 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:00:02.0243 5048 MMCSS - ok
23:00:02.0263 5048 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:00:02.0264 5048 Modem - ok
23:00:02.0291 5048 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:00:02.0293 5048 monitor - ok
23:00:02.0307 5048 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:00:02.0308 5048 mouclass - ok
23:00:02.0326 5048 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:00:02.0327 5048 mouhid - ok
23:00:02.0349 5048 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:00:02.0351 5048 mountmgr - ok
23:00:02.0372 5048 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:00:02.0376 5048 mpio - ok
23:00:02.0399 5048 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:00:02.0401 5048 mpsdrv - ok
23:00:02.0428 5048 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:00:02.0431 5048 MRxDAV - ok
23:00:02.0469 5048 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:00:02.0472 5048 mrxsmb - ok
23:00:02.0495 5048 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:00:02.0501 5048 mrxsmb10 - ok
23:00:02.0527 5048 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:00:02.0530 5048 mrxsmb20 - ok
23:00:02.0549 5048 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:00:02.0550 5048 msahci - ok
23:00:02.0574 5048 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:00:02.0578 5048 msdsm - ok
23:00:02.0618 5048 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:00:02.0623 5048 MSDTC - ok
23:00:02.0640 5048 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:00:02.0641 5048 Msfs - ok
23:00:02.0677 5048 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:00:02.0678 5048 mshidkmdf - ok
23:00:02.0688 5048 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:00:02.0689 5048 msisadrv - ok
23:00:02.0722 5048 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:00:02.0727 5048 MSiSCSI - ok
23:00:02.0735 5048 msiserver - ok
23:00:02.0766 5048 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:00:02.0767 5048 MSKSSRV - ok
23:00:02.0787 5048 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:00:02.0788 5048 MSPCLOCK - ok
23:00:02.0810 5048 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:00:02.0811 5048 MSPQM - ok
23:00:02.0841 5048 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:00:02.0849 5048 MsRPC - ok
23:00:02.0911 5048 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:00:02.0912 5048 mssmbios - ok
23:00:03.0004 5048 MSSQL$DYNAMICSGPEDU - ok
23:00:03.0039 5048 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:00:03.0040 5048 MSSQLServerADHelper - ok
23:00:03.0053 5048 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:00:03.0054 5048 MSTEE - ok
23:00:03.0071 5048 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:00:03.0071 5048 MTConfig - ok
23:00:03.0095 5048 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:00:03.0096 5048 Mup - ok
23:00:03.0147 5048 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
23:00:03.0167 5048 napagent - ok
23:00:03.0254 5048 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:00:03.0260 5048 NativeWifiP - ok
23:00:03.0347 5048 [ 4F5B214776D7B9BBC7CBC6623BFA4F79 ] NAVENG C:\ProgramData\Symantec\Definitions\VirusDefs\20071105.016\ENG64.SYS
23:00:03.0349 5048 NAVENG - ok
23:00:03.0440 5048 [ D6973E1203F3906B441D19380D7C00A2 ] NAVEX15 C:\ProgramData\Symantec\Definitions\VirusDefs\20071105.016\EX64.SYS
23:00:03.0457 5048 NAVEX15 - ok
23:00:03.0525 5048 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:00:03.0563 5048 NDIS - ok
23:00:03.0589 5048 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:00:03.0591 5048 NdisCap - ok
23:00:03.0643 5048 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:00:03.0644 5048 NdisTapi - ok
23:00:03.0683 5048 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:00:03.0685 5048 Ndisuio - ok
23:00:03.0707 5048 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:00:03.0711 5048 NdisWan - ok
23:00:03.0727 5048 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:00:03.0729 5048 NDProxy - ok
23:00:03.0748 5048 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:00:03.0749 5048 NetBIOS - ok
23:00:03.0771 5048 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:00:03.0774 5048 NetBT - ok
23:00:03.0787 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
23:00:03.0790 5048 Netlogon - ok
23:00:03.0858 5048 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:00:03.0875 5048 Netman - ok
23:00:03.0926 5048 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:00:03.0945 5048 netprofm - ok
23:00:04.0009 5048 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:00:04.0011 5048 NetTcpPortSharing - ok
23:00:04.0200 5048 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
23:00:04.0369 5048 netw5v64 - ok
23:00:04.0410 5048 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:00:04.0411 5048 nfrd960 - ok
23:00:04.0464 5048 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:00:04.0473 5048 NlaSvc - ok
23:00:04.0492 5048 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:00:04.0494 5048 Npfs - ok
23:00:04.0510 5048 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:00:04.0513 5048 nsi - ok
23:00:04.0525 5048 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:00:04.0526 5048 nsiproxy - ok
23:00:04.0610 5048 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:00:04.0682 5048 Ntfs - ok
23:00:04.0700 5048 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:00:04.0701 5048 Null - ok
23:00:04.0755 5048 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:00:04.0759 5048 nvraid - ok
23:00:04.0816 5048 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:00:04.0820 5048 nvstor - ok
23:00:04.0857 5048 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:00:04.0859 5048 nv_agp - ok
23:00:04.0881 5048 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:00:04.0886 5048 ohci1394 - ok
23:00:04.0929 5048 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:00:04.0932 5048 ose - ok
23:00:05.0174 5048 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:00:05.0321 5048 osppsvc - ok
23:00:05.0365 5048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:00:05.0370 5048 p2pimsvc - ok
23:00:05.0408 5048 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:00:05.0416 5048 p2psvc - ok
23:00:05.0444 5048 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:00:05.0445 5048 Parport - ok
23:00:05.0470 5048 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:00:05.0471 5048 partmgr - ok
23:00:05.0493 5048 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:00:05.0498 5048 PcaSvc - ok
23:00:05.0519 5048 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
23:00:05.0521 5048 pci - ok
23:00:05.0539 5048 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:00:05.0539 5048 pciide - ok
23:00:05.0560 5048 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:00:05.0563 5048 pcmcia - ok
23:00:05.0587 5048 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:00:05.0588 5048 pcw - ok
23:00:05.0616 5048 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:00:05.0637 5048 PEAUTH - ok
23:00:05.0715 5048 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:00:05.0776 5048 PeerDistSvc - ok
23:00:05.0918 5048 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:00:05.0921 5048 PerfHost - ok
23:00:06.0047 5048 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
23:00:06.0110 5048 pla - ok
23:00:06.0164 5048 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:00:06.0188 5048 PlugPlay - ok
23:00:06.0206 5048 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:00:06.0210 5048 PNRPAutoReg - ok
23:00:06.0234 5048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:00:06.0241 5048 PNRPsvc - ok
23:00:06.0282 5048 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:00:06.0301 5048 PolicyAgent - ok
23:00:06.0342 5048 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:00:06.0348 5048 Power - ok
23:00:06.0395 5048 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:00:06.0398 5048 PptpMiniport - ok
23:00:06.0424 5048 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:00:06.0426 5048 Processor - ok
23:00:06.0457 5048 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
23:00:06.0464 5048 ProfSvc - ok
23:00:06.0479 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:00:06.0482 5048 ProtectedStorage - ok
23:00:06.0517 5048 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:00:06.0519 5048 Psched - ok
23:00:06.0595 5048 [ B88A7753FCBD7DE54BCEDB95DC6A68E2 ] psqlWGE C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
23:00:06.0601 5048 psqlWGE - ok
23:00:06.0685 5048 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:00:06.0755 5048 ql2300 - ok
23:00:06.0788 5048 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:00:06.0791 5048 ql40xx - ok
23:00:06.0921 5048 [ BA396D1C71934E22679D3F4DAC17E7AB ] QPCapSvc C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
23:00:06.0925 5048 QPCapSvc - ok
23:00:06.0939 5048 [ 4B455E8C41CAD3219CCF53024DCAD604 ] QPSched C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
23:00:06.0942 5048 QPSched - ok
23:00:06.0994 5048 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:00:07.0002 5048 QWAVE - ok
23:00:07.0023 5048 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:00:07.0025 5048 QWAVEdrv - ok
23:00:07.0061 5048 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:00:07.0062 5048 RasAcd - ok
23:00:07.0112 5048 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:00:07.0114 5048 RasAgileVpn - ok
23:00:07.0135 5048 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:00:07.0140 5048 RasAuto - ok
23:00:07.0160 5048 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:00:07.0163 5048 Rasl2tp - ok
23:00:07.0189 5048 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
23:00:07.0209 5048 RasMan - ok
23:00:07.0240 5048 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:00:07.0243 5048 RasPppoe - ok
23:00:07.0292 5048 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:00:07.0295 5048 RasSstp - ok
23:00:07.0322 5048 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:00:07.0328 5048 rdbss - ok
23:00:07.0346 5048 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:00:07.0348 5048 rdpbus - ok
23:00:07.0364 5048 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:00:07.0365 5048 RDPCDD - ok
23:00:07.0425 5048 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:00:07.0428 5048 RDPDR - ok
23:00:07.0447 5048 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:00:07.0448 5048 RDPENCDD - ok
23:00:07.0464 5048 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:00:07.0465 5048 RDPREFMP - ok
23:00:07.0500 5048 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:00:07.0505 5048 RDPWD - ok
23:00:07.0528 5048 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:00:07.0533 5048 rdyboost - ok
23:00:07.0595 5048 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:00:07.0599 5048 RemoteAccess - ok
23:00:07.0650 5048 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:00:07.0656 5048 RemoteRegistry - ok
23:00:07.0750 5048 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
23:00:07.0754 5048 RichVideo - ok
23:00:07.0805 5048 [ E31960692CBB3A8BCDF300BC1D889E1F ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
23:00:07.0806 5048 rimmptsk - ok
23:00:07.0827 5048 [ 82356915157AB59064A24993AE5BE8AA ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
23:00:07.0847 5048 rimsptsk - ok
23:00:07.0895 5048 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:00:07.0896 5048 RimUsb - ok
23:00:07.0962 5048 [ C01A92A546854A3E34103B642F0F94A1 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
23:00:07.0964 5048 rismxdp - ok
23:00:07.0987 5048 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:00:07.0991 5048 RpcEptMapper - ok
23:00:08.0021 5048 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:00:08.0024 5048 RpcLocator - ok
23:00:08.0055 5048 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
23:00:08.0064 5048 RpcSs - ok
23:00:08.0137 5048 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:00:08.0139 5048 rspndr - ok
23:00:08.0166 5048 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:00:08.0171 5048 RTL8167 - ok
23:00:08.0209 5048 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
23:00:08.0211 5048 s3cap - ok
23:00:08.0237 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
23:00:08.0240 5048 SamSs - ok
23:00:08.0262 5048 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:00:08.0266 5048 sbp2port - ok
23:00:08.0304 5048 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:00:08.0311 5048 SCardSvr - ok
23:00:08.0329 5048 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:00:08.0331 5048 scfilter - ok
23:00:08.0395 5048 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
23:00:08.0452 5048 Schedule - ok
23:00:08.0487 5048 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:00:08.0489 5048 SCPolicySvc - ok
23:00:08.0534 5048 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:00:08.0537 5048 sdbus - ok
23:00:08.0560 5048 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:00:08.0566 5048 SDRSVC - ok
23:00:08.0637 5048 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:00:08.0640 5048 SeaPort - ok
23:00:08.0680 5048 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:00:08.0681 5048 secdrv - ok
23:00:08.0700 5048 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
23:00:08.0704 5048 seclogon - ok
23:00:08.0725 5048 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:00:08.0730 5048 SENS - ok
23:00:08.0745 5048 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:00:08.0750 5048 SensrSvc - ok
23:00:08.0793 5048 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:00:08.0794 5048 Serenum - ok
23:00:08.0816 5048 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:00:08.0818 5048 Serial - ok
23:00:08.0839 5048 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:00:08.0840 5048 sermouse - ok
23:00:08.0881 5048 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
23:00:08.0886 5048 SessionEnv - ok
23:00:08.0908 5048 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:00:08.0910 5048 sffdisk - ok
23:00:08.0921 5048 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:00:08.0922 5048 sffp_mmc - ok
23:00:08.0943 5048 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:00:08.0944 5048 sffp_sd - ok
23:00:08.0980 5048 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:00:08.0981 5048 sfloppy - ok
23:00:09.0031 5048 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:00:09.0040 5048 SharedAccess - ok
23:00:09.0094 5048 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:00:09.0105 5048 ShellHWDetection - ok
23:00:09.0130 5048 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:00:09.0132 5048 SiSRaid2 - ok
23:00:09.0160 5048 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:00:09.0163 5048 SiSRaid4 - ok
23:00:09.0193 5048 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:00:09.0195 5048 Smb - ok
23:00:09.0281 5048 [ 5F1767B8281EEEA159D8A37E33EB04AE ] smserial C:\Windows\system32\DRIVERS\smserial.sys
23:00:09.0328 5048 smserial - ok
23:00:09.0354 5048 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:00:09.0358 5048 SNMPTRAP - ok
23:00:09.0371 5048 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:00:09.0372 5048 spldr - ok
23:00:09.0424 5048 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
23:00:09.0434 5048 Spooler - ok
23:00:09.0571 5048 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
23:00:09.0702 5048 sppsvc - ok
23:00:09.0723 5048 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:00:09.0727 5048 sppuinotify - ok
23:00:09.0782 5048 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:00:09.0785 5048 SQLBrowser - ok
23:00:09.0856 5048 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:00:09.0860 5048 SQLWriter - ok
23:00:09.0917 5048 [ 13972F058E13439C4CC731DD00C5680C ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS
23:00:09.0923 5048 SRTSP - ok
23:00:09.0976 5048 [ 33834F7FF98F3C7F0F73364D34DA87B2 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS
23:00:09.0986 5048 SRTSPL - ok
23:00:10.0014 5048 [ B75733249706F324FD653CFD60572165 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS
23:00:10.0016 5048 SRTSPX - ok
23:00:10.0060 5048 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:00:10.0080 5048 srv - ok
23:00:10.0110 5048 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:00:10.0119 5048 srv2 - ok
23:00:10.0142 5048 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:00:10.0145 5048 srvnet - ok
23:00:10.0197 5048 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:00:10.0205 5048 SSDPSRV - ok
23:00:10.0223 5048 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:00:10.0228 5048 SstpSvc - ok
23:00:10.0262 5048 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:00:10.0263 5048 stexstor - ok
23:00:10.0327 5048 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
23:00:10.0360 5048 stisvc - ok
23:00:10.0389 5048 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
23:00:10.0390 5048 storflt - ok
23:00:10.0420 5048 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
23:00:10.0421 5048 storvsc - ok
23:00:10.0439 5048 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:00:10.0440 5048 swenum - ok
23:00:10.0468 5048 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:00:10.0480 5048 swprv - ok
23:00:10.0601 5048 [ 8661637696D9C2502D77FD2736136486 ] Symantec Core LC C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
23:00:10.0657 5048 Symantec Core LC - ok
23:00:10.0697 5048 [ 4925A94B4E9882C6912234205CC11204 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:00:10.0699 5048 SymEvent - ok
23:00:10.0742 5048 [ 2C2D5213D4B5AE7BE7632F8F0BF5F359 ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
23:00:10.0744 5048 SYMREDRV - ok
23:00:10.0768 5048 [ 2B35A7A228D326E000097BB6F96F7C63 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
23:00:10.0772 5048 SYMTDI - ok
23:00:10.0822 5048 [ B432C6063D4C621241C2B6E05CA0C3E3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:00:10.0827 5048 SynTP - ok
23:00:10.0917 5048 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
23:00:10.0988 5048 SysMain - ok
23:00:11.0005 5048 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:00:11.0010 5048 TabletInputService - ok
23:00:11.0043 5048 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
23:00:11.0054 5048 TapiSrv - ok
23:00:11.0076 5048 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:00:11.0081 5048 TBS - ok
23:00:11.0180 5048 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:00:11.0269 5048 Tcpip - ok
23:00:11.0355 5048 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:00:11.0377 5048 TCPIP6 - ok
23:00:11.0420 5048 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:00:11.0421 5048 tcpipreg - ok
23:00:11.0447 5048 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:00:11.0448 5048 TDPIPE - ok
23:00:11.0485 5048 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:00:11.0486 5048 TDTCP - ok
23:00:11.0512 5048 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:00:11.0514 5048 tdx - ok
23:00:11.0536 5048 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:00:11.0538 5048 TermDD - ok
23:00:11.0599 5048 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
23:00:11.0633 5048 TermService - ok
23:00:11.0671 5048 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:00:11.0675 5048 Themes - ok
23:00:11.0708 5048 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:00:11.0711 5048 THREADORDER - ok
23:00:11.0728 5048 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:00:11.0735 5048 TrkWks - ok
23:00:11.0801 5048 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:00:11.0804 5048 TrustedInstaller - ok
23:00:11.0828 5048 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:00:11.0842 5048 tssecsrv - ok
23:00:11.0892 5048 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:00:11.0896 5048 tunnel - ok
23:00:11.0922 5048 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:00:11.0924 5048 uagp35 - ok
23:00:11.0955 5048 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:00:11.0962 5048 udfs - ok
23:00:12.0030 5048 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:00:12.0035 5048 UI0Detect - ok
23:00:12.0063 5048 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:00:12.0065 5048 uliagpkx - ok
23:00:12.0093 5048 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:00:12.0095 5048 umbus - ok
23:00:12.0110 5048 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:00:12.0111 5048 UmPass - ok
23:00:12.0154 5048 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
23:00:12.0162 5048 UmRdpService - ok
23:00:12.0188 5048 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:00:12.0200 5048 upnphost - ok
23:00:12.0251 5048 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:00:12.0252 5048 USBAAPL64 - ok
23:00:12.0307 5048 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:00:12.0310 5048 usbaudio - ok
23:00:12.0348 5048 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:00:12.0351 5048 usbccgp - ok
23:00:12.0389 5048 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:00:12.0392 5048 usbcir - ok
23:00:12.0433 5048 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:00:12.0435 5048 usbehci - ok
23:00:12.0485 5048 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:00:12.0493 5048 usbhub - ok
23:00:12.0510 5048 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:00:12.0511 5048 usbohci - ok
23:00:12.0553 5048 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:00:12.0554 5048 usbprint - ok
23:00:12.0584 5048 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:00:12.0585 5048 usbscan - ok
23:00:12.0628 5048 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:00:12.0631 5048 USBSTOR - ok
23:00:12.0653 5048 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:00:12.0655 5048 usbuhci - ok
23:00:12.0716 5048 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:00:12.0721 5048 usbvideo - ok
23:00:12.0760 5048 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:00:12.0765 5048 UxSms - ok
23:00:12.0773 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
23:00:12.0777 5048 VaultSvc - ok
23:00:12.0818 5048 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:00:12.0820 5048 vdrvroot - ok
23:00:12.0850 5048 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
23:00:12.0872 5048 vds - ok
23:00:12.0880 5048 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:00:12.0882 5048 vga - ok
23:00:12.0903 5048 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:00:12.0904 5048 VgaSave - ok
23:00:12.0934 5048 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:00:12.0939 5048 vhdmp - ok
23:00:12.0961 5048 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:00:12.0962 5048 viaide - ok
23:00:13.0003 5048 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
23:00:13.0008 5048 vmbus - ok
23:00:13.0026 5048 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
23:00:13.0027 5048 VMBusHID - ok
23:00:13.0051 5048 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:00:13.0053 5048 volmgr - ok
23:00:13.0084 5048 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:00:13.0091 5048 volmgrx - ok
23:00:13.0118 5048 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:00:13.0124 5048 volsnap - ok
23:00:13.0154 5048 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:00:13.0158 5048 vsmraid - ok
23:00:13.0240 5048 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
23:00:13.0298 5048 VSS - ok
23:00:13.0321 5048 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:00:13.0323 5048 vwifibus - ok
23:00:13.0354 5048 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:00:13.0365 5048 W32Time - ok
23:00:13.0388 5048 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:00:13.0390 5048 WacomPen - ok
23:00:13.0424 5048 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:00:13.0426 5048 WANARP - ok
23:00:13.0452 5048 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:00:13.0454 5048 Wanarpv6 - ok
23:00:13.0549 5048 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:00:13.0606 5048 WatAdminSvc - ok
23:00:13.0672 5048 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
23:00:13.0745 5048 wbengine - ok
23:00:13.0764 5048 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:00:13.0773 5048 WbioSrvc - ok
23:00:13.0820 5048 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:00:13.0839 5048 wcncsvc - ok
23:00:13.0870 5048 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:00:13.0875 5048 WcsPlugInService - ok
23:00:13.0918 5048 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:00:13.0919 5048 Wd - ok
23:00:13.0959 5048 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:00:13.0980 5048 Wdf01000 - ok
23:00:13.0997 5048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:00:14.0002 5048 WdiServiceHost - ok
23:00:14.0010 5048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:00:14.0017 5048 WdiSystemHost - ok
23:00:14.0065 5048 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
23:00:14.0074 5048 WebClient - ok
23:00:14.0098 5048 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:00:14.0107 5048 Wecsvc - ok
23:00:14.0126 5048 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:00:14.0132 5048 wercplsupport - ok
23:00:14.0154 5048 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:00:14.0161 5048 WerSvc - ok
23:00:14.0175 5048 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:00:14.0177 5048 WfpLwf - ok
23:00:14.0193 5048 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:00:14.0195 5048 WIMMount - ok
23:00:14.0204 5048 WinHttpAutoProxySvc - ok
23:00:14.0287 5048 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:00:14.0293 5048 Winmgmt - ok
23:00:14.0389 5048 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
23:00:14.0466 5048 WinRM - ok
23:00:14.0543 5048 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:00:14.0544 5048 WinUsb - ok
23:00:14.0601 5048 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:00:14.0638 5048 Wlansvc - ok
23:00:14.0787 5048 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:00:14.0873 5048 wlidsvc - ok
23:00:14.0916 5048 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:00:14.0918 5048 WmiAcpi - ok
23:00:14.0971 5048 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:00:14.0976 5048 wmiApSrv - ok
23:00:15.0015 5048 WMPNetworkSvc - ok
23:00:15.0051 5048 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:00:15.0056 5048 WPCSvc - ok
23:00:15.0074 5048 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:00:15.0081 5048 WPDBusEnum - ok
23:00:15.0221 5048 WPFFontCache_v0400 - ok
23:00:15.0262 5048 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:00:15.0264 5048 ws2ifsl - ok
23:00:15.0271 5048 WSearch - ok
23:00:15.0382 5048 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:00:15.0475 5048 wuauserv - ok
23:00:15.0510 5048 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:00:15.0514 5048 WudfPf - ok
23:00:15.0564 5048 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:00:15.0568 5048 WUDFRd - ok
23:00:15.0609 5048 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:00:15.0615 5048 wudfsvc - ok
23:00:15.0643 5048 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:00:15.0651 5048 WwanSvc - ok
23:00:15.0667 5048 ================ Scan global ===============================
23:00:15.0701 5048 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:00:15.0750 5048 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:00:15.0800 5048 [ 6BF2039986AF96D98E08824AC6C383FD ] C:\Windows\system32\consrv.dll
23:00:15.0888 5048 C:\Windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - infected
23:00:15.0889 5048 C:\Windows\system32\consrv.dll - detected Backdoor.Multi.ZAccess.genb (0)
23:00:15.0937 5048 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:00:15.0945 5048 ================ Scan MBR ==================================
23:00:15.0956 5048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:00:16.0494 5048 \Device\Harddisk0\DR0 - ok
23:00:16.0495 5048 ================ Scan VBR ==================================
23:00:16.0501 5048 [ 6689EC4F90F9F9138A1B7F630716EF3C ] \Device\Harddisk0\DR0\Partition1
23:00:16.0503 5048 \Device\Harddisk0\DR0\Partition1 - ok
23:00:16.0526 5048 [ E529A042201255A3DB26F465BD9116BE ] \Device\Harddisk0\DR0\Partition2
23:00:16.0530 5048 \Device\Harddisk0\DR0\Partition2 - ok
23:00:16.0530 5048 ============================================================
23:00:16.0530 5048 Scan finished
23:00:16.0530 5048 ============================================================
23:00:16.0550 2904 Detected object count: 2
23:00:16.0550 2904 Actual detected object count: 2
23:01:08.0207 2904 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
23:01:08.0207 2904 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
23:01:08.0223 2904 C:\Windows\system32\consrv.dll - copied to quarantine
23:01:09.0519 2904 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
23:01:09.0528 2904 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
23:01:09.0691 2904 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems:Windows - will be cured on reboot
23:01:09.0691 2904 C:\Windows\system32\consrv.dll - will be deleted on reboot
23:01:09.0758 2904 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
23:01:09.0758 2904 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
23:01:09.0764 2904 C:\Windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - User select action: Delete
23:07:44.0123 0988 Deinitialize success






22:56:36.0383 4344 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:56:37.0980 4344 ============================================================
22:56:37.0980 4344 Current date / time: 2012/09/11 22:56:37.0980
22:56:37.0980 4344 SystemInfo:
22:56:37.0980 4344
22:56:37.0980 4344 OS Version: 6.1.7600 ServicePack: 0.0
22:56:37.0980 4344 Product type: Workstation
22:56:37.0980 4344 ComputerName: EFRAIN-PC
22:56:37.0980 4344 UserName: malena
22:56:37.0981 4344 Windows directory: C:\Windows
22:56:37.0981 4344 System windows directory: C:\Windows
22:56:37.0981 4344 Running under WOW64
22:56:37.0981 4344 Processor architecture: Intel x64
22:56:37.0981 4344 Number of processors: 2
22:56:37.0981 4344 Page size: 0x1000
22:56:37.0981 4344 Boot type: Normal boot
22:56:37.0981 4344 ============================================================
22:56:38.0812 4344 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:56:38.0853 4344 ============================================================
22:56:38.0853 4344 \Device\Harddisk0\DR0:
22:56:38.0853 4344 MBR partitions:
22:56:38.0853 4344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B80F034
22:56:38.0853 4344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B80F073, BlocksNum 0x19B550E
22:56:38.0853 4344 ============================================================
22:56:38.0880 4344 C: <-> \Device\Harddisk0\DR0\Partition1
22:56:38.0923 4344 D: <-> \Device\Harddisk0\DR0\Partition2
22:56:38.0923 4344 ============================================================
22:56:38.0923 4344 Initialize success
22:56:38.0923 4344 ============================================================
22:59:50.0986 5048 ============================================================
22:59:50.0986 5048 Scan started
22:59:50.0986 5048 Mode: Manual; TDLFS;
22:59:50.0986 5048 ============================================================
22:59:51.0477 5048 ================ Scan system memory ========================
22:59:51.0477 5048 System memory - ok
22:59:51.0478 5048 ================ Scan services =============================
22:59:51.0751 5048 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:59:51.0756 5048 1394ohci - ok
22:59:51.0802 5048 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
22:59:51.0809 5048 ACPI - ok
22:59:51.0830 5048 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
22:59:51.0831 5048 AcpiPmi - ok
22:59:52.0029 5048 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:59:52.0032 5048 AdobeFlashPlayerUpdateSvc - ok
22:59:52.0090 5048 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:59:52.0100 5048 adp94xx - ok
22:59:52.0142 5048 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:59:52.0150 5048 adpahci - ok
22:59:52.0198 5048 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:59:52.0202 5048 adpu320 - ok
22:59:52.0248 5048 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:59:52.0250 5048 AeLookupSvc - ok
22:59:52.0308 5048 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
22:59:52.0316 5048 AFD - ok
22:59:52.0343 5048 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
22:59:52.0344 5048 agp440 - ok
22:59:52.0631 5048 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
22:59:52.0631 5048 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
22:59:52.0646 5048 Akamai ( HiddenFile.Multi.Generic ) - warning
22:59:52.0646 5048 Akamai - detected HiddenFile.Multi.Generic (1)
22:59:52.0663 5048 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:59:52.0665 5048 ALG - ok
22:59:52.0710 5048 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
22:59:52.0711 5048 aliide - ok
22:59:52.0719 5048 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
22:59:52.0721 5048 amdide - ok
22:59:52.0755 5048 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:59:52.0757 5048 AmdK8 - ok
22:59:52.0775 5048 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:59:52.0777 5048 AmdPPM - ok
22:59:52.0830 5048 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:59:52.0833 5048 amdsata - ok
22:59:52.0871 5048 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:59:52.0875 5048 amdsbs - ok
22:59:52.0895 5048 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:59:52.0897 5048 amdxata - ok
22:59:52.0941 5048 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
22:59:52.0943 5048 AppID - ok
22:59:52.0982 5048 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:59:52.0983 5048 AppIDSvc - ok
22:59:53.0005 5048 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
22:59:53.0007 5048 Appinfo - ok
22:59:53.0134 5048 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:59:53.0136 5048 Apple Mobile Device - ok
22:59:53.0196 5048 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:59:53.0200 5048 AppMgmt - ok
22:59:53.0230 5048 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:59:53.0232 5048 arc - ok
22:59:53.0254 5048 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:59:53.0257 5048 arcsas - ok
22:59:53.0291 5048 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:59:53.0293 5048 AsyncMac - ok
22:59:53.0325 5048 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
22:59:53.0326 5048 atapi - ok
22:59:53.0395 5048 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:59:53.0415 5048 AudioEndpointBuilder - ok
22:59:53.0436 5048 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:59:53.0444 5048 AudioSrv - ok
22:59:53.0523 5048 [ DE220DCEA74E13E659FF6192C3AFE49C ] Automatic LiveUpdate Scheduler c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
22:59:53.0526 5048 Automatic LiveUpdate Scheduler - ok
22:59:53.0572 5048 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:59:53.0575 5048 AxInstSV - ok
22:59:53.0655 5048 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:59:53.0675 5048 b06bdrv - ok
22:59:53.0758 5048 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:59:53.0764 5048 b57nd60a - ok
22:59:53.0847 5048 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:59:53.0850 5048 BBSvc - ok
22:59:53.0880 5048 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:59:53.0882 5048 BDESVC - ok
22:59:53.0900 5048 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:59:53.0901 5048 Beep - ok
22:59:53.0972 5048 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
22:59:54.0010 5048 BITS - ok
22:59:54.0058 5048 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:59:54.0060 5048 blbdrive - ok
22:59:54.0157 5048 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:59:54.0163 5048 Bonjour Service - ok
22:59:54.0212 5048 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:59:54.0214 5048 bowser - ok
22:59:54.0253 5048 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:59:54.0254 5048 BrFiltLo - ok
22:59:54.0272 5048 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:59:54.0273 5048 BrFiltUp - ok
22:59:54.0322 5048 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
22:59:54.0325 5048 Browser - ok
22:59:54.0355 5048 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:59:54.0361 5048 Brserid - ok
22:59:54.0410 5048 [ 34F6C504B150F99DAE69D7073D2A4DF4 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
22:59:54.0413 5048 BrSerIf - ok
22:59:54.0439 5048 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:59:54.0440 5048 BrSerWdm - ok
22:59:54.0463 5048 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:59:54.0464 5048 BrUsbMdm - ok
22:59:54.0490 5048 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
22:59:54.0491 5048 BrUsbSer - ok
22:59:54.0525 5048 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:59:54.0526 5048 BTHMODEM - ok
22:59:54.0584 5048 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:59:54.0586 5048 bthserv - ok
22:59:54.0637 5048 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
22:59:54.0638 5048 BVRPMPR5a64 - ok
22:59:54.0703 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] ccEvtMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
22:59:54.0705 5048 ccEvtMgr - ok
22:59:54.0715 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] ccSetMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
22:59:54.0718 5048 ccSetMgr - ok
22:59:54.0763 5048 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:59:54.0766 5048 cdfs - ok
22:59:54.0809 5048 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:59:54.0811 5048 cdrom - ok
22:59:54.0857 5048 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
22:59:54.0859 5048 CertPropSvc - ok
22:59:54.0891 5048 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:59:54.0892 5048 circlass - ok
22:59:54.0934 5048 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:59:54.0939 5048 CLFS - ok
22:59:55.0026 5048 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:59:55.0028 5048 clr_optimization_v2.0.50727_32 - ok
22:59:55.0094 5048 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:59:55.0097 5048 clr_optimization_v2.0.50727_64 - ok
22:59:55.0190 5048 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:59:55.0193 5048 clr_optimization_v4.0.30319_32 - ok
22:59:55.0229 5048 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:59:55.0233 5048 clr_optimization_v4.0.30319_64 - ok
22:59:55.0259 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] CLTNetCnService c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
22:59:55.0261 5048 CLTNetCnService - ok
22:59:55.0307 5048 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:59:55.0309 5048 CmBatt - ok
22:59:55.0333 5048 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
22:59:55.0334 5048 cmdide - ok
22:59:55.0382 5048 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
22:59:55.0391 5048 CNG - ok
22:59:55.0494 5048 [ D8774ACE03B46C9B01A49818055F9AD4 ] Com4Qlb C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
22:59:55.0496 5048 Com4Qlb - ok
22:59:55.0563 5048 [ 41CC83C49CED7EBC4D6C5ADFB4EAFF00 ] comHost c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
22:59:55.0567 5048 comHost - ok
22:59:55.0602 5048 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:59:55.0603 5048 Compbatt - ok
22:59:55.0640 5048 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:59:55.0641 5048 CompositeBus - ok
22:59:55.0660 5048 COMSysApp - ok
22:59:55.0682 5048 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:59:55.0683 5048 crcdisk - ok
22:59:55.0740 5048 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:59:55.0744 5048 CryptSvc - ok
22:59:55.0808 5048 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
22:59:55.0828 5048 CSC - ok
22:59:55.0886 5048 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
22:59:55.0909 5048 CscService - ok
22:59:55.0982 5048 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:59:56.0002 5048 DcomLaunch - ok
22:59:56.0054 5048 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:59:56.0061 5048 defragsvc - ok
22:59:56.0103 5048 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:59:56.0106 5048 DfsC - ok
22:59:56.0155 5048 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
22:59:56.0163 5048 Dhcp - ok
22:59:56.0197 5048 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:59:56.0198 5048 discache - ok
22:59:56.0245 5048 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:59:56.0247 5048 Disk - ok
22:59:56.0283 5048 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:59:56.0288 5048 Dnscache - ok
22:59:56.0338 5048 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
22:59:56.0345 5048 dot3svc - ok
22:59:56.0371 5048 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
22:59:56.0376 5048 DPS - ok
22:59:56.0421 5048 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:59:56.0422 5048 drmkaud - ok
22:59:56.0491 5048 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:59:56.0502 5048 DXGKrnl - ok
22:59:56.0572 5048 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:59:56.0575 5048 EapHost - ok
22:59:56.0715 5048 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:59:56.0844 5048 ebdrv - ok
22:59:56.0887 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
22:59:56.0890 5048 EFS - ok
22:59:56.0972 5048 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:59:57.0002 5048 ehRecvr - ok
22:59:57.0053 5048 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:59:57.0056 5048 ehSched - ok
22:59:57.0114 5048 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:59:57.0134 5048 elxstor - ok
22:59:57.0153 5048 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
22:59:57.0154 5048 ErrDev - ok
22:59:57.0211 5048 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:59:57.0222 5048 EventSystem - ok
22:59:57.0252 5048 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:59:57.0256 5048 exfat - ok
22:59:57.0291 5048 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:59:57.0296 5048 fastfat - ok
22:59:57.0358 5048 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
22:59:57.0379 5048 Fax - ok
22:59:57.0415 5048 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:59:57.0416 5048 fdc - ok
22:59:57.0448 5048 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:59:57.0450 5048 fdPHost - ok
22:59:57.0465 5048 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:59:57.0467 5048 FDResPub - ok
22:59:57.0491 5048 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:59:57.0492 5048 FileInfo - ok
22:59:57.0506 5048 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:59:57.0507 5048 Filetrace - ok
22:59:57.0603 5048 [ D778107D7C2A19D7E7A884A9F0D79581 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:59:57.0626 5048 FLEXnet Licensing Service - ok
22:59:57.0667 5048 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:59:57.0668 5048 flpydisk - ok
22:59:57.0702 5048 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:59:57.0708 5048 FltMgr - ok
22:59:57.0783 5048 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
22:59:57.0868 5048 FontCache - ok
22:59:57.0943 5048 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:59:57.0944 5048 FontCache3.0.0.0 - ok
22:59:57.0965 5048 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:59:57.0966 5048 FsDepends - ok
22:59:58.0000 5048 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:59:58.0001 5048 Fs_Rec - ok
22:59:58.0058 5048 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:59:58.0061 5048 fvevol - ok
22:59:58.0101 5048 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:59:58.0103 5048 gagp30kx - ok
22:59:58.0202 5048 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
22:59:58.0204 5048 GameConsoleService - ok
22:59:58.0233 5048 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:59:58.0234 5048 GEARAspiWDM - ok
22:59:58.0294 5048 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
22:59:58.0331 5048 gpsvc - ok
22:59:58.0459 5048 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:59:58.0462 5048 gupdate - ok
22:59:58.0478 5048 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:59:58.0480 5048 gupdatem - ok
22:59:58.0538 5048 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:59:58.0541 5048 gusvc - ok
22:59:58.0560 5048 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:59:58.0561 5048 hcw85cir - ok
22:59:58.0595 5048 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:59:58.0598 5048 HDAudBus - ok
22:59:58.0615 5048 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:59:58.0617 5048 HidBatt - ok
22:59:58.0642 5048 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:59:58.0644 5048 HidBth - ok
22:59:58.0667 5048 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:59:58.0668 5048 HidIr - ok
22:59:58.0704 5048 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:59:58.0707 5048 hidserv - ok
22:59:58.0744 5048 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:59:58.0745 5048 HidUsb - ok
22:59:58.0781 5048 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:59:58.0784 5048 hkmsvc - ok
22:59:58.0810 5048 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:59:58.0817 5048 HomeGroupListener - ok
22:59:58.0868 5048 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:59:58.0875 5048 HomeGroupProvider - ok
22:59:58.0933 5048 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
22:59:58.0935 5048 HP Health Check Service - ok
22:59:58.0974 5048 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:59:58.0975 5048 HpqKbFiltr - ok
22:59:59.0021 5048 [ E53D53D66D61794AF8160741946D0B43 ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
22:59:59.0022 5048 HpqRemHid - ok
22:59:59.0085 5048 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:59:59.0087 5048 hpqwmiex - ok
22:59:59.0116 5048 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
22:59:59.0119 5048 HpSAMD - ok
22:59:59.0183 5048 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:59:59.0203 5048 HTTP - ok
22:59:59.0218 5048 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:59:59.0219 5048 hwpolicy - ok
22:59:59.0257 5048 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:59:59.0260 5048 i8042prt - ok
22:59:59.0327 5048 [ 681EF6E0CC7BBAA0C09ACABEB91F669E ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:59:59.0333 5048 IAANTMON - ok
22:59:59.0394 5048 [ 16A4671255CFB842225F0FDB6DBDB414 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:59:59.0399 5048 iaStor - ok
22:59:59.0461 5048 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:59:59.0469 5048 iaStorV - ok
22:59:59.0520 5048 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:59:59.0522 5048 IDriverT - ok
22:59:59.0589 5048 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:59:59.0627 5048 idsvc - ok
22:59:59.0744 5048 [ 74D853B594521CF804C9A3F04A50F97E ] IDSvia64 C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSviA64.sys
22:59:59.0749 5048 IDSvia64 - ok
22:59:59.0947 5048 [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:00:00.0155 5048 igfx - ok
23:00:00.0191 5048 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:00:00.0192 5048 iirsp - ok
23:00:00.0259 5048 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
23:00:00.0296 5048 IKEEXT - ok
23:00:00.0368 5048 [ 296A2C63C4115A6E368F4C1C54E6D904 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:00:00.0383 5048 IntcAzAudAddService - ok
23:00:00.0408 5048 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:00:00.0409 5048 intelide - ok
23:00:00.0447 5048 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:00:00.0448 5048 intelppm - ok
23:00:00.0475 5048 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:00:00.0479 5048 IPBusEnum - ok
23:00:00.0505 5048 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:00:00.0507 5048 IpFilterDriver - ok
23:00:00.0528 5048 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:00:00.0530 5048 IPMIDRV - ok
23:00:00.0552 5048 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:00:00.0555 5048 IPNAT - ok
23:00:00.0664 5048 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:00:00.0694 5048 iPod Service - ok
23:00:00.0724 5048 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:00:00.0725 5048 IRENUM - ok
23:00:00.0747 5048 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:00:00.0748 5048 isapnp - ok
23:00:00.0791 5048 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:00:00.0794 5048 iScsiPrt - ok
23:00:00.0824 5048 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:00:00.0828 5048 kbdclass - ok
23:00:00.0863 5048 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:00:00.0864 5048 kbdhid - ok
23:00:00.0883 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
23:00:00.0886 5048 KeyIso - ok
23:00:00.0923 5048 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:00:00.0925 5048 KSecDD - ok
23:00:00.0942 5048 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:00:00.0945 5048 KSecPkg - ok
23:00:00.0965 5048 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:00:00.0966 5048 ksthunk - ok
23:00:01.0031 5048 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:00:01.0041 5048 KtmRm - ok
23:00:01.0082 5048 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:00:01.0091 5048 LanmanServer - ok
23:00:01.0142 5048 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:00:01.0149 5048 LanmanWorkstation - ok
23:00:01.0229 5048 [ 53710476495886D9961BE46983A6A33F ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:00:01.0230 5048 LightScribeService - ok
23:00:01.0360 5048 [ 63ED50A6ED61829C2DEF5B733D258A05 ] LiveUpdate c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
23:00:01.0474 5048 LiveUpdate - ok
23:00:01.0502 5048 [ 104DCD1AC3ED9B2F410D4A1A7382CF61 ] LiveUpdate Notice c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
23:00:01.0503 5048 LiveUpdate Notice - ok
23:00:01.0551 5048 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:00:01.0553 5048 lltdio - ok
23:00:01.0600 5048 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:00:01.0608 5048 lltdsvc - ok
23:00:01.0629 5048 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:00:01.0632 5048 lmhosts - ok
23:00:01.0678 5048 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:00:01.0681 5048 LSI_FC - ok
23:00:01.0703 5048 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:00:01.0705 5048 LSI_SAS - ok
23:00:01.0725 5048 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:00:01.0727 5048 LSI_SAS2 - ok
23:00:01.0748 5048 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:00:01.0751 5048 LSI_SCSI - ok
23:00:01.0791 5048 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:00:01.0794 5048 luafv - ok
23:00:01.0889 5048 [ AE14CA6B4AEA31388F825EFBBD51E807 ] lxduCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe
23:00:01.0891 5048 lxduCATSCustConnectService - ok
23:00:01.0897 5048 lxdu_device - ok
23:00:01.0955 5048 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:00:01.0957 5048 Mcx2Svc - ok
23:00:02.0050 5048 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:00:02.0054 5048 MDM - ok
23:00:02.0072 5048 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:00:02.0073 5048 megasas - ok
23:00:02.0098 5048 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:00:02.0107 5048 MegaSR - ok
23:00:02.0206 5048 Microsoft SharePoint Workspace Audit Service - ok
23:00:02.0239 5048 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:00:02.0243 5048 MMCSS - ok
23:00:02.0263 5048 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:00:02.0264 5048 Modem - ok
23:00:02.0291 5048 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:00:02.0293 5048 monitor - ok
23:00:02.0307 5048 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:00:02.0308 5048 mouclass - ok
23:00:02.0326 5048 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:00:02.0327 5048 mouhid - ok
23:00:02.0349 5048 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:00:02.0351 5048 mountmgr - ok
23:00:02.0372 5048 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:00:02.0376 5048 mpio - ok
23:00:02.0399 5048 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:00:02.0401 5048 mpsdrv - ok
23:00:02.0428 5048 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:00:02.0431 5048 MRxDAV - ok
23:00:02.0469 5048 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:00:02.0472 5048 mrxsmb - ok
23:00:02.0495 5048 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:00:02.0501 5048 mrxsmb10 - ok
23:00:02.0527 5048 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:00:02.0530 5048 mrxsmb20 - ok
23:00:02.0549 5048 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:00:02.0550 5048 msahci - ok
23:00:02.0574 5048 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:00:02.0578 5048 msdsm - ok
23:00:02.0618 5048 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:00:02.0623 5048 MSDTC - ok
23:00:02.0640 5048 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:00:02.0641 5048 Msfs - ok
23:00:02.0677 5048 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:00:02.0678 5048 mshidkmdf - ok
23:00:02.0688 5048 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:00:02.0689 5048 msisadrv - ok
23:00:02.0722 5048 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:00:02.0727 5048 MSiSCSI - ok
23:00:02.0735 5048 msiserver - ok
23:00:02.0766 5048 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:00:02.0767 5048 MSKSSRV - ok
23:00:02.0787 5048 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:00:02.0788 5048 MSPCLOCK - ok
23:00:02.0810 5048 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:00:02.0811 5048 MSPQM - ok
23:00:02.0841 5048 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:00:02.0849 5048 MsRPC - ok
23:00:02.0911 5048 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:00:02.0912 5048 mssmbios - ok
23:00:03.0004 5048 MSSQL$DYNAMICSGPEDU - ok
23:00:03.0039 5048 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:00:03.0040 5048 MSSQLServerADHelper - ok
23:00:03.0053 5048 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:00:03.0054 5048 MSTEE - ok
23:00:03.0071 5048 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:00:03.0071 5048 MTConfig - ok
23:00:03.0095 5048 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:00:03.0096 5048 Mup - ok
23:00:03.0147 5048 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
23:00:03.0167 5048 napagent - ok
23:00:03.0254 5048 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:00:03.0260 5048 NativeWifiP - ok
23:00:03.0347 5048 [ 4F5B214776D7B9BBC7CBC6623BFA4F79 ] NAVENG C:\ProgramData\Symantec\Definitions\VirusDefs\20071105.016\ENG64.SYS
23:00:03.0349 5048 NAVENG - ok
23:00:03.0440 5048 [ D6973E1203F3906B441D19380D7C00A2 ] NAVEX15 C:\ProgramData\Symantec\Definitions\VirusDefs\20071105.016\EX64.SYS
23:00:03.0457 5048 NAVEX15 - ok
23:00:03.0525 5048 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:00:03.0563 5048 NDIS - ok
23:00:03.0589 5048 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:00:03.0591 5048 NdisCap - ok
23:00:03.0643 5048 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:00:03.0644 5048 NdisTapi - ok
23:00:03.0683 5048 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:00:03.0685 5048 Ndisuio - ok
23:00:03.0707 5048 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:00:03.0711 5048 NdisWan - ok
23:00:03.0727 5048 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:00:03.0729 5048 NDProxy - ok
23:00:03.0748 5048 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:00:03.0749 5048 NetBIOS - ok
23:00:03.0771 5048 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:00:03.0774 5048 NetBT - ok
23:00:03.0787 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
23:00:03.0790 5048 Netlogon - ok
23:00:03.0858 5048 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:00:03.0875 5048 Netman - ok
23:00:03.0926 5048 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:00:03.0945 5048 netprofm - ok
23:00:04.0009 5048 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:00:04.0011 5048 NetTcpPortSharing - ok
23:00:04.0200 5048 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
23:00:04.0369 5048 netw5v64 - ok
23:00:04.0410 5048 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:00:04.0411 5048 nfrd960 - ok
23:00:04.0464 5048 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:00:04.0473 5048 NlaSvc - ok
23:00:04.0492 5048 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:00:04.0494 5048 Npfs - ok
23:00:04.0510 5048 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:00:04.0513 5048 nsi - ok
23:00:04.0525 5048 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:00:04.0526 5048 nsiproxy - ok
23:00:04.0610 5048 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:00:04.0682 5048 Ntfs - ok
23:00:04.0700 5048 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:00:04.0701 5048 Null - ok
23:00:04.0755 5048 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:00:04.0759 5048 nvraid - ok
23:00:04.0816 5048 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:00:04.0820 5048 nvstor - ok
23:00:04.0857 5048 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:00:04.0859 5048 nv_agp - ok
23:00:04.0881 5048 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:00:04.0886 5048 ohci1394 - ok
23:00:04.0929 5048 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:00:04.0932 5048 ose - ok
23:00:05.0174 5048 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:00:05.0321 5048 osppsvc - ok
23:00:05.0365 5048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:00:05.0370 5048 p2pimsvc - ok
23:00:05.0408 5048 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:00:05.0416 5048 p2psvc - ok
23:00:05.0444 5048 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:00:05.0445 5048 Parport - ok
23:00:05.0470 5048 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:00:05.0471 5048 partmgr - ok
23:00:05.0493 5048 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:00:05.0498 5048 PcaSvc - ok
23:00:05.0519 5048 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
23:00:05.0521 5048 pci - ok
23:00:05.0539 5048 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:00:05.0539 5048 pciide - ok
23:00:05.0560 5048 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:00:05.0563 5048 pcmcia - ok
23:00:05.0587 5048 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:00:05.0588 5048 pcw - ok
23:00:05.0616 5048 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:00:05.0637 5048 PEAUTH - ok
23:00:05.0715 5048 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:00:05.0776 5048 PeerDistSvc - ok
23:00:05.0918 5048 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:00:05.0921 5048 PerfHost - ok
23:00:06.0047 5048 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
23:00:06.0110 5048 pla - ok
23:00:06.0164 5048 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:00:06.0188 5048 PlugPlay - ok
23:00:06.0206 5048 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:00:06.0210 5048 PNRPAutoReg - ok
23:00:06.0234 5048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:00:06.0241 5048 PNRPsvc - ok
23:00:06.0282 5048 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:00:06.0301 5048 PolicyAgent - ok
23:00:06.0342 5048 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:00:06.0348 5048 Power - ok
23:00:06.0395 5048 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:00:06.0398 5048 PptpMiniport - ok
23:00:06.0424 5048 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:00:06.0426 5048 Processor - ok
23:00:06.0457 5048 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
23:00:06.0464 5048 ProfSvc - ok
23:00:06.0479 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:00:06.0482 5048 ProtectedStorage - ok
23:00:06.0517 5048 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:00:06.0519 5048 Psched - ok
23:00:06.0595 5048 [ B88A7753FCBD7DE54BCEDB95DC6A68E2 ] psqlWGE C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
23:00:06.0601 5048 psqlWGE - ok
23:00:06.0685 5048 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:00:06.0755 5048 ql2300 - ok
23:00:06.0788 5048 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:00:06.0791 5048 ql40xx - ok
23:00:06.0921 5048 [ BA396D1C71934E22679D3F4DAC17E7AB ] QPCapSvc C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
23:00:06.0925 5048 QPCapSvc - ok
23:00:06.0939 5048 [ 4B455E8C41CAD3219CCF53024DCAD604 ] QPSched C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
23:00:06.0942 5048 QPSched - ok
23:00:06.0994 5048 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:00:07.0002 5048 QWAVE - ok
23:00:07.0023 5048 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:00:07.0025 5048 QWAVEdrv - ok
23:00:07.0061 5048 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:00:07.0062 5048 RasAcd - ok
23:00:07.0112 5048 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:00:07.0114 5048 RasAgileVpn - ok
23:00:07.0135 5048 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:00:07.0140 5048 RasAuto - ok
23:00:07.0160 5048 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:00:07.0163 5048 Rasl2tp - ok
23:00:07.0189 5048 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
23:00:07.0209 5048 RasMan - ok
23:00:07.0240 5048 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:00:07.0243 5048 RasPppoe - ok
23:00:07.0292 5048 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:00:07.0295 5048 RasSstp - ok
23:00:07.0322 5048 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:00:07.0328 5048 rdbss - ok
23:00:07.0346 5048 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:00:07.0348 5048 rdpbus - ok
23:00:07.0364 5048 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:00:07.0365 5048 RDPCDD - ok
23:00:07.0425 5048 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:00:07.0428 5048 RDPDR - ok
23:00:07.0447 5048 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:00:07.0448 5048 RDPENCDD - ok
23:00:07.0464 5048 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:00:07.0465 5048 RDPREFMP - ok
23:00:07.0500 5048 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:00:07.0505 5048 RDPWD - ok
23:00:07.0528 5048 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:00:07.0533 5048 rdyboost - ok
23:00:07.0595 5048 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:00:07.0599 5048 RemoteAccess - ok
23:00:07.0650 5048 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:00:07.0656 5048 RemoteRegistry - ok
23:00:07.0750 5048 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
23:00:07.0754 5048 RichVideo - ok
23:00:07.0805 5048 [ E31960692CBB3A8BCDF300BC1D889E1F ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
23:00:07.0806 5048 rimmptsk - ok
23:00:07.0827 5048 [ 82356915157AB59064A24993AE5BE8AA ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
23:00:07.0847 5048 rimsptsk - ok
23:00:07.0895 5048 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:00:07.0896 5048 RimUsb - ok
23:00:07.0962 5048 [ C01A92A546854A3E34103B642F0F94A1 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
23:00:07.0964 5048 rismxdp - ok
23:00:07.0987 5048 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:00:07.0991 5048 RpcEptMapper - ok
23:00:08.0021 5048 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:00:08.0024 5048 RpcLocator - ok
23:00:08.0055 5048 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
23:00:08.0064 5048 RpcSs - ok
23:00:08.0137 5048 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:00:08.0139 5048 rspndr - ok
23:00:08.0166 5048 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:00:08.0171 5048 RTL8167 - ok
23:00:08.0209 5048 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
23:00:08.0211 5048 s3cap - ok
23:00:08.0237 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
23:00:08.0240 5048 SamSs - ok
23:00:08.0262 5048 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:00:08.0266 5048 sbp2port - ok
23:00:08.0304 5048 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:00:08.0311 5048 SCardSvr - ok
23:00:08.0329 5048 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:00:08.0331 5048 scfilter - ok
23:00:08.0395 5048 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
23:00:08.0452 5048 Schedule - ok
23:00:08.0487 5048 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:00:08.0489 5048 SCPolicySvc - ok
23:00:08.0534 5048 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:00:08.0537 5048 sdbus - ok
23:00:08.0560 5048 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:00:08.0566 5048 SDRSVC - ok
23:00:08.0637 5048 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:00:08.0640 5048 SeaPort - ok
23:00:08.0680 5048 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:00:08.0681 5048 secdrv - ok
23:00:08.0700 5048 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
23:00:08.0704 5048 seclogon - ok
23:00:08.0725 5048 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:00:08.0730 5048 SENS - ok
23:00:08.0745 5048 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:00:08.0750 5048 SensrSvc - ok
23:00:08.0793 5048 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:00:08.0794 5048 Serenum - ok
23:00:08.0816 5048 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:00:08.0818 5048 Serial - ok
23:00:08.0839 5048 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:00:08.0840 5048 sermouse - ok
23:00:08.0881 5048 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
23:00:08.0886 5048 SessionEnv - ok
23:00:08.0908 5048 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:00:08.0910 5048 sffdisk - ok
23:00:08.0921 5048 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:00:08.0922 5048 sffp_mmc - ok
23:00:08.0943 5048 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:00:08.0944 5048 sffp_sd - ok
23:00:08.0980 5048 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:00:08.0981 5048 sfloppy - ok
23:00:09.0031 5048 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:00:09.0040 5048 SharedAccess - ok
23:00:09.0094 5048 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:00:09.0105 5048 ShellHWDetection - ok
23:00:09.0130 5048 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:00:09.0132 5048 SiSRaid2 - ok
23:00:09.0160 5048 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:00:09.0163 5048 SiSRaid4 - ok
23:00:09.0193 5048 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:00:09.0195 5048 Smb - ok
23:00:09.0281 5048 [ 5F1767B8281EEEA159D8A37E33EB04AE ] smserial C:\Windows\system32\DRIVERS\smserial.sys
23:00:09.0328 5048 smserial - ok
23:00:09.0354 5048 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:00:09.0358 5048 SNMPTRAP - ok
23:00:09.0371 5048 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:00:09.0372 5048 spldr - ok
23:00:09.0424 5048 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
23:00:09.0434 5048 Spooler - ok
23:00:09.0571 5048 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
23:00:09.0702 5048 sppsvc - ok
23:00:09.0723 5048 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:00:09.0727 5048 sppuinotify - ok
23:00:09.0782 5048 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:00:09.0785 5048 SQLBrowser - ok
23:00:09.0856 5048 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:00:09.0860 5048 SQLWriter - ok
23:00:09.0917 5048 [ 13972F058E13439C4CC731DD00C5680C ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS
23:00:09.0923 5048 SRTSP - ok
23:00:09.0976 5048 [ 33834F7FF98F3C7F0F73364D34DA87B2 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS
23:00:09.0986 5048 SRTSPL - ok
23:00:10.0014 5048 [ B75733249706F324FD653CFD60572165 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS
23:00:10.0016 5048 SRTSPX - ok
23:00:10.0060 5048 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:00:10.0080 5048 srv - ok
23:00:10.0110 5048 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:00:10.0119 5048 srv2 - ok
23:00:10.0142 5048 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:00:10.0145 5048 srvnet - ok
23:00:10.0197 5048 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:00:10.0205 5048 SSDPSRV - ok
23:00:10.0223 5048 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:00:10.0228 5048 SstpSvc - ok
23:00:10.0262 5048 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:00:10.0263 5048 stexstor - ok
23:00:10.0327 5048 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
23:00:10.0360 5048 stisvc - ok
23:00:10.0389 5048 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
23:00:10.0390 5048 storflt - ok
23:00:10.0420 5048 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
23:00:10.0421 5048 storvsc - ok
23:00:10.0439 5048 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:00:10.0440 5048 swenum - ok
23:00:10.0468 5048 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:00:10.0480 5048 swprv - ok
23:00:10.0601 5048 [ 8661637696D9C2502D77FD2736136486 ] Symantec Core LC C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
23:00:10.0657 5048 Symantec Core LC - ok
23:00:10.0697 5048 [ 4925A94B4E9882C6912234205CC11204 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:00:10.0699 5048 SymEvent - ok
23:00:10.0742 5048 [ 2C2D5213D4B5AE7BE7632F8F0BF5F359 ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
23:00:10.0744 5048 SYMREDRV - ok
23:00:10.0768 5048 [ 2B35A7A228D326E000097BB6F96F7C63 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
23:00:10.0772 5048 SYMTDI - ok
23:00:10.0822 5048 [ B432C6063D4C621241C2B6E05CA0C3E3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:00:10.0827 5048 SynTP - ok
23:00:10.0917 5048 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
23:00:10.0988 5048 SysMain - ok
23:00:11.0005 5048 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:00:11.0010 5048 TabletInputService - ok
23:00:11.0043 5048 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
23:00:11.0054 5048 TapiSrv - ok
23:00:11.0076 5048 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:00:11.0081 5048 TBS - ok
23:00:11.0180 5048 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:00:11.0269 5048 Tcpip - ok
23:00:11.0355 5048 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:00:11.0377 5048 TCPIP6 - ok
23:00:11.0420 5048 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:00:11.0421 5048 tcpipreg - ok
23:00:11.0447 5048 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:00:11.0448 5048 TDPIPE - ok
23:00:11.0485 5048 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:00:11.0486 5048 TDTCP - ok
23:00:11.0512 5048 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:00:11.0514 5048 tdx - ok
23:00:11.0536 5048 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:00:11.0538 5048 TermDD - ok
23:00:11.0599 5048 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
23:00:11.0633 5048 TermService - ok
23:00:11.0671 5048 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:00:11.0675 5048 Themes - ok
23:00:11.0708 5048 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:00:11.0711 5048 THREADORDER - ok
23:00:11.0728 5048 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:00:11.0735 5048 TrkWks - ok
23:00:11.0801 5048 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:00:11.0804 5048 TrustedInstaller - ok
23:00:11.0828 5048 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:00:11.0842 5048 tssecsrv - ok
23:00:11.0892 5048 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:00:11.0896 5048 tunnel - ok
23:00:11.0922 5048 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:00:11.0924 5048 uagp35 - ok
23:00:11.0955 5048 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:00:11.0962 5048 udfs - ok
23:00:12.0030 5048 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:00:12.0035 5048 UI0Detect - ok
23:00:12.0063 5048 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:00:12.0065 5048 uliagpkx - ok
23:00:12.0093 5048 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:00:12.0095 5048 umbus - ok
23:00:12.0110 5048 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:00:12.0111 5048 UmPass - ok
23:00:12.0154 5048 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
23:00:12.0162 5048 UmRdpService - ok
23:00:12.0188 5048 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:00:12.0200 5048 upnphost - ok
23:00:12.0251 5048 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:00:12.0252 5048 USBAAPL64 - ok
23:00:12.0307 5048 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:00:12.0310 5048 usbaudio - ok
23:00:12.0348 5048 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:00:12.0351 5048 usbccgp - ok
23:00:12.0389 5048 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:00:12.0392 5048 usbcir - ok
23:00:12.0433 5048 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:00:12.0435 5048 usbehci - ok
23:00:12.0485 5048 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:00:12.0493 5048 usbhub - ok
23:00:12.0510 5048 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:00:12.0511 5048 usbohci - ok
23:00:12.0553 5048 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:00:12.0554 5048 usbprint - ok
23:00:12.0584 5048 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:00:12.0585 5048 usbscan - ok
23:00:12.0628 5048 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:00:12.0631 5048 USBSTOR - ok
23:00:12.0653 5048 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:00:12.0655 5048 usbuhci - ok
23:00:12.0716 5048 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:00:12.0721 5048 usbvideo - ok
23:00:12.0760 5048 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:00:12.0765 5048 UxSms - ok
23:00:12.0773 5048 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
23:00:12.0777 5048 VaultSvc - ok
23:00:12.0818 5048 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:00:12.0820 5048 vdrvroot - ok
23:00:12.0850 5048 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
23:00:12.0872 5048 vds - ok
23:00:12.0880 5048 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:00:12.0882 5048 vga - ok
23:00:12.0903 5048 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:00:12.0904 5048 VgaSave - ok
23:00:12.0934 5048 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:00:12.0939 5048 vhdmp - ok
23:00:12.0961 5048 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:00:12.0962 5048 viaide - ok
23:00:13.0003 5048 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
23:00:13.0008 5048 vmbus - ok
23:00:13.0026 5048 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
23:00:13.0027 5048 VMBusHID - ok
23:00:13.0051 5048 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:00:13.0053 5048 volmgr - ok
23:00:13.0084 5048 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:00:13.0091 5048 volmgrx - ok
23:00:13.0118 5048 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:00:13.0124 5048 volsnap - ok
23:00:13.0154 5048 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:00:13.0158 5048 vsmraid - ok
23:00:13.0240 5048 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
23:00:13.0298 5048 VSS - ok
23:00:13.0321 5048 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:00:13.0323 5048 vwifibus - ok
23:00:13.0354 5048 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:00:13.0365 5048 W32Time - ok
23:00:13.0388 5048 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:00:13.0390 5048 WacomPen - ok
23:00:13.0424 5048 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:00:13.0426 5048 WANARP - ok
23:00:13.0452 5048 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:00:13.0454 5048 Wanarpv6 - ok
23:00:13.0549 5048 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:00:13.0606 5048 WatAdminSvc - ok
23:00:13.0672 5048 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
23:00:13.0745 5048 wbengine - ok
23:00:13.0764 5048 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:00:13.0773 5048 WbioSrvc - ok
23:00:13.0820 5048 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:00:13.0839 5048 wcncsvc - ok
23:00:13.0870 5048 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:00:13.0875 5048 WcsPlugInService - ok
23:00:13.0918 5048 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:00:13.0919 5048 Wd - ok
23:00:13.0959 5048 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:00:13.0980 5048 Wdf01000 - ok
23:00:13.0997 5048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:00:14.0002 5048 WdiServiceHost - ok
23:00:14.0010 5048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:00:14.0017 5048 WdiSystemHost - ok
23:00:14.0065 5048 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
23:00:14.0074 5048 WebClient - ok
23:00:14.0098 5048 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:00:14.0107 5048 Wecsvc - ok
23:00:14.0126 5048 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:00:14.0132 5048 wercplsupport - ok
23:00:14.0154 5048 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:00:14.0161 5048 WerSvc - ok
23:00:14.0175 5048 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:00:14.0177 5048 WfpLwf - ok
23:00:14.0193 5048 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:00:14.0195 5048 WIMMount - ok
23:00:14.0204 5048 WinHttpAutoProxySvc - ok
23:00:14.0287 5048 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:00:14.0293 5048 Winmgmt - ok
23:00:14.0389 5048 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
23:00:14.0466 5048 WinRM - ok
23:00:14.0543 5048 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:00:14.0544 5048 WinUsb - ok
23:00:14.0601 5048 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:00:14.0638 5048 Wlansvc - ok
23:00:14.0787 5048 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:00:14.0873 5048 wlidsvc - ok
23:00:14.0916 5048 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:00:14.0918 5048 WmiAcpi - ok
23:00:14.0971 5048 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:00:14.0976 5048 wmiApSrv - ok
23:00:15.0015 5048 WMPNetworkSvc - ok
23:00:15.0051 5048 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:00:15.0056 5048 WPCSvc - ok
23:00:15.0074 5048 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:00:15.0081 5048 WPDBusEnum - ok
23:00:15.0221 5048 WPFFontCache_v0400 - ok
23:00:15.0262 5048 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:00:15.0264 5048 ws2ifsl - ok
23:00:15.0271 5048 WSearch - ok
23:00:15.0382 5048 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:00:15.0475 5048 wuauserv - ok
23:00:15.0510 5048 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:00:15.0514 5048 WudfPf - ok
23:00:15.0564 5048 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:00:15.0568 5048 WUDFRd - ok
23:00:15.0609 5048 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:00:15.0615 5048 wudfsvc - ok
23:00:15.0643 5048 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:00:15.0651 5048 WwanSvc - ok
23:00:15.0667 5048 ================ Scan global ===============================
23:00:15.0701 5048 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:00:15.0750 5048 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:00:15.0800 5048 [ 6BF2039986AF96D98E08824AC6C383FD ] C:\Windows\system32\consrv.dll
23:00:15.0888 5048 C:\Windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - infected
23:00:15.0889 5048 C:\Windows\system32\consrv.dll - detected Backdoor.Multi.ZAccess.genb (0)
23:00:15.0937 5048 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:00:15.0945 5048 ================ Scan MBR ==================================
23:00:15.0956 5048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:00:16.0494 5048 \Device\Harddisk0\DR0 - ok
23:00:16.0495 5048 ================ Scan VBR ==================================
23:00:16.0501 5048 [ 6689EC4F90F9F9138A1B7F630716EF3C ] \Device\Harddisk0\DR0\Partition1
23:00:16.0503 5048 \Device\Harddisk0\DR0\Partition1 - ok
23:00:16.0526 5048 [ E529A042201255A3DB26F465BD9116BE ] \Device\Harddisk0\DR0\Partition2
23:00:16.0530 5048 \Device\Harddisk0\DR0\Partition2 - ok
23:00:16.0530 5048 ============================================================
23:00:16.0530 5048 Scan finished
23:00:16.0530 5048 ============================================================
23:00:16.0550 2904 Detected object count: 2
23:00:16.0550 2904 Actual detected object count: 2
23:01:08.0207 2904 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
23:01:08.0207 2904 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
23:01:08.0223 2904 C:\Windows\system32\consrv.dll - copied to quarantine
23:01:09.0519 2904 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
23:01:09.0528 2904 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
23:01:09.0691 2904 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems:Windows - will be cured on reboot
23:01:09.0691 2904 C:\Windows\system32\consrv.dll - will be deleted on reboot
23:01:09.0758 2904 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
23:01:09.0758 2904 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
23:01:09.0764 2904 C:\Windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - User select action: Delete
23:07:44.0123 0988 Deinitialize success

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:14 AM

Posted 12 September 2012 - 01:25 PM

Hello, you still have some rookits and infections.. To remove them we need to move you and get a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 eepolio

eepolio
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:14 AM

Posted 12 September 2012 - 09:32 PM

i have a a64-bit operating system

I ran DDS and everything went well. I posted the results where asked.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:14 AM

Posted 13 September 2012 - 11:05 AM

Thank you!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users