Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZeroAccess.inf4


  • Please log in to reply
15 replies to this topic

#1 TonyPEO

TonyPEO

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 21 September 2012 - 07:27 AM

Hello, i am currently infected with ZeroAccess.inf4 in System32/services.exe.

I ran a tool and got a report back if that helps but i wasnt really aware if i should, i apologise if i shouldnt but could someone please help me.

Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 21 September 2012 - 08:45 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 21 September 2012 - 01:20 PM

TDDS Killer

16:45:08.0772 4336 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:45:09.0052 4336 ============================================================
16:45:09.0052 4336 Current date / time: 2012/09/21 16:45:09.0052
16:45:09.0052 4336 SystemInfo:
16:45:09.0052 4336
16:45:09.0052 4336 OS Version: 6.1.7601 ServicePack: 1.0
16:45:09.0052 4336 Product type: Workstation
16:45:09.0052 4336 ComputerName: TONYSARA
16:45:09.0052 4336 UserName: Tony
16:45:09.0052 4336 Windows directory: C:\Windows
16:45:09.0052 4336 System windows directory: C:\Windows
16:45:09.0052 4336 Running under WOW64
16:45:09.0052 4336 Processor architecture: Intel x64
16:45:09.0052 4336 Number of processors: 1
16:45:09.0052 4336 Page size: 0x1000
16:45:09.0052 4336 Boot type: Normal boot
16:45:09.0052 4336 ============================================================
16:45:09.0754 4336 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:45:09.0770 4336 Drive \Device\Harddisk1\DR1 - Size: 0xEEB00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:45:09.0770 4336 ============================================================
16:45:09.0770 4336 \Device\Harddisk0\DR0:
16:45:09.0770 4336 MBR partitions:
16:45:09.0770 4336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
16:45:09.0770 4336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
16:45:09.0770 4336 \Device\Harddisk1\DR1:
16:45:09.0770 4336 MBR partitions:
16:45:09.0770 4336 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x80, BlocksNum 0x772266
16:45:09.0770 4336 ============================================================
16:45:09.0832 4336 C: <-> \Device\Harddisk0\DR0\Partition2
16:45:09.0832 4336 ============================================================
16:45:09.0832 4336 Initialize success
16:45:09.0832 4336 ============================================================
16:45:46.0668 1908 ============================================================
16:45:46.0668 1908 Scan started
16:45:46.0668 1908 Mode: Manual; TDLFS;
16:45:46.0668 1908 ============================================================
16:45:47.0027 1908 ================ Scan system memory ========================
16:45:47.0027 1908 System memory - ok
16:45:47.0027 1908 ================ Scan services =============================
16:45:47.0261 1908 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:45:47.0276 1908 1394ohci - ok
16:45:47.0323 1908 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:45:47.0339 1908 ACPI - ok
16:45:47.0401 1908 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:45:47.0417 1908 AcpiPmi - ok
16:45:47.0495 1908 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:45:47.0495 1908 adp94xx - ok
16:45:47.0557 1908 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:45:47.0760 1908 adpahci - ok
16:45:47.0822 1908 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:45:47.0822 1908 adpu320 - ok
16:45:47.0869 1908 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:45:47.0869 1908 AeLookupSvc - ok
16:45:47.0963 1908 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:45:47.0978 1908 AFD - ok
16:45:48.0041 1908 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:45:48.0041 1908 agp440 - ok
16:45:48.0103 1908 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:45:48.0103 1908 ALG - ok
16:45:48.0150 1908 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:45:48.0150 1908 aliide - ok
16:45:48.0181 1908 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:45:48.0197 1908 amdide - ok
16:45:48.0259 1908 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:45:48.0275 1908 AmdK8 - ok
16:45:48.0290 1908 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:45:48.0290 1908 AmdPPM - ok
16:45:48.0353 1908 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:45:48.0353 1908 amdsata - ok
16:45:48.0415 1908 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:45:48.0446 1908 amdsbs - ok
16:45:48.0478 1908 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:45:48.0493 1908 amdxata - ok
16:45:48.0556 1908 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:45:48.0571 1908 AppID - ok
16:45:48.0587 1908 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:45:48.0587 1908 AppIDSvc - ok
16:45:48.0665 1908 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:45:48.0665 1908 Appinfo - ok
16:45:48.0790 1908 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:45:48.0790 1908 Apple Mobile Device - ok
16:45:48.0836 1908 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:45:48.0836 1908 arc - ok
16:45:48.0868 1908 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:45:48.0868 1908 arcsas - ok
16:45:48.0914 1908 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:48.0914 1908 AsyncMac - ok
16:45:48.0977 1908 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:45:48.0977 1908 atapi - ok
16:45:49.0070 1908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:45:49.0070 1908 AudioEndpointBuilder - ok
16:45:49.0086 1908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:45:49.0102 1908 AudioSrv - ok
16:45:49.0211 1908 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:45:49.0211 1908 AxInstSV - ok
16:45:49.0273 1908 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:45:49.0304 1908 b06bdrv - ok
16:45:49.0382 1908 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:49.0382 1908 b57nd60a - ok
16:45:49.0523 1908 [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:45:49.0585 1908 BCM43XX - ok
16:45:49.0632 1908 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:45:49.0648 1908 BDESVC - ok
16:45:49.0757 1908 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
16:45:49.0788 1908 BecHelperService - ok
16:45:49.0866 1908 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:45:49.0866 1908 Beep - ok
16:45:49.0960 1908 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:45:49.0975 1908 BFE - ok
16:45:50.0240 1908 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
16:45:50.0272 1908 BHDrvx64 - ok
16:45:50.0350 1908 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:45:50.0365 1908 BITS - ok
16:45:50.0428 1908 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:45:50.0443 1908 blbdrive - ok
16:45:50.0568 1908 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:45:50.0568 1908 Bonjour Service - ok
16:45:50.0615 1908 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:45:50.0615 1908 bowser - ok
16:45:50.0630 1908 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:45:50.0630 1908 BrFiltLo - ok
16:45:50.0677 1908 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:45:50.0677 1908 BrFiltUp - ok
16:45:50.0724 1908 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:45:50.0724 1908 Browser - ok
16:45:50.0755 1908 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:45:50.0786 1908 Brserid - ok
16:45:50.0802 1908 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:50.0818 1908 BrSerWdm - ok
16:45:50.0849 1908 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:50.0849 1908 BrUsbMdm - ok
16:45:50.0864 1908 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:50.0896 1908 BrUsbSer - ok
16:45:50.0911 1908 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:45:50.0911 1908 BTHMODEM - ok
16:45:50.0989 1908 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:45:51.0005 1908 bthserv - ok
16:45:51.0145 1908 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
16:45:51.0145 1908 ccSet_N360 - ok
16:45:51.0192 1908 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:45:51.0192 1908 cdfs - ok
16:45:51.0270 1908 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:45:51.0270 1908 cdrom - ok
16:45:51.0332 1908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:45:51.0332 1908 CertPropSvc - ok
16:45:51.0395 1908 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:45:51.0395 1908 circlass - ok
16:45:51.0457 1908 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:45:51.0473 1908 CLFS - ok
16:45:51.0582 1908 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:45:51.0613 1908 clr_optimization_v2.0.50727_32 - ok
16:45:51.0660 1908 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:45:51.0676 1908 clr_optimization_v2.0.50727_64 - ok
16:45:51.0832 1908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:45:51.0863 1908 clr_optimization_v4.0.30319_32 - ok
16:45:51.0910 1908 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:45:51.0910 1908 clr_optimization_v4.0.30319_64 - ok
16:45:51.0956 1908 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:45:51.0956 1908 CmBatt - ok
16:45:52.0003 1908 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:45:52.0003 1908 cmdide - ok
16:45:52.0034 1908 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:45:52.0050 1908 CNG - ok
16:45:52.0097 1908 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:45:52.0097 1908 Compbatt - ok
16:45:52.0144 1908 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:45:52.0159 1908 CompositeBus - ok
16:45:52.0175 1908 COMSysApp - ok
16:45:52.0206 1908 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:45:52.0206 1908 crcdisk - ok
16:45:52.0268 1908 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:45:52.0268 1908 CryptSvc - ok
16:45:52.0315 1908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:45:52.0331 1908 DcomLaunch - ok
16:45:52.0378 1908 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:45:52.0393 1908 defragsvc - ok
16:45:52.0456 1908 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:45:52.0456 1908 DfsC - ok
16:45:52.0518 1908 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:45:52.0518 1908 dg_ssudbus - ok
16:45:52.0596 1908 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:45:52.0612 1908 Dhcp - ok
16:45:52.0643 1908 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:45:52.0643 1908 discache - ok
16:45:52.0690 1908 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:45:52.0690 1908 Disk - ok
16:45:52.0721 1908 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:45:52.0721 1908 Dnscache - ok
16:45:52.0752 1908 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:45:52.0783 1908 dot3svc - ok
16:45:52.0814 1908 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:45:52.0814 1908 DPS - ok
16:45:52.0877 1908 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:45:52.0877 1908 drmkaud - ok
16:45:52.0955 1908 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:45:52.0955 1908 DsiWMIService - ok
16:45:53.0017 1908 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:45:53.0033 1908 DXGKrnl - ok
16:45:53.0111 1908 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:45:53.0111 1908 EapHost - ok
16:45:53.0204 1908 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:45:53.0282 1908 ebdrv - ok
16:45:53.0407 1908 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:45:53.0407 1908 eeCtrl - ok
16:45:53.0454 1908 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:45:53.0454 1908 EFS - ok
16:45:53.0532 1908 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:45:53.0563 1908 ehRecvr - ok
16:45:53.0594 1908 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:45:53.0610 1908 ehSched - ok
16:45:53.0672 1908 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:45:53.0688 1908 elxstor - ok
16:45:53.0813 1908 [ 49EEF52BFB986A2B5D70F4EC12637D7B ] ePowerSvc C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
16:45:53.0813 1908 ePowerSvc - ok
16:45:53.0906 1908 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:45:53.0906 1908 EraserUtilRebootDrv - ok
16:45:53.0938 1908 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:45:53.0938 1908 ErrDev - ok
16:45:54.0000 1908 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:45:54.0000 1908 EventSystem - ok
16:45:54.0016 1908 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:45:54.0016 1908 exfat - ok
16:45:54.0062 1908 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:45:54.0062 1908 fastfat - ok
16:45:54.0140 1908 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:45:54.0140 1908 Fax - ok
16:45:54.0156 1908 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:45:54.0172 1908 fdc - ok
16:45:54.0234 1908 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:45:54.0265 1908 fdPHost - ok
16:45:54.0281 1908 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:45:54.0281 1908 FDResPub - ok
16:45:54.0312 1908 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:45:54.0312 1908 FileInfo - ok
16:45:54.0328 1908 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:45:54.0328 1908 Filetrace - ok
16:45:54.0343 1908 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:45:54.0359 1908 flpydisk - ok
16:45:54.0406 1908 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:45:54.0406 1908 FltMgr - ok
16:45:54.0468 1908 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:45:54.0499 1908 FontCache - ok
16:45:54.0577 1908 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:45:54.0577 1908 FontCache3.0.0.0 - ok
16:45:54.0624 1908 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:45:54.0624 1908 FsDepends - ok
16:45:54.0671 1908 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:45:54.0671 1908 Fs_Rec - ok
16:45:54.0749 1908 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:45:54.0749 1908 fvevol - ok
16:45:54.0796 1908 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:45:54.0796 1908 gagp30kx - ok
16:45:54.0936 1908 [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
16:45:54.0936 1908 GameConsoleService - ok
16:45:54.0998 1908 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:45:54.0998 1908 GEARAspiWDM - ok
16:45:55.0076 1908 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:45:55.0076 1908 gpsvc - ok
16:45:55.0170 1908 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
16:45:55.0170 1908 GREGService - ok
16:45:55.0264 1908 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:55.0264 1908 gupdate - ok
16:45:55.0310 1908 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:55.0310 1908 gupdatem - ok
16:45:55.0357 1908 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:45:55.0357 1908 gusvc - ok
16:45:55.0404 1908 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:45:55.0404 1908 hcw85cir - ok
16:45:55.0482 1908 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:45:55.0513 1908 HdAudAddService - ok
16:45:55.0544 1908 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:45:55.0544 1908 HDAudBus - ok
16:45:55.0544 1908 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:45:55.0560 1908 HidBatt - ok
16:45:55.0591 1908 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:45:55.0591 1908 HidBth - ok
16:45:55.0607 1908 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:45:55.0622 1908 HidIr - ok
16:45:55.0654 1908 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:45:55.0654 1908 hidserv - ok
16:45:55.0716 1908 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:45:55.0716 1908 HidUsb - ok
16:45:55.0747 1908 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:45:55.0747 1908 hkmsvc - ok
16:45:55.0810 1908 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:45:55.0810 1908 HomeGroupListener - ok
16:45:55.0856 1908 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:45:55.0856 1908 HomeGroupProvider - ok
16:45:55.0919 1908 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:45:55.0919 1908 HpSAMD - ok
16:45:55.0981 1908 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:45:55.0981 1908 HTTP - ok
16:45:56.0028 1908 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:45:56.0028 1908 hwpolicy - ok
16:45:56.0075 1908 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:45:56.0075 1908 i8042prt - ok
16:45:56.0122 1908 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:45:56.0122 1908 iaStor - ok
16:45:56.0246 1908 [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:45:56.0246 1908 IAStorDataMgrSvc - ok
16:45:56.0371 1908 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:45:56.0387 1908 iaStorV - ok
16:45:56.0512 1908 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:45:56.0543 1908 idsvc - ok
16:45:56.0714 1908 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120920.002\IDSvia64.sys
16:45:56.0730 1908 IDSVia64 - ok
16:45:56.0917 1908 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:45:57.0073 1908 igfx - ok
16:45:57.0120 1908 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:45:57.0120 1908 iirsp - ok
16:45:57.0182 1908 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:45:57.0182 1908 IKEEXT - ok
16:45:57.0292 1908 [ 1768CCC0CCDA73A5B3D7A17A3C52E870 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:45:57.0354 1908 IntcAzAudAddService - ok
16:45:57.0401 1908 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:45:57.0401 1908 intelide - ok
16:45:57.0448 1908 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:45:57.0463 1908 intelppm - ok
16:45:57.0479 1908 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:45:57.0479 1908 IPBusEnum - ok
16:45:57.0526 1908 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:45:57.0526 1908 IpFilterDriver - ok
16:45:57.0588 1908 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:45:57.0588 1908 iphlpsvc - ok
16:45:57.0666 1908 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:45:57.0666 1908 IPMIDRV - ok
16:45:57.0697 1908 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:45:57.0713 1908 IPNAT - ok
16:45:57.0822 1908 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:45:57.0838 1908 iPod Service - ok
16:45:57.0900 1908 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:45:57.0916 1908 IRENUM - ok
16:45:57.0931 1908 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:45:57.0931 1908 isapnp - ok
16:45:57.0978 1908 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:45:57.0978 1908 iScsiPrt - ok
16:45:58.0025 1908 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:45:58.0025 1908 kbdclass - ok
16:45:58.0040 1908 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:45:58.0056 1908 kbdhid - ok
16:45:58.0072 1908 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:45:58.0072 1908 KeyIso - ok
16:45:58.0118 1908 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:45:58.0118 1908 KSecDD - ok
16:45:58.0165 1908 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:45:58.0165 1908 KSecPkg - ok
16:45:58.0228 1908 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:45:58.0228 1908 ksthunk - ok
16:45:58.0259 1908 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:45:58.0274 1908 KtmRm - ok
16:45:58.0306 1908 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
16:45:58.0306 1908 L1C - ok
16:45:58.0368 1908 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:45:58.0368 1908 LanmanServer - ok
16:45:58.0415 1908 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:45:58.0415 1908 LanmanWorkstation - ok
16:45:58.0493 1908 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:45:58.0493 1908 lltdio - ok
16:45:58.0540 1908 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:45:58.0555 1908 lltdsvc - ok
16:45:58.0586 1908 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:45:58.0586 1908 lmhosts - ok
16:45:58.0649 1908 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:45:58.0649 1908 LSI_FC - ok
16:45:58.0680 1908 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:45:58.0680 1908 LSI_SAS - ok
16:45:58.0711 1908 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:45:58.0711 1908 LSI_SAS2 - ok
16:45:58.0742 1908 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:45:58.0758 1908 LSI_SCSI - ok
16:45:58.0774 1908 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:45:58.0789 1908 luafv - ok
16:45:58.0852 1908 [ 23488767CB18FC3FF39E3AF1DB3FB02C ] massfilter C:\Windows\system32\drivers\massfilter.sys
16:45:58.0852 1908 massfilter - ok
16:45:58.0898 1908 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:45:58.0914 1908 Mcx2Svc - ok
16:45:58.0930 1908 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:45:58.0945 1908 megasas - ok
16:45:58.0992 1908 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:45:58.0992 1908 MegaSR - ok
16:45:59.0039 1908 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:45:59.0039 1908 MMCSS - ok
16:45:59.0054 1908 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:45:59.0054 1908 Modem - ok
16:45:59.0117 1908 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:45:59.0117 1908 monitor - ok
16:45:59.0179 1908 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:45:59.0179 1908 mouclass - ok
16:45:59.0210 1908 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:45:59.0226 1908 mouhid - ok
16:45:59.0273 1908 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:45:59.0273 1908 mountmgr - ok
16:45:59.0304 1908 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:45:59.0304 1908 mpio - ok
16:45:59.0335 1908 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:45:59.0335 1908 mpsdrv - ok
16:45:59.0382 1908 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:45:59.0398 1908 MpsSvc - ok
16:45:59.0444 1908 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:45:59.0444 1908 MRxDAV - ok
16:45:59.0491 1908 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:45:59.0491 1908 mrxsmb - ok
16:45:59.0538 1908 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:45:59.0538 1908 mrxsmb10 - ok
16:45:59.0585 1908 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:45:59.0585 1908 mrxsmb20 - ok
16:45:59.0632 1908 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:45:59.0632 1908 msahci - ok
16:45:59.0663 1908 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:45:59.0678 1908 msdsm - ok
16:45:59.0710 1908 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:45:59.0725 1908 MSDTC - ok
16:45:59.0803 1908 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:45:59.0803 1908 Msfs - ok
16:45:59.0850 1908 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:45:59.0850 1908 mshidkmdf - ok
16:45:59.0897 1908 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:45:59.0897 1908 msisadrv - ok
16:45:59.0944 1908 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:45:59.0944 1908 MSiSCSI - ok
16:45:59.0959 1908 msiserver - ok
16:46:00.0006 1908 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:46:00.0006 1908 MSKSSRV - ok
16:46:00.0053 1908 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:00.0084 1908 MSPCLOCK - ok
16:46:00.0100 1908 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:46:00.0115 1908 MSPQM - ok
16:46:00.0162 1908 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:46:00.0162 1908 MsRPC - ok
16:46:00.0209 1908 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:46:00.0209 1908 mssmbios - ok
16:46:00.0256 1908 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:46:00.0256 1908 MSTEE - ok
16:46:00.0287 1908 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:46:00.0287 1908 MTConfig - ok
16:46:00.0302 1908 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:46:00.0318 1908 Mup - ok
16:46:00.0848 1908 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
16:46:00.0848 1908 N360 - ok
16:46:00.0989 1908 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:46:01.0004 1908 napagent - ok
16:46:01.0036 1908 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:46:01.0051 1908 NativeWifiP - ok
16:46:01.0223 1908 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120920.035\ENG64.SYS
16:46:01.0223 1908 NAVENG - ok
16:46:01.0301 1908 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120920.035\EX64.SYS
16:46:01.0348 1908 NAVEX15 - ok
16:46:01.0441 1908 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:46:01.0441 1908 NDIS - ok
16:46:01.0488 1908 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:01.0488 1908 NdisCap - ok
16:46:01.0550 1908 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:01.0550 1908 NdisTapi - ok
16:46:01.0613 1908 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:01.0613 1908 Ndisuio - ok
16:46:01.0675 1908 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:01.0675 1908 NdisWan - ok
16:46:01.0722 1908 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:46:01.0722 1908 NDProxy - ok
16:46:01.0738 1908 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:46:01.0753 1908 NetBIOS - ok
16:46:01.0800 1908 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:46:01.0800 1908 NetBT - ok
16:46:01.0831 1908 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:46:01.0831 1908 Netlogon - ok
16:46:01.0894 1908 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:46:01.0894 1908 Netman - ok
16:46:01.0925 1908 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:46:01.0925 1908 netprofm - ok
16:46:01.0972 1908 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:01.0987 1908 NetTcpPortSharing - ok
16:46:02.0034 1908 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:46:02.0034 1908 nfrd960 - ok
16:46:02.0096 1908 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:46:02.0096 1908 NlaSvc - ok
16:46:02.0128 1908 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:46:02.0128 1908 Npfs - ok
16:46:02.0159 1908 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:46:02.0159 1908 nsi - ok
16:46:02.0174 1908 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:46:02.0174 1908 nsiproxy - ok
16:46:02.0440 1908 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:46:02.0471 1908 Ntfs - ok
16:46:02.0596 1908 [ 15221DD637D9D0FFC60848EBBF1DF538 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
16:46:02.0627 1908 NTIBackupSvc - ok
16:46:02.0658 1908 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
16:46:02.0658 1908 NTIDrvr - ok
16:46:02.0689 1908 [ B5071E15D4C3F5EF5018AFF7E85A85E5 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
16:46:02.0720 1908 NTISchedulerSvc - ok
16:46:02.0752 1908 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:46:02.0752 1908 Null - ok
16:46:02.0783 1908 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:46:02.0783 1908 nvraid - ok
16:46:02.0814 1908 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:46:02.0814 1908 nvstor - ok
16:46:02.0861 1908 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:46:02.0861 1908 nv_agp - ok
16:46:03.0017 1908 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:46:03.0032 1908 odserv - ok
16:46:03.0064 1908 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:46:03.0079 1908 ohci1394 - ok
16:46:03.0110 1908 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:46:03.0110 1908 ose - ok
16:46:03.0220 1908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:46:03.0235 1908 p2pimsvc - ok
16:46:03.0266 1908 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:46:03.0298 1908 p2psvc - ok
16:46:03.0344 1908 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:46:03.0360 1908 Parport - ok
16:46:03.0391 1908 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:46:03.0391 1908 partmgr - ok
16:46:03.0438 1908 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:46:03.0438 1908 PcaSvc - ok
16:46:03.0454 1908 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:46:03.0469 1908 pci - ok
16:46:03.0516 1908 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:46:03.0516 1908 pciide - ok
16:46:03.0563 1908 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:46:03.0578 1908 pcmcia - ok
16:46:03.0610 1908 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:46:03.0610 1908 pcw - ok
16:46:03.0641 1908 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:46:03.0656 1908 PEAUTH - ok
16:46:03.0781 1908 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:46:03.0812 1908 PerfHost - ok
16:46:04.0093 1908 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:46:04.0124 1908 pla - ok
16:46:04.0202 1908 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:46:04.0202 1908 PlugPlay - ok
16:46:04.0249 1908 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:46:04.0249 1908 PNRPAutoReg - ok
16:46:04.0265 1908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:46:04.0280 1908 PNRPsvc - ok
16:46:04.0327 1908 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:46:04.0327 1908 PolicyAgent - ok
16:46:04.0374 1908 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:46:04.0374 1908 Power - ok
16:46:04.0436 1908 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:46:04.0452 1908 PptpMiniport - ok
16:46:04.0468 1908 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:46:04.0499 1908 Processor - ok
16:46:04.0561 1908 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:46:04.0561 1908 ProfSvc - ok
16:46:04.0577 1908 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:04.0577 1908 ProtectedStorage - ok
16:46:04.0624 1908 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:46:04.0639 1908 Psched - ok
16:46:05.0092 1908 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:46:05.0123 1908 ql2300 - ok
16:46:05.0201 1908 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:46:05.0201 1908 ql40xx - ok
16:46:05.0263 1908 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:46:05.0279 1908 QWAVE - ok
16:46:05.0294 1908 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:46:05.0310 1908 QWAVEdrv - ok
16:46:05.0326 1908 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:46:05.0341 1908 RasAcd - ok
16:46:05.0388 1908 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:05.0388 1908 RasAgileVpn - ok
16:46:05.0435 1908 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:46:05.0435 1908 RasAuto - ok
16:46:05.0482 1908 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:05.0482 1908 Rasl2tp - ok
16:46:05.0544 1908 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:46:05.0544 1908 RasMan - ok
16:46:05.0622 1908 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:05.0622 1908 RasPppoe - ok
16:46:05.0669 1908 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:46:05.0669 1908 RasSstp - ok
16:46:05.0731 1908 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:46:05.0731 1908 rdbss - ok
16:46:05.0747 1908 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:46:05.0747 1908 rdpbus - ok
16:46:05.0778 1908 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:05.0778 1908 RDPCDD - ok
16:46:05.0825 1908 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:46:05.0825 1908 RDPENCDD - ok
16:46:05.0856 1908 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:46:05.0872 1908 RDPREFMP - ok
16:46:05.0903 1908 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:46:05.0934 1908 RDPWD - ok
16:46:05.0981 1908 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:46:05.0981 1908 rdyboost - ok
16:46:06.0043 1908 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:46:06.0043 1908 RemoteAccess - ok
16:46:06.0090 1908 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:46:06.0090 1908 RemoteRegistry - ok
16:46:06.0121 1908 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:46:06.0121 1908 RpcEptMapper - ok
16:46:06.0152 1908 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:46:06.0184 1908 RpcLocator - ok
16:46:06.0215 1908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:46:06.0230 1908 RpcSs - ok
16:46:06.0308 1908 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:46:06.0308 1908 rspndr - ok
16:46:06.0418 1908 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
16:46:06.0449 1908 RSUSBSTOR - ok
16:46:06.0464 1908 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:46:06.0464 1908 SamSs - ok
16:46:06.0511 1908 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:46:06.0527 1908 sbp2port - ok
16:46:06.0558 1908 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:46:06.0558 1908 SCardSvr - ok
16:46:06.0605 1908 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:46:06.0636 1908 scfilter - ok
16:46:06.0714 1908 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:46:06.0730 1908 Schedule - ok
16:46:06.0792 1908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:46:06.0792 1908 SCPolicySvc - ok
16:46:06.0854 1908 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:46:06.0886 1908 SDRSVC - ok
16:46:06.0917 1908 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:46:06.0932 1908 secdrv - ok
16:46:06.0964 1908 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:46:06.0979 1908 seclogon - ok
16:46:07.0026 1908 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:46:07.0026 1908 SENS - ok
16:46:07.0042 1908 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:46:07.0057 1908 SensrSvc - ok
16:46:07.0073 1908 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:46:07.0073 1908 Serenum - ok
16:46:07.0182 1908 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:46:07.0182 1908 Serial - ok
16:46:07.0213 1908 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:46:07.0213 1908 sermouse - ok
16:46:07.0291 1908 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:46:07.0291 1908 SessionEnv - ok
16:46:07.0338 1908 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:46:07.0354 1908 sffdisk - ok
16:46:07.0385 1908 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:46:07.0385 1908 sffp_mmc - ok
16:46:07.0400 1908 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:46:07.0400 1908 sffp_sd - ok
16:46:07.0463 1908 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:46:07.0478 1908 sfloppy - ok
16:46:07.0525 1908 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:46:07.0525 1908 SharedAccess - ok
16:46:07.0588 1908 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:07.0588 1908 ShellHWDetection - ok
16:46:07.0634 1908 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:46:07.0634 1908 SiSRaid2 - ok
16:46:07.0650 1908 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:46:07.0650 1908 SiSRaid4 - ok
16:46:07.0681 1908 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:46:07.0681 1908 Smb - ok
16:46:07.0822 1908 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:46:07.0837 1908 SNMPTRAP - ok
16:46:07.0884 1908 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:46:07.0884 1908 spldr - ok
16:46:07.0931 1908 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:46:07.0931 1908 Spooler - ok
16:46:08.0290 1908 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:46:08.0383 1908 sppsvc - ok
16:46:08.0446 1908 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:46:08.0461 1908 sppuinotify - ok
16:46:08.0882 1908 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
16:46:08.0929 1908 SRTSP - ok
16:46:09.0132 1908 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
16:46:09.0132 1908 SRTSPX - ok
16:46:09.0210 1908 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:46:09.0210 1908 srv - ok
16:46:09.0288 1908 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:46:09.0288 1908 srv2 - ok
16:46:09.0366 1908 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:46:09.0366 1908 srvnet - ok
16:46:09.0444 1908 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:46:09.0444 1908 SSDPSRV - ok
16:46:09.0491 1908 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:46:09.0491 1908 SstpSvc - ok
16:46:09.0600 1908 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:46:09.0616 1908 ssudmdm - ok
16:46:09.0662 1908 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:46:09.0662 1908 stexstor - ok
16:46:09.0787 1908 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:46:09.0787 1908 stisvc - ok
16:46:09.0865 1908 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:46:09.0865 1908 swenum - ok
16:46:09.0928 1908 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:46:09.0943 1908 swprv - ok
16:46:10.0146 1908 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
16:46:10.0146 1908 SymDS - ok
16:46:10.0536 1908 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
16:46:10.0567 1908 SymEFA - ok
16:46:10.0692 1908 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:46:10.0692 1908 SymEvent - ok
16:46:10.0801 1908 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
16:46:10.0801 1908 SymIRON - ok
16:46:10.0879 1908 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
16:46:10.0879 1908 SymNetS - ok
16:46:10.0926 1908 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:46:10.0926 1908 SynTP - ok
16:46:11.0191 1908 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:46:11.0222 1908 SysMain - ok
16:46:11.0285 1908 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:11.0300 1908 TabletInputService - ok
16:46:11.0332 1908 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:46:11.0347 1908 TapiSrv - ok
16:46:11.0363 1908 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:46:11.0378 1908 TBS - ok
16:46:11.0597 1908 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:46:11.0612 1908 Tcpip - ok
16:46:11.0659 1908 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:46:11.0675 1908 TCPIP6 - ok
16:46:11.0768 1908 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:46:11.0768 1908 tcpipreg - ok
16:46:11.0831 1908 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:46:11.0846 1908 TDPIPE - ok
16:46:11.0924 1908 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:46:11.0956 1908 TDTCP - ok
16:46:12.0002 1908 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:46:12.0002 1908 tdx - ok
16:46:12.0080 1908 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:46:12.0080 1908 TermDD - ok
16:46:12.0158 1908 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:46:12.0158 1908 TermService - ok
16:46:12.0221 1908 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:46:12.0221 1908 Themes - ok
16:46:12.0299 1908 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:46:12.0299 1908 THREADORDER - ok
16:46:12.0346 1908 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:46:12.0346 1908 TrkWks - ok
16:46:12.0470 1908 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:12.0470 1908 TrustedInstaller - ok
16:46:12.0564 1908 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:12.0564 1908 tssecsrv - ok
16:46:12.0642 1908 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:46:12.0658 1908 TsUsbFlt - ok
16:46:12.0720 1908 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:46:12.0736 1908 tunnel - ok
16:46:12.0767 1908 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:46:12.0767 1908 uagp35 - ok
16:46:12.0814 1908 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
16:46:12.0814 1908 UBHelper - ok
16:46:12.0938 1908 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:46:12.0970 1908 udfs - ok
16:46:13.0063 1908 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:46:13.0110 1908 UI0Detect - ok
16:46:13.0172 1908 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:46:13.0172 1908 uliagpkx - ok
16:46:13.0250 1908 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:46:13.0266 1908 umbus - ok
16:46:13.0282 1908 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:46:13.0297 1908 UmPass - ok
16:46:13.0531 1908 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
16:46:13.0531 1908 Updater Service - ok
16:46:13.0594 1908 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:46:13.0594 1908 upnphost - ok
16:46:13.0718 1908 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:46:13.0734 1908 USBAAPL64 - ok
16:46:13.0781 1908 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:13.0796 1908 usbccgp - ok
16:46:13.0828 1908 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:46:13.0828 1908 usbcir - ok
16:46:13.0890 1908 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:46:13.0890 1908 usbehci - ok
16:46:13.0968 1908 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:46:13.0968 1908 usbhub - ok
16:46:13.0999 1908 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:46:14.0015 1908 usbohci - ok
16:46:14.0077 1908 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:46:14.0108 1908 usbprint - ok
16:46:14.0155 1908 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:46:14.0202 1908 usbscan - ok
16:46:14.0233 1908 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:14.0233 1908 USBSTOR - ok
16:46:14.0280 1908 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:46:14.0280 1908 usbuhci - ok
16:46:14.0405 1908 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:46:14.0405 1908 usbvideo - ok
16:46:14.0452 1908 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:46:14.0452 1908 UxSms - ok
16:46:14.0467 1908 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:46:14.0467 1908 VaultSvc - ok
16:46:14.0514 1908 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:46:14.0514 1908 vdrvroot - ok
16:46:14.0764 1908 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:46:14.0826 1908 vds - ok
16:46:14.0904 1908 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:14.0904 1908 vga - ok
16:46:14.0935 1908 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:46:14.0935 1908 VgaSave - ok
16:46:15.0044 1908 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:46:15.0044 1908 vhdmp - ok
16:46:15.0107 1908 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:46:15.0107 1908 viaide - ok
16:46:15.0122 1908 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:46:15.0122 1908 volmgr - ok
16:46:15.0200 1908 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:46:15.0200 1908 volmgrx - ok
16:46:15.0247 1908 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:46:15.0263 1908 volsnap - ok
16:46:15.0356 1908 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:46:15.0372 1908 vsmraid - ok
16:46:15.0512 1908 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:46:15.0544 1908 VSS - ok
16:46:15.0575 1908 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:15.0575 1908 vwifibus - ok
16:46:15.0637 1908 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:15.0637 1908 vwififlt - ok
16:46:15.0668 1908 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:46:15.0668 1908 vwifimp - ok
16:46:15.0731 1908 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:46:15.0731 1908 W32Time - ok
16:46:15.0762 1908 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:46:15.0778 1908 WacomPen - ok
16:46:15.0840 1908 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:46:15.0840 1908 WANARP - ok
16:46:15.0856 1908 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:46:15.0871 1908 Wanarpv6 - ok
16:46:16.0261 1908 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:16.0308 1908 WatAdminSvc - ok
16:46:16.0386 1908 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:46:16.0417 1908 wbengine - ok
16:46:16.0448 1908 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:46:16.0480 1908 WbioSrvc - ok
16:46:16.0511 1908 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:46:16.0542 1908 wcncsvc - ok
16:46:16.0573 1908 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:16.0573 1908 WcsPlugInService - ok
16:46:16.0604 1908 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:46:16.0604 1908 Wd - ok
16:46:16.0636 1908 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:46:16.0651 1908 Wdf01000 - ok
16:46:16.0667 1908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:46:16.0667 1908 WdiServiceHost - ok
16:46:16.0682 1908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:46:16.0682 1908 WdiSystemHost - ok
16:46:16.0729 1908 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:46:16.0729 1908 WebClient - ok
16:46:16.0776 1908 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:46:16.0792 1908 Wecsvc - ok
16:46:16.0807 1908 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:46:16.0807 1908 wercplsupport - ok
16:46:16.0838 1908 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:46:16.0838 1908 WerSvc - ok
16:46:16.0916 1908 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:16.0916 1908 WfpLwf - ok
16:46:16.0948 1908 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:46:16.0948 1908 WIMMount - ok
16:46:16.0963 1908 WinDefend - ok
16:46:16.0979 1908 WinHttpAutoProxySvc - ok
16:46:17.0135 1908 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:46:17.0135 1908 Winmgmt - ok
16:46:17.0228 1908 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:46:17.0275 1908 WinRM - ok
16:46:17.0400 1908 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:17.0400 1908 WinUsb - ok
16:46:17.0447 1908 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:46:17.0462 1908 Wlansvc - ok
16:46:17.0650 1908 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:46:17.0696 1908 wlidsvc - ok
16:46:17.0774 1908 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:46:17.0774 1908 WmiAcpi - ok
16:46:17.0837 1908 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:46:17.0837 1908 wmiApSrv - ok
16:46:17.0868 1908 WMPNetworkSvc - ok
16:46:17.0915 1908 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:46:17.0930 1908 WPCSvc - ok
16:46:17.0977 1908 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:46:17.0977 1908 WPDBusEnum - ok
16:46:18.0024 1908 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:46:18.0024 1908 ws2ifsl - ok
16:46:18.0040 1908 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:46:18.0055 1908 wscsvc - ok
16:46:18.0055 1908 WSearch - ok
16:46:18.0211 1908 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:46:18.0274 1908 wuauserv - ok
16:46:18.0320 1908 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:46:18.0320 1908 WudfPf - ok
16:46:18.0383 1908 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:18.0383 1908 WUDFRd - ok
16:46:18.0430 1908 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:46:18.0430 1908 wudfsvc - ok
16:46:18.0476 1908 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:46:18.0492 1908 WwanSvc - ok
16:46:18.0539 1908 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
16:46:18.0554 1908 ZTEusbmdm6k - ok
16:46:18.0617 1908 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
16:46:18.0648 1908 ZTEusbnmea - ok
16:46:18.0679 1908 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
16:46:18.0679 1908 ZTEusbser6k - ok
16:46:18.0726 1908 ================ Scan global ===============================
16:46:18.0757 1908 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:46:18.0835 1908 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:46:18.0851 1908 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:46:18.0898 1908 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:46:18.0944 1908 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
16:46:18.0944 1908 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
16:46:18.0944 1908 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
16:46:18.0944 1908 ================ Scan MBR ==================================
16:46:18.0976 1908 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:46:21.0924 1908 \Device\Harddisk0\DR0 - ok
16:46:21.0924 1908 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:46:26.0791 1908 \Device\Harddisk1\DR1 - ok
16:46:26.0791 1908 ================ Scan VBR ==================================
16:46:26.0807 1908 [ 95B31A88CD2E12DBC15012FE77B8F0B7 ] \Device\Harddisk0\DR0\Partition1
16:46:26.0822 1908 \Device\Harddisk0\DR0\Partition1 - ok
16:46:26.0822 1908 [ 9960F8E52E07EC8A35E1727A31053171 ] \Device\Harddisk0\DR0\Partition2
16:46:26.0838 1908 \Device\Harddisk0\DR0\Partition2 - ok
16:46:26.0838 1908 [ BFEADD704B8DB7CB9F7674E19DB7E29D ] \Device\Harddisk1\DR1\Partition1
16:46:26.0838 1908 \Device\Harddisk1\DR1\Partition1 - ok
16:46:26.0854 1908 ============================================================
16:46:26.0854 1908 Scan finished
16:46:26.0854 1908 ============================================================
16:46:26.0869 2756 Detected object count: 1
16:46:26.0869 2756 Actual detected object count: 1

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-21 16:50:24
-----------------------------
16:50:24.129 OS Version: Windows x64 6.1.7601 Service Pack 1
16:50:24.129 Number of processors: 1 586 0x170A
16:50:24.144 ComputerName: TONYSARA UserName: Tony
16:50:35.200 Initialize success
16:51:28.645 AVAST engine defs: 12092100
16:51:35.743 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:51:35.758 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
16:51:35.758 Disk 0 MBR read successfully
16:51:35.774 Disk 0 MBR scan
16:51:35.774 Disk 0 Windows 7 default MBR code
16:51:35.790 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
16:51:35.821 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
16:51:35.836 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 225061 MB offset 27469824
16:51:35.852 Disk 0 scanning C:\Windows\system32\drivers
16:51:48.176 Service scanning
16:51:48.706 Service 04936009 C:\Windows\system32\drivers\40659798.sys **HIDDEN**
16:52:20.375 Modules scanning
16:52:20.375 Disk 0 trace - called modules:
16:52:20.921 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
16:52:20.921 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004486060]
16:52:20.936 3 CLASSPNP.SYS[fffff8800103b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80025ee050]
16:52:22.668 AVAST engine scan C:\Windows
16:52:25.725 AVAST engine scan C:\Windows\system32
16:55:03.630 File: C:\Windows\system32\services.exe **INFECTED** Win32:Patched-AKC [Trj]
16:55:50.494 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:55:54.394 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:57:15.313 AVAST engine scan C:\Windows\system32\drivers
16:57:34.534 AVAST engine scan C:\Users\Tony
17:06:31.310 AVAST engine scan C:\ProgramData
17:08:59.416 Scan finished successfully
17:09:49.602 Disk 0 MBR has been saved successfully to "C:\Users\Tony\Documents\MBR.dat"
17:09:49.617 The log file has been saved successfully to "C:\Users\Tony\Documents\aswMBR.txt"

ESET

C:\TDSSKiller_Quarantine\21.09.2012_16.45.09\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan



This is all i got. Thank you for helping.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:26 PM

Posted 21 September 2012 - 10:44 PM

Hello, I realize the TDSS log is log,but I believe there is more after this..would you poat that part please.

This is at the end of your TDSS log.
16:46:26.0854 1908 Scan finished
16:46:26.0854 1908 ============================================================
16:46:26.0869 2756 Detected object count: 1
16:46:26.0869 2756 Actual detected object count: 1
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 21 September 2012 - 10:46 PM

Run TDSSkiller again and select CURE for this infection

16:46:18.0944 1908 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
16:46:18.0944 1908 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)


Do not SKIP it,

Restart the PC ,run TDSSkiller and ASWMBR again and post the new logs

#6 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 22 September 2012 - 03:47 AM

TTDS Killer

09:19:24.0286 4064 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:19:25.0004 4064 ============================================================
09:19:25.0004 4064 Current date / time: 2012/09/22 09:19:25.0004
09:19:25.0004 4064 SystemInfo:
09:19:25.0004 4064
09:19:25.0004 4064 OS Version: 6.1.7601 ServicePack: 1.0
09:19:25.0004 4064 Product type: Workstation
09:19:25.0004 4064 ComputerName: TONYSARA
09:19:25.0004 4064 UserName: Tony
09:19:25.0004 4064 Windows directory: C:\Windows
09:19:25.0004 4064 System windows directory: C:\Windows
09:19:25.0004 4064 Running under WOW64
09:19:25.0004 4064 Processor architecture: Intel x64
09:19:25.0004 4064 Number of processors: 1
09:19:25.0004 4064 Page size: 0x1000
09:19:25.0004 4064 Boot type: Normal boot
09:19:25.0004 4064 ============================================================
09:19:25.0721 4064 BG loaded
09:19:26.0330 4064 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:19:26.0345 4064 Drive \Device\Harddisk1\DR1 - Size: 0xEEB00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:19:26.0345 4064 ============================================================
09:19:26.0345 4064 \Device\Harddisk0\DR0:
09:19:26.0345 4064 MBR partitions:
09:19:26.0345 4064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
09:19:26.0345 4064 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
09:19:26.0345 4064 \Device\Harddisk1\DR1:
09:19:26.0345 4064 MBR partitions:
09:19:26.0345 4064 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x80, BlocksNum 0x772266
09:19:26.0345 4064 ============================================================
09:19:26.0517 4064 C: <-> \Device\Harddisk0\DR0\Partition2
09:19:26.0517 4064 ============================================================
09:19:26.0517 4064 Initialize success
09:19:26.0517 4064 ============================================================
09:20:37.0170 2868 ============================================================
09:20:37.0170 2868 Scan started
09:20:37.0170 2868 Mode: Manual; TDLFS;
09:20:37.0170 2868 ============================================================
09:20:38.0449 2868 ================ Scan system memory ========================
09:20:38.0449 2868 System memory - ok
09:20:38.0449 2868 ================ Scan services =============================
09:20:39.0744 2868 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:20:39.0744 2868 1394ohci - ok
09:20:39.0931 2868 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:20:39.0931 2868 ACPI - ok
09:20:40.0025 2868 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:20:40.0041 2868 AcpiPmi - ok
09:20:40.0228 2868 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:20:40.0228 2868 adp94xx - ok
09:20:40.0353 2868 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:20:40.0399 2868 adpahci - ok
09:20:40.0524 2868 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:20:40.0524 2868 adpu320 - ok
09:20:40.0633 2868 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:20:40.0633 2868 AeLookupSvc - ok
09:20:40.0789 2868 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:20:40.0805 2868 AFD - ok
09:20:40.0899 2868 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:20:40.0899 2868 agp440 - ok
09:20:40.0961 2868 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:20:40.0961 2868 ALG - ok
09:20:41.0008 2868 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:20:41.0023 2868 aliide - ok
09:20:41.0039 2868 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:20:41.0055 2868 amdide - ok
09:20:41.0133 2868 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:20:41.0148 2868 AmdK8 - ok
09:20:41.0179 2868 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:20:41.0179 2868 AmdPPM - ok
09:20:41.0226 2868 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:20:41.0242 2868 amdsata - ok
09:20:41.0289 2868 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:20:41.0320 2868 amdsbs - ok
09:20:41.0351 2868 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:20:41.0351 2868 amdxata - ok
09:20:41.0413 2868 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:20:41.0429 2868 AppID - ok
09:20:41.0476 2868 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:20:41.0476 2868 AppIDSvc - ok
09:20:41.0538 2868 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:20:41.0538 2868 Appinfo - ok
09:20:41.0663 2868 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:20:41.0663 2868 Apple Mobile Device - ok
09:20:41.0725 2868 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:20:41.0741 2868 arc - ok
09:20:41.0741 2868 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:20:41.0757 2868 arcsas - ok
09:20:41.0803 2868 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:20:41.0803 2868 AsyncMac - ok
09:20:41.0897 2868 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:20:41.0897 2868 atapi - ok
09:20:41.0975 2868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:20:41.0975 2868 AudioEndpointBuilder - ok
09:20:41.0991 2868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:20:42.0006 2868 AudioSrv - ok
09:20:42.0100 2868 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:20:42.0100 2868 AxInstSV - ok
09:20:42.0162 2868 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:20:42.0178 2868 b06bdrv - ok
09:20:42.0256 2868 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:20:42.0271 2868 b57nd60a - ok
09:20:42.0396 2868 [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:20:42.0474 2868 BCM43XX - ok
09:20:42.0521 2868 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:20:42.0521 2868 BDESVC - ok
09:20:42.0958 2868 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
09:20:42.0989 2868 BecHelperService - ok
09:20:43.0114 2868 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:20:43.0114 2868 Beep - ok
09:20:43.0207 2868 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:20:43.0207 2868 BFE - ok
09:20:43.0504 2868 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
09:20:43.0535 2868 BHDrvx64 - ok
09:20:43.0613 2868 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:20:43.0629 2868 BITS - ok
09:20:43.0707 2868 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:20:43.0707 2868 blbdrive - ok
09:20:43.0816 2868 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:20:43.0816 2868 Bonjour Service - ok
09:20:43.0863 2868 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:20:43.0878 2868 bowser - ok
09:20:43.0894 2868 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:20:43.0894 2868 BrFiltLo - ok
09:20:43.0941 2868 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:20:43.0941 2868 BrFiltUp - ok
09:20:43.0987 2868 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:20:43.0987 2868 Browser - ok
09:20:44.0019 2868 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:20:44.0034 2868 Brserid - ok
09:20:44.0050 2868 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:20:44.0065 2868 BrSerWdm - ok
09:20:44.0112 2868 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:20:44.0112 2868 BrUsbMdm - ok
09:20:44.0128 2868 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:20:44.0143 2868 BrUsbSer - ok
09:20:44.0159 2868 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:20:44.0159 2868 BTHMODEM - ok
09:20:44.0237 2868 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:20:44.0237 2868 bthserv - ok
09:20:44.0377 2868 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
09:20:44.0393 2868 ccSet_N360 - ok
09:20:44.0440 2868 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:20:44.0440 2868 cdfs - ok
09:20:44.0518 2868 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:20:44.0533 2868 cdrom - ok
09:20:44.0596 2868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:20:44.0596 2868 CertPropSvc - ok
09:20:44.0658 2868 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:20:44.0674 2868 circlass - ok
09:20:44.0721 2868 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:20:44.0721 2868 CLFS - ok
09:20:44.0861 2868 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:20:44.0877 2868 clr_optimization_v2.0.50727_32 - ok
09:20:44.0955 2868 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:20:44.0970 2868 clr_optimization_v2.0.50727_64 - ok
09:20:45.0079 2868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:20:45.0111 2868 clr_optimization_v4.0.30319_32 - ok
09:20:45.0157 2868 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:20:45.0173 2868 clr_optimization_v4.0.30319_64 - ok
09:20:45.0220 2868 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:20:45.0220 2868 CmBatt - ok
09:20:45.0251 2868 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:20:45.0267 2868 cmdide - ok
09:20:45.0313 2868 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:20:45.0329 2868 CNG - ok
09:20:45.0391 2868 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:20:45.0391 2868 Compbatt - ok
09:20:45.0454 2868 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:20:45.0454 2868 CompositeBus - ok
09:20:45.0485 2868 COMSysApp - ok
09:20:45.0516 2868 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:20:45.0516 2868 crcdisk - ok
09:20:45.0579 2868 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:20:45.0594 2868 CryptSvc - ok
09:20:45.0641 2868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:20:45.0641 2868 DcomLaunch - ok
09:20:45.0703 2868 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:20:45.0703 2868 defragsvc - ok
09:20:45.0766 2868 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:20:45.0766 2868 DfsC - ok
09:20:45.0891 2868 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
09:20:45.0891 2868 dg_ssudbus - ok
09:20:45.0969 2868 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:20:45.0969 2868 Dhcp - ok
09:20:46.0031 2868 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:20:46.0031 2868 discache - ok
09:20:46.0109 2868 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:20:46.0109 2868 Disk - ok
09:20:46.0156 2868 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:20:46.0156 2868 Dnscache - ok
09:20:46.0203 2868 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:20:46.0203 2868 dot3svc - ok
09:20:46.0249 2868 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:20:46.0249 2868 DPS - ok
09:20:46.0312 2868 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:20:46.0312 2868 drmkaud - ok
09:20:46.0421 2868 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:20:46.0421 2868 DsiWMIService - ok
09:20:46.0483 2868 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:20:46.0499 2868 DXGKrnl - ok
09:20:46.0577 2868 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:20:46.0577 2868 EapHost - ok
09:20:46.0671 2868 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:20:46.0749 2868 ebdrv - ok
09:20:46.0827 2868 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:20:46.0842 2868 eeCtrl - ok
09:20:46.0889 2868 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:20:46.0889 2868 EFS - ok
09:20:46.0967 2868 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:20:46.0983 2868 ehRecvr - ok
09:20:47.0014 2868 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:20:47.0014 2868 ehSched - ok
09:20:47.0076 2868 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:20:47.0092 2868 elxstor - ok
09:20:47.0232 2868 [ 49EEF52BFB986A2B5D70F4EC12637D7B ] ePowerSvc C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
09:20:47.0248 2868 ePowerSvc - ok
09:20:47.0310 2868 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:20:47.0310 2868 EraserUtilRebootDrv - ok
09:20:47.0341 2868 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:20:47.0341 2868 ErrDev - ok
09:20:47.0404 2868 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:20:47.0404 2868 EventSystem - ok
09:20:47.0435 2868 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:20:47.0435 2868 exfat - ok
09:20:47.0482 2868 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:20:47.0482 2868 fastfat - ok
09:20:47.0560 2868 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:20:47.0560 2868 Fax - ok
09:20:47.0591 2868 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:20:47.0622 2868 fdc - ok
09:20:47.0669 2868 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:20:47.0669 2868 fdPHost - ok
09:20:47.0700 2868 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:20:47.0700 2868 FDResPub - ok
09:20:47.0731 2868 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:20:47.0731 2868 FileInfo - ok
09:20:47.0763 2868 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:20:47.0763 2868 Filetrace - ok
09:20:47.0778 2868 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:20:47.0778 2868 flpydisk - ok
09:20:47.0856 2868 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:20:47.0856 2868 FltMgr - ok
09:20:47.0934 2868 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:20:47.0965 2868 FontCache - ok
09:20:48.0059 2868 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:20:48.0059 2868 FontCache3.0.0.0 - ok
09:20:48.0106 2868 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:20:48.0106 2868 FsDepends - ok
09:20:48.0153 2868 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:20:48.0153 2868 Fs_Rec - ok
09:20:48.0231 2868 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:20:48.0231 2868 fvevol - ok
09:20:48.0277 2868 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:20:48.0277 2868 gagp30kx - ok
09:20:48.0387 2868 [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
09:20:48.0402 2868 GameConsoleService - ok
09:20:48.0480 2868 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:20:48.0480 2868 GEARAspiWDM - ok
09:20:48.0527 2868 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:20:48.0543 2868 gpsvc - ok
09:20:48.0652 2868 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
09:20:48.0652 2868 GREGService - ok
09:20:48.0745 2868 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:20:48.0761 2868 gupdate - ok
09:20:48.0808 2868 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:20:48.0808 2868 gupdatem - ok
09:20:48.0855 2868 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:20:48.0855 2868 gusvc - ok
09:20:48.0886 2868 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:20:48.0886 2868 hcw85cir - ok
09:20:48.0964 2868 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:20:48.0979 2868 HdAudAddService - ok
09:20:49.0011 2868 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:20:49.0011 2868 HDAudBus - ok
09:20:49.0026 2868 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:20:49.0042 2868 HidBatt - ok
09:20:49.0073 2868 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:20:49.0073 2868 HidBth - ok
09:20:49.0089 2868 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:20:49.0104 2868 HidIr - ok
09:20:49.0135 2868 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:20:49.0135 2868 hidserv - ok
09:20:49.0198 2868 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:20:49.0213 2868 HidUsb - ok
09:20:49.0260 2868 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:20:49.0260 2868 hkmsvc - ok
09:20:49.0323 2868 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:20:49.0323 2868 HomeGroupListener - ok
09:20:49.0369 2868 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:20:49.0369 2868 HomeGroupProvider - ok
09:20:49.0432 2868 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:20:49.0432 2868 HpSAMD - ok
09:20:49.0494 2868 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:20:49.0510 2868 HTTP - ok
09:20:49.0557 2868 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:20:49.0557 2868 hwpolicy - ok
09:20:49.0603 2868 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:20:49.0603 2868 i8042prt - ok
09:20:49.0666 2868 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:20:49.0681 2868 iaStor - ok
09:20:49.0791 2868 [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:20:49.0791 2868 IAStorDataMgrSvc - ok
09:20:49.0900 2868 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:20:49.0931 2868 iaStorV - ok
09:20:50.0025 2868 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:20:50.0056 2868 idsvc - ok
09:20:50.0227 2868 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120920.002\IDSvia64.sys
09:20:50.0243 2868 IDSVia64 - ok
09:20:50.0461 2868 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:20:50.0617 2868 igfx - ok
09:20:50.0664 2868 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:20:50.0680 2868 iirsp - ok
09:20:50.0742 2868 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:20:50.0742 2868 IKEEXT - ok
09:20:50.0851 2868 [ 1768CCC0CCDA73A5B3D7A17A3C52E870 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:20:50.0914 2868 IntcAzAudAddService - ok
09:20:50.0945 2868 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:20:50.0945 2868 intelide - ok
09:20:51.0007 2868 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:20:51.0007 2868 intelppm - ok
09:20:51.0039 2868 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:20:51.0039 2868 IPBusEnum - ok
09:20:51.0085 2868 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:20:51.0085 2868 IpFilterDriver - ok
09:20:51.0148 2868 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:20:51.0148 2868 iphlpsvc - ok
09:20:51.0210 2868 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:20:51.0210 2868 IPMIDRV - ok
09:20:51.0241 2868 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:20:51.0257 2868 IPNAT - ok
09:20:51.0351 2868 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:20:51.0366 2868 iPod Service - ok
09:20:51.0413 2868 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:20:51.0413 2868 IRENUM - ok
09:20:51.0444 2868 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:20:51.0444 2868 isapnp - ok
09:20:51.0491 2868 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:20:51.0491 2868 iScsiPrt - ok
09:20:51.0569 2868 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:20:51.0569 2868 kbdclass - ok
09:20:51.0600 2868 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:20:51.0600 2868 kbdhid - ok
09:20:51.0616 2868 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:20:51.0616 2868 KeyIso - ok
09:20:51.0663 2868 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:20:51.0663 2868 KSecDD - ok
09:20:51.0709 2868 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:20:51.0709 2868 KSecPkg - ok
09:20:51.0787 2868 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:20:51.0787 2868 ksthunk - ok
09:20:51.0834 2868 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:20:51.0850 2868 KtmRm - ok
09:20:51.0928 2868 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:20:51.0928 2868 L1C - ok
09:20:51.0990 2868 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:20:51.0990 2868 LanmanServer - ok
09:20:52.0037 2868 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:20:52.0037 2868 LanmanWorkstation - ok
09:20:52.0115 2868 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:20:52.0115 2868 lltdio - ok
09:20:52.0162 2868 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:20:52.0177 2868 lltdsvc - ok
09:20:52.0193 2868 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:20:52.0193 2868 lmhosts - ok
09:20:52.0255 2868 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:20:52.0271 2868 LSI_FC - ok
09:20:52.0302 2868 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:20:52.0302 2868 LSI_SAS - ok
09:20:52.0318 2868 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:20:52.0333 2868 LSI_SAS2 - ok
09:20:52.0349 2868 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:20:52.0365 2868 LSI_SCSI - ok
09:20:52.0380 2868 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:20:52.0380 2868 luafv - ok
09:20:52.0458 2868 [ 23488767CB18FC3FF39E3AF1DB3FB02C ] massfilter C:\Windows\system32\drivers\massfilter.sys
09:20:52.0458 2868 massfilter - ok
09:20:52.0505 2868 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:20:52.0521 2868 Mcx2Svc - ok
09:20:52.0536 2868 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:20:52.0552 2868 megasas - ok
09:20:52.0599 2868 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:20:52.0599 2868 MegaSR - ok
09:20:52.0677 2868 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:20:52.0677 2868 MMCSS - ok
09:20:52.0692 2868 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:20:52.0692 2868 Modem - ok
09:20:52.0739 2868 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:20:52.0755 2868 monitor - ok
09:20:52.0817 2868 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:20:52.0817 2868 mouclass - ok
09:20:52.0848 2868 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:20:52.0864 2868 mouhid - ok
09:20:52.0911 2868 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:20:52.0911 2868 mountmgr - ok
09:20:52.0942 2868 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:20:52.0942 2868 mpio - ok
09:20:52.0973 2868 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:20:52.0973 2868 mpsdrv - ok
09:20:53.0035 2868 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:20:53.0051 2868 MpsSvc - ok
09:20:53.0098 2868 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:20:53.0098 2868 MRxDAV - ok
09:20:53.0160 2868 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:20:53.0160 2868 mrxsmb - ok
09:20:53.0191 2868 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:20:53.0207 2868 mrxsmb10 - ok
09:20:53.0238 2868 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:20:53.0254 2868 mrxsmb20 - ok
09:20:53.0301 2868 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:20:53.0301 2868 msahci - ok
09:20:53.0332 2868 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:20:53.0347 2868 msdsm - ok
09:20:53.0363 2868 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:20:53.0379 2868 MSDTC - ok
09:20:53.0457 2868 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:20:53.0457 2868 Msfs - ok
09:20:53.0503 2868 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:20:53.0519 2868 mshidkmdf - ok
09:20:53.0550 2868 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:20:53.0581 2868 msisadrv - ok
09:20:53.0613 2868 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:20:53.0628 2868 MSiSCSI - ok
09:20:53.0628 2868 msiserver - ok
09:20:53.0691 2868 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:20:53.0691 2868 MSKSSRV - ok
09:20:53.0753 2868 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:20:53.0769 2868 MSPCLOCK - ok
09:20:53.0800 2868 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:20:53.0815 2868 MSPQM - ok
09:20:53.0862 2868 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:20:53.0862 2868 MsRPC - ok
09:20:53.0909 2868 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:20:53.0909 2868 mssmbios - ok
09:20:53.0956 2868 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:20:53.0987 2868 MSTEE - ok
09:20:54.0003 2868 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:20:54.0003 2868 MTConfig - ok
09:20:54.0018 2868 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:20:54.0034 2868 Mup - ok
09:20:54.0299 2868 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
09:20:54.0299 2868 N360 - ok
09:20:54.0346 2868 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:20:54.0361 2868 napagent - ok
09:20:54.0424 2868 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:20:54.0424 2868 NativeWifiP - ok
09:20:54.0549 2868 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120921.002\ENG64.SYS
09:20:54.0549 2868 NAVENG - ok
09:20:54.0627 2868 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120921.002\EX64.SYS
09:20:54.0689 2868 NAVEX15 - ok
09:20:54.0767 2868 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:20:54.0767 2868 NDIS - ok
09:20:54.0814 2868 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:20:54.0814 2868 NdisCap - ok
09:20:54.0876 2868 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:20:54.0876 2868 NdisTapi - ok
09:20:54.0939 2868 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:20:54.0939 2868 Ndisuio - ok
09:20:55.0001 2868 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:20:55.0001 2868 NdisWan - ok
09:20:55.0048 2868 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:20:55.0048 2868 NDProxy - ok
09:20:55.0095 2868 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:20:55.0095 2868 NetBIOS - ok
09:20:55.0141 2868 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:20:55.0141 2868 NetBT - ok
09:20:55.0157 2868 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:20:55.0157 2868 Netlogon - ok
09:20:55.0235 2868 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:20:55.0235 2868 Netman - ok
09:20:55.0282 2868 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:20:55.0297 2868 netprofm - ok
09:20:55.0329 2868 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:20:55.0344 2868 NetTcpPortSharing - ok
09:20:55.0391 2868 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:20:55.0391 2868 nfrd960 - ok
09:20:55.0453 2868 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:20:55.0453 2868 NlaSvc - ok
09:20:55.0485 2868 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:20:55.0485 2868 Npfs - ok
09:20:55.0531 2868 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:20:55.0531 2868 nsi - ok
09:20:55.0547 2868 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:20:55.0547 2868 nsiproxy - ok
09:20:55.0625 2868 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:20:55.0656 2868 Ntfs - ok
09:20:55.0765 2868 [ 15221DD637D9D0FFC60848EBBF1DF538 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:20:55.0781 2868 NTIBackupSvc - ok
09:20:55.0828 2868 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:20:55.0828 2868 NTIDrvr - ok
09:20:55.0859 2868 [ B5071E15D4C3F5EF5018AFF7E85A85E5 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:20:55.0890 2868 NTISchedulerSvc - ok
09:20:55.0921 2868 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:20:55.0921 2868 Null - ok
09:20:55.0968 2868 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:20:55.0968 2868 nvraid - ok
09:20:55.0999 2868 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:20:55.0999 2868 nvstor - ok
09:20:56.0062 2868 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:20:56.0062 2868 nv_agp - ok
09:20:56.0155 2868 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:20:56.0171 2868 odserv - ok
09:20:56.0202 2868 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:20:56.0202 2868 ohci1394 - ok
09:20:56.0249 2868 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:20:56.0265 2868 ose - ok
09:20:56.0327 2868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:20:56.0327 2868 p2pimsvc - ok
09:20:56.0358 2868 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:20:56.0374 2868 p2psvc - ok
09:20:56.0405 2868 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:20:56.0421 2868 Parport - ok
09:20:56.0452 2868 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:20:56.0452 2868 partmgr - ok
09:20:56.0483 2868 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:20:56.0483 2868 PcaSvc - ok
09:20:56.0514 2868 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:20:56.0514 2868 pci - ok
09:20:56.0561 2868 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:20:56.0577 2868 pciide - ok
09:20:56.0623 2868 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:20:56.0639 2868 pcmcia - ok
09:20:56.0670 2868 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:20:56.0670 2868 pcw - ok
09:20:56.0701 2868 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:20:56.0717 2868 PEAUTH - ok
09:20:56.0826 2868 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:20:56.0826 2868 PerfHost - ok
09:20:56.0904 2868 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:20:56.0935 2868 pla - ok
09:20:56.0998 2868 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:20:57.0013 2868 PlugPlay - ok
09:20:57.0045 2868 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:20:57.0045 2868 PNRPAutoReg - ok
09:20:57.0076 2868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:20:57.0076 2868 PNRPsvc - ok
09:20:57.0123 2868 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:20:57.0138 2868 PolicyAgent - ok
09:20:57.0185 2868 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:20:57.0185 2868 Power - ok
09:20:57.0247 2868 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:20:57.0247 2868 PptpMiniport - ok
09:20:57.0279 2868 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:20:57.0294 2868 Processor - ok
09:20:57.0372 2868 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:20:57.0372 2868 ProfSvc - ok
09:20:57.0403 2868 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:20:57.0403 2868 ProtectedStorage - ok
09:20:57.0466 2868 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:20:57.0466 2868 Psched - ok
09:20:57.0513 2868 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:20:57.0544 2868 ql2300 - ok
09:20:57.0591 2868 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:20:57.0591 2868 ql40xx - ok
09:20:57.0637 2868 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:20:57.0637 2868 QWAVE - ok
09:20:57.0669 2868 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:20:57.0669 2868 QWAVEdrv - ok
09:20:57.0700 2868 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:20:57.0700 2868 RasAcd - ok
09:20:57.0747 2868 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:20:57.0747 2868 RasAgileVpn - ok
09:20:57.0778 2868 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:20:57.0778 2868 RasAuto - ok
09:20:57.0825 2868 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:20:57.0825 2868 Rasl2tp - ok
09:20:57.0856 2868 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:20:57.0871 2868 RasMan - ok
09:20:57.0903 2868 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:20:57.0918 2868 RasPppoe - ok
09:20:57.0949 2868 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:20:57.0965 2868 RasSstp - ok
09:20:58.0012 2868 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:20:58.0012 2868 rdbss - ok
09:20:58.0027 2868 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:20:58.0043 2868 rdpbus - ok
09:20:58.0059 2868 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:20:58.0059 2868 RDPCDD - ok
09:20:58.0121 2868 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:20:58.0121 2868 RDPENCDD - ok
09:20:58.0137 2868 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:20:58.0137 2868 RDPREFMP - ok
09:20:58.0183 2868 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:20:58.0215 2868 RDPWD - ok
09:20:58.0261 2868 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:20:58.0293 2868 rdyboost - ok
09:20:58.0324 2868 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:20:58.0324 2868 RemoteAccess - ok
09:20:58.0355 2868 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:20:58.0371 2868 RemoteRegistry - ok
09:20:58.0417 2868 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:20:58.0417 2868 RpcEptMapper - ok
09:20:58.0449 2868 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:20:58.0449 2868 RpcLocator - ok
09:20:58.0495 2868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:20:58.0511 2868 RpcSs - ok
09:20:58.0573 2868 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:20:58.0573 2868 rspndr - ok
09:20:58.0651 2868 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
09:20:58.0667 2868 RSUSBSTOR - ok
09:20:58.0683 2868 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:20:58.0683 2868 SamSs - ok
09:20:58.0729 2868 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:20:58.0729 2868 sbp2port - ok
09:20:58.0776 2868 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:20:58.0776 2868 SCardSvr - ok
09:20:58.0823 2868 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:20:58.0823 2868 scfilter - ok
09:20:58.0885 2868 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:20:58.0901 2868 Schedule - ok
09:20:58.0948 2868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:20:58.0948 2868 SCPolicySvc - ok
09:20:58.0979 2868 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:20:58.0979 2868 SDRSVC - ok
09:20:59.0041 2868 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:20:59.0057 2868 secdrv - ok
09:20:59.0104 2868 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:20:59.0104 2868 seclogon - ok
09:20:59.0151 2868 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:20:59.0151 2868 SENS - ok
09:20:59.0197 2868 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:20:59.0197 2868 SensrSvc - ok
09:20:59.0213 2868 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:20:59.0213 2868 Serenum - ok
09:20:59.0291 2868 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:20:59.0291 2868 Serial - ok
09:20:59.0307 2868 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:20:59.0307 2868 sermouse - ok
09:20:59.0385 2868 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:20:59.0385 2868 SessionEnv - ok
09:20:59.0431 2868 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:20:59.0463 2868 sffdisk - ok
09:20:59.0478 2868 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:20:59.0478 2868 sffp_mmc - ok
09:20:59.0494 2868 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:20:59.0509 2868 sffp_sd - ok
09:20:59.0525 2868 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:20:59.0525 2868 sfloppy - ok
09:20:59.0556 2868 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:20:59.0556 2868 SharedAccess - ok
09:20:59.0619 2868 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:20:59.0619 2868 ShellHWDetection - ok
09:20:59.0665 2868 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:20:59.0665 2868 SiSRaid2 - ok
09:20:59.0697 2868 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:20:59.0697 2868 SiSRaid4 - ok
09:20:59.0743 2868 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:20:59.0743 2868 Smb - ok
09:20:59.0821 2868 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:20:59.0821 2868 SNMPTRAP - ok
09:20:59.0837 2868 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:20:59.0837 2868 spldr - ok
09:20:59.0884 2868 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:20:59.0899 2868 Spooler - ok
09:21:00.0009 2868 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:21:00.0087 2868 sppsvc - ok
09:21:00.0133 2868 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:21:00.0133 2868 sppuinotify - ok
09:21:00.0274 2868 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
09:21:00.0274 2868 SRTSP - ok
09:21:00.0305 2868 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
09:21:00.0305 2868 SRTSPX - ok
09:21:00.0352 2868 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:21:00.0352 2868 srv - ok
09:21:00.0383 2868 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:21:00.0399 2868 srv2 - ok
09:21:00.0414 2868 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:21:00.0414 2868 srvnet - ok
09:21:00.0477 2868 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:21:00.0492 2868 SSDPSRV - ok
09:21:00.0508 2868 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:21:00.0508 2868 SstpSvc - ok
09:21:00.0570 2868 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
09:21:00.0570 2868 ssudmdm - ok
09:21:00.0617 2868 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:21:00.0633 2868 stexstor - ok
09:21:00.0711 2868 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:21:00.0711 2868 stisvc - ok
09:21:00.0757 2868 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:21:00.0757 2868 swenum - ok
09:21:00.0804 2868 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:21:00.0804 2868 swprv - ok
09:21:00.0882 2868 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
09:21:00.0898 2868 SymDS - ok
09:21:00.0991 2868 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
09:21:01.0038 2868 SymEFA - ok
09:21:01.0116 2868 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:21:01.0132 2868 SymEvent - ok
09:21:01.0210 2868 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
09:21:01.0210 2868 SymIRON - ok
09:21:01.0272 2868 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
09:21:01.0288 2868 SymNetS - ok
09:21:01.0335 2868 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:21:01.0350 2868 SynTP - ok
09:21:01.0428 2868 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:21:01.0475 2868 SysMain - ok
09:21:01.0522 2868 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:21:01.0522 2868 TabletInputService - ok
09:21:01.0569 2868 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:21:01.0569 2868 TapiSrv - ok
09:21:01.0600 2868 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:21:01.0615 2868 TBS - ok
09:21:01.0693 2868 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:21:01.0756 2868 Tcpip - ok
09:21:01.0818 2868 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:21:01.0834 2868 TCPIP6 - ok
09:21:01.0896 2868 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:21:01.0896 2868 tcpipreg - ok
09:21:01.0943 2868 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:21:01.0974 2868 TDPIPE - ok
09:21:02.0021 2868 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:21:02.0037 2868 TDTCP - ok
09:21:02.0099 2868 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:21:02.0099 2868 tdx - ok
09:21:02.0130 2868 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:21:02.0130 2868 TermDD - ok
09:21:02.0193 2868 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:21:02.0208 2868 TermService - ok
09:21:02.0239 2868 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:21:02.0255 2868 Themes - ok
09:21:02.0302 2868 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:21:02.0302 2868 THREADORDER - ok
09:21:02.0349 2868 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:21:02.0364 2868 TrkWks - ok
09:21:02.0427 2868 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:21:02.0427 2868 TrustedInstaller - ok
09:21:02.0489 2868 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:21:02.0489 2868 tssecsrv - ok
09:21:02.0567 2868 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:21:02.0567 2868 TsUsbFlt - ok
09:21:02.0645 2868 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:21:02.0645 2868 tunnel - ok
09:21:02.0676 2868 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:21:02.0692 2868 uagp35 - ok
09:21:02.0723 2868 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:21:02.0723 2868 UBHelper - ok
09:21:02.0770 2868 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:21:02.0785 2868 udfs - ok
09:21:02.0848 2868 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:21:02.0848 2868 UI0Detect - ok
09:21:02.0895 2868 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:21:02.0910 2868 uliagpkx - ok
09:21:02.0973 2868 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:21:02.0973 2868 umbus - ok
09:21:03.0004 2868 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:21:03.0004 2868 UmPass - ok
09:21:03.0129 2868 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
09:21:03.0129 2868 Updater Service - ok
09:21:03.0175 2868 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:21:03.0175 2868 upnphost - ok
09:21:03.0285 2868 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:21:03.0300 2868 USBAAPL64 - ok
09:21:03.0347 2868 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:21:03.0347 2868 usbccgp - ok
09:21:03.0394 2868 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:21:03.0394 2868 usbcir - ok
09:21:03.0441 2868 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:21:03.0456 2868 usbehci - ok
09:21:03.0519 2868 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:21:03.0519 2868 usbhub - ok
09:21:03.0581 2868 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:21:03.0581 2868 usbohci - ok
09:21:03.0628 2868 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:21:03.0643 2868 usbprint - ok
09:21:03.0675 2868 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:21:03.0690 2868 usbscan - ok
09:21:03.0721 2868 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:21:03.0721 2868 USBSTOR - ok
09:21:03.0753 2868 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:21:03.0753 2868 usbuhci - ok
09:21:03.0815 2868 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:21:03.0815 2868 usbvideo - ok
09:21:03.0862 2868 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:21:03.0862 2868 UxSms - ok
09:21:03.0877 2868 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:21:03.0893 2868 VaultSvc - ok
09:21:03.0924 2868 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:21:03.0940 2868 vdrvroot - ok
09:21:03.0987 2868 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:21:03.0987 2868 vds - ok
09:21:04.0018 2868 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:21:04.0033 2868 vga - ok
09:21:04.0049 2868 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:21:04.0049 2868 VgaSave - ok
09:21:04.0111 2868 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:21:04.0111 2868 vhdmp - ok
09:21:04.0158 2868 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:21:04.0158 2868 viaide - ok
09:21:04.0174 2868 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:21:04.0174 2868 volmgr - ok
09:21:04.0236 2868 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:21:04.0236 2868 volmgrx - ok
09:21:04.0267 2868 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:21:04.0267 2868 volsnap - ok
09:21:04.0330 2868 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:21:04.0330 2868 vsmraid - ok
09:21:04.0408 2868 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:21:04.0455 2868 VSS - ok
09:21:04.0470 2868 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:21:04.0470 2868 vwifibus - ok
09:21:04.0548 2868 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:21:04.0548 2868 vwififlt - ok
09:21:04.0564 2868 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:21:04.0564 2868 vwifimp - ok
09:21:04.0595 2868 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:21:04.0595 2868 W32Time - ok
09:21:04.0626 2868 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:21:04.0642 2868 WacomPen - ok
09:21:04.0720 2868 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:21:04.0720 2868 WANARP - ok
09:21:04.0751 2868 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:21:04.0751 2868 Wanarpv6 - ok
09:21:04.0845 2868 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:21:04.0876 2868 WatAdminSvc - ok
09:21:04.0954 2868 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:21:04.0985 2868 wbengine - ok
09:21:05.0016 2868 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:21:05.0032 2868 WbioSrvc - ok
09:21:05.0079 2868 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:21:05.0079 2868 wcncsvc - ok
09:21:05.0110 2868 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:21:05.0110 2868 WcsPlugInService - ok
09:21:05.0157 2868 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:21:05.0157 2868 Wd - ok
09:21:05.0188 2868 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:21:05.0203 2868 Wdf01000 - ok
09:21:05.0219 2868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:21:05.0219 2868 WdiServiceHost - ok
09:21:05.0235 2868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:21:05.0235 2868 WdiSystemHost - ok
09:21:05.0297 2868 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:21:05.0297 2868 WebClient - ok
09:21:05.0344 2868 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:21:05.0344 2868 Wecsvc - ok
09:21:05.0359 2868 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:21:05.0375 2868 wercplsupport - ok
09:21:05.0422 2868 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:21:05.0422 2868 WerSvc - ok
09:21:05.0500 2868 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:21:05.0500 2868 WfpLwf - ok
09:21:05.0531 2868 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:21:05.0531 2868 WIMMount - ok
09:21:05.0547 2868 WinDefend - ok
09:21:05.0562 2868 WinHttpAutoProxySvc - ok
09:21:05.0671 2868 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:21:05.0671 2868 Winmgmt - ok
09:21:05.0765 2868 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:21:05.0812 2868 WinRM - ok
09:21:05.0874 2868 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:21:05.0874 2868 WinUsb - ok
09:21:05.0937 2868 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:21:05.0952 2868 Wlansvc - ok
09:21:06.0077 2868 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:21:06.0139 2868 wlidsvc - ok
09:21:06.0186 2868 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:21:06.0186 2868 WmiAcpi - ok
09:21:06.0233 2868 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:21:06.0233 2868 wmiApSrv - ok
09:21:06.0295 2868 WMPNetworkSvc - ok
09:21:06.0327 2868 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:21:06.0327 2868 WPCSvc - ok
09:21:06.0373 2868 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:21:06.0389 2868 WPDBusEnum - ok
09:21:06.0420 2868 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:21:06.0420 2868 ws2ifsl - ok
09:21:06.0451 2868 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:21:06.0451 2868 wscsvc - ok
09:21:06.0467 2868 WSearch - ok
09:21:06.0561 2868 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:21:06.0623 2868 wuauserv - ok
09:21:06.0654 2868 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:21:06.0654 2868 WudfPf - ok
09:21:06.0701 2868 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:21:06.0717 2868 WUDFRd - ok
09:21:06.0748 2868 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:21:06.0748 2868 wudfsvc - ok
09:21:06.0795 2868 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:21:06.0810 2868 WwanSvc - ok
09:21:06.0888 2868 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
09:21:06.0888 2868 ZTEusbmdm6k - ok
09:21:06.0919 2868 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
09:21:06.0935 2868 ZTEusbnmea - ok
09:21:06.0982 2868 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
09:21:06.0982 2868 ZTEusbser6k - ok
09:21:07.0029 2868 ================ Scan global ===============================
09:21:07.0075 2868 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:21:07.0122 2868 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:21:07.0138 2868 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:21:07.0169 2868 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:21:07.0216 2868 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:21:07.0216 2868 [Global] - ok
09:21:07.0216 2868 ================ Scan MBR ==================================
09:21:07.0231 2868 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:21:07.0606 2868 \Device\Harddisk0\DR0 - ok
09:21:07.0621 2868 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:21:12.0411 2868 \Device\Harddisk1\DR1 - ok
09:21:12.0426 2868 ================ Scan VBR ==================================
09:21:12.0426 2868 [ 95B31A88CD2E12DBC15012FE77B8F0B7 ] \Device\Harddisk0\DR0\Partition1
09:21:12.0426 2868 \Device\Harddisk0\DR0\Partition1 - ok
09:21:12.0473 2868 [ 9960F8E52E07EC8A35E1727A31053171 ] \Device\Harddisk0\DR0\Partition2
09:21:12.0473 2868 \Device\Harddisk0\DR0\Partition2 - ok
09:21:12.0489 2868 [ BFEADD704B8DB7CB9F7674E19DB7E29D ] \Device\Harddisk1\DR1\Partition1
09:21:12.0489 2868 \Device\Harddisk1\DR1\Partition1 - ok
09:21:12.0489 2868 ============================================================
09:21:12.0489 2868 Scan finished
09:21:12.0489 2868 ============================================================
09:21:12.0504 3616 Detected object count: 0
09:21:12.0504 3616 Actual detected object count: 0

ASWMBR


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-22 09:24:31
-----------------------------
09:24:31.505 OS Version: Windows x64 6.1.7601 Service Pack 1
09:24:31.505 Number of processors: 1 586 0x170A
09:24:31.505 ComputerName: TONYSARA UserName: Tony
09:24:32.894 Initialize success
09:24:46.403 AVAST engine defs: 12092100
09:24:56.521 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:24:56.536 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
09:24:56.552 Disk 0 MBR read successfully
09:24:56.552 Disk 0 MBR scan
09:24:56.567 Disk 0 Windows 7 default MBR code
09:24:56.599 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
09:24:56.614 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
09:24:56.630 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 225061 MB offset 27469824
09:24:56.661 Disk 0 scanning C:\Windows\system32\drivers
09:25:08.673 Service scanning
09:25:42.153 Modules scanning
09:25:42.168 Disk 0 trace - called modules:
09:25:42.200 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
09:25:42.714 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800449c330]
09:25:42.714 3 CLASSPNP.SYS[fffff88001d1043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002274050]
09:25:44.181 AVAST engine scan C:\Windows
09:25:47.098 AVAST engine scan C:\Windows\system32
09:29:39.447 AVAST engine scan C:\Windows\system32\drivers
09:29:58.388 AVAST engine scan C:\Users\Tony
09:41:19.575 AVAST engine scan C:\ProgramData
09:44:07.922 Scan finished successfully
09:46:14.080 Disk 0 MBR has been saved successfully to "C:\Users\Tony\Documents\MBR.dat"
09:46:14.127 The log file has been saved successfully to "C:\Users\Tony\Documents\aswMBR.txt"


This is new scan.

Thank you for your time.

Edited by TonyPEO, 22 September 2012 - 03:50 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 22 September 2012 - 07:58 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#8 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 23 September 2012 - 05:59 AM

This is the AdwCleaner, the other 2 reports i done, copied them in to the reply but i clicked on reboot on the AdwCleaner and it closed down, is there anyway i can get these back or run them again or is it to late as i have ran the AdwCleaner?


# AdwCleaner v2.002 - Logfile created 09/23/2012 at 11:49:31
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tony - TONYSARA
# Boot Mode : Normal
# Running from : C:\Users\Tony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4PXB1SA\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Tony\AppData\Local\funmoods-speeddial.crx
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Tony\AppData\LocalLow\Funmoods

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [1514 octets] - [23/09/2012 11:49:31]

########## EOF - C:\AdwCleaner[S1].txt - [1574 octets] ##########

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 23 September 2012 - 06:26 AM

The log should be in the folder in which both the tools were run

If you dont find them,run it again

#10 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 23 September 2012 - 07:31 AM

Minitoolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Tony (administrator) on 23-09-2012 at 13:28:56
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection 2 (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : TonySara
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C4-46-19-63-95-96
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : C4-46-19-63-95-96
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cd5b:97c0:b267:aa52%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 23 September 2012 11:52:49
Lease Expires . . . . . . . . . . : 24 September 2012 13:27:01
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 331630105
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-CD-87-6C-70-5A-B6-F4-CB-20
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 70-5A-B6-F4-CB-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{44EDD070-E482-4369-BC18-22A6C61DB571}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:181e:3c5b:3f57:febd(Preferred)
Link-local IPv6 Address . . . . . : fe80::181e:3c5b:3f57:febd%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{D7402161-154F-4C23-9E2C-7EBF42F755DC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: api.home
Address: 192.168.1.254

Name: google.com
Addresses: 2a00:1450:4009:806::1006
173.194.41.73
173.194.41.68
173.194.41.78
173.194.41.64
173.194.41.70
173.194.41.66
173.194.41.71
173.194.41.72
173.194.41.69
173.194.41.65
173.194.41.67


Pinging google.com [173.194.41.64] with 32 bytes of data:
Reply from 173.194.41.64: bytes=32 time=22ms TTL=52
Reply from 173.194.41.64: bytes=32 time=22ms TTL=52

Ping statistics for 173.194.41.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 22ms, Average = 22ms
Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=315ms TTL=43
Reply from 98.139.183.24: bytes=32 time=395ms TTL=43

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 315ms, Maximum = 395ms, Average = 355ms
Server: api.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 7ms, Average = 5ms
===========================================================================
Interface List
15...c4 46 19 63 95 96 ......Microsoft Virtual WiFi Miniport Adapter
11...c4 46 19 63 95 96 ......Broadcom 802.11n Network Adapter
10...70 5a b6 f4 cb 20 ......Atheros AR8132 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.66 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.66 281
192.168.1.66 255.255.255.255 On-link 192.168.1.66 281
192.168.1.255 255.255.255.255 On-link 192.168.1.66 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.66 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.66 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fb:181e:3c5b:3f57:febd/128
On-link
11 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::181e:3c5b:3f57:febd/128
On-link
11 281 fe80::cd5b:97c0:b267:aa52/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/23/2012 01:27:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4589815

Error: (09/23/2012 01:27:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4589815

Error: (09/23/2012 01:27:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/23/2012 01:27:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4585228

Error: (09/23/2012 01:27:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4585228

Error: (09/23/2012 01:27:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/23/2012 11:53:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2012 10:36:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2012 10:36:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2012 09:20:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (09/11/2012 09:30:43 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (09/11/2012 09:22:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2012 09:22:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2012 09:22:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2012 09:22:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2012 09:22:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2012 09:22:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2012 09:22:38 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/11/2012 09:22:37 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/11/2012 09:22:35 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/18/2011 09:46:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 296089 seconds with 14280 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
3Connect (Version: 3.0.0)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.0.1.152)
Adobe Reader 9.4.5 MUI (Version: 9.4.5)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.26)
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Blasterball 3 (Version: 2.2.0.82)
Bob the Builder Can-Do-Zoo (Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.82)
Chicken Invaders 3 - Revenge of the Yolk (Version: 2.2.0.82)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
eBay Worldwide (Version: 2.1.0901)
eMachines Game Console
eMachines Games (Version: 1.0.0.80)
eMachines Power Management (Version: 5.00.3002)
eMachines Recovery Management (Version: 4.05.3011)
eMachines Registration (Version: 1.03.3002)
eMachines ScreenSaver (Version: 1.1.0412.2010)
eMachines Updater (Version: 1.02.3001)
Escape Rosecliff Island (Version: 2.2.0.82)
ESET Online Scanner v3
Faerie Solitaire (Version: 2.2.0.82)
FATE - The Traitor Soul (Version: 2.2.0.82)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.123)
iBackupBot for iTunes 3.0.12 (Version: 3.0.12)
iCloud (Version: 1.1.0.40)
Identity Card (Version: 1.00.3003)
Insaniquarium Deluxe (Version: 2.2.0.82)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® Rapid Storage Technology (Version: 9.5.6.1001)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Jewel Quest (Version: 2.2.0.82)
Jewel Quest Solitaire 3 (Version: 2.2.0.82)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 4.0.6)
Mahjongg Artifacts (Version: 2.2.0.82)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton 360 (Version: 6.3.0.14)
Norton Online Backup (Version: 1.2.0.36)
NTI Backup Now 5 (Version: 5.1.2.628)
NTI Backup Now Standard (Version: 5.1.2.628)
NTI Media Maker 8 (Version: 8.0.12.6630)
Penguins! (Version: 2.2.0.82)
Polar Bowler (Version: 2.2.0.82)
Polar Golfer (Version: 2.2.0.82)
Polar Pool (Version: 2.2.0.82)
QuickTime (Version: 7.70.80.34)
Realtek High Definition Audio Driver (Version: 6.0.1.6074)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
Safari (Version: 5.33.21.1)
Sky Poker (Version: 1.65)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - A New Home (Version: 2.2.0.82)
Welcome Center (Version: 1.01.3002)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Detect
Yahtzee (Version: 2.2.0.82)
ZTE_1.2059.0.8
Zuma Deluxe (Version: 2.2.0.82)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 1977.98 MB
Available physical RAM: 792.05 MB
Total Pagefile: 3955.96 MB
Available Pagefile: 2510.7 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.55 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:219.79 GB) (Free:165.59 GB) NTFS
3 Drive e: (NBRT) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32

========================= Users: ========================================

User accounts for \\TONYSARA

Administrator Guest Tony


**** End of log ****



Farbar Service Scanner Version: 19-09-2012
Ran by Tony (administrator) on 23-09-2012 at 13:30:41
Running from "C:\Users\Tony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYC1XZT"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Thank you.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 23 September 2012 - 07:42 AM

Malwarebytes log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#12 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 23 September 2012 - 08:17 AM

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.23.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tony :: TONYSARA [administrator]

Protection: Enabled

23/09/2012 09:22:00
mbam-log-2012-09-23 (09-22-00).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 338117
Time elapsed: 1 hour(s), 9 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Tony\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Tony\AppData\Local\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Tony\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.

(end)



Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.23.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tony :: TONYSARA [administrator]

Protection: Enabled

23/09/2012 10:40:36
mbam-log-2012-09-23 (10-40-36).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 338052
Time elapsed: 56 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


I will do the next scans now.

#13 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 23 September 2012 - 08:25 AM

RKill

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/23/2012 02:18:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Tony\Desktop\rkill\rkill-09-23-2012-02-19-02.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/23/2012 02:19:20 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)


Autoruns


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acer ePower Management" "ePowerTray" "Acer Incorporated" "c:\program files\emachines\emachines power management\epowertray.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager Keyboard Application" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "NortonOnlineBackupReminder" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\activation\nobuactivation.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.1.lnk" "" "" "File not found: C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\navshext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.3.0.14\bushell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.3.0.14\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.3.0.14\ips\ipsbho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.3.0.14\coieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton 360\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.3.0.14\symerr.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BecHelperService" "Enable Bec updates" "" "c:\program files (x86)\3 mobile broadband\3connect\bechelperservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DsiWMIService" "Dritek WMI Service" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\emachines\emachines power management\epowersvc.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\emachines games\emachines game console\gameconsoleservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\emachines\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "N360" "Norton 360" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.3.0.14\ccsvchst.exe"
+ "NTIBackupSvc" "NTI Backup Now 5 Backup service for backup(restore). " "NewTech InfoSystems, Inc." "c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe"
+ "NTISchedulerSvc" "NTI Backup Now 5 Manage BackupNow backup jobs and etc..." "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Updater Service" "Updater Service" "Acer Group" "c:\program files\emachines\emachines updater\updaterservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\bashdefs\20120919.001\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\ccsetx64.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\ipsdefs\20120921.001\idsvia64.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "massfilter" "ZTE CDROM Filter" "ZTE Incorporated" "c:\windows\system32\drivers\massfilter.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\virusdefs\20120922.008\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\virusdefs\20120922.008\ex64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\srtspx64.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\ironx64.sys"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0603000.00e\symnets.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "ZTEusbmdm6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbmdm6k.sys"
+ "ZTEusbnmea" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbnmea.sys"
+ "ZTEusbser6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbser6k.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "MotionOne Audio Resampler" "" "" "c:\program files (x86)\samsung\intelli-studio\filters\ssmp4mux.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung AAC Decoding Filter" "AAC Decoder Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtraacd.dll"
+ "Samsung AAC Encoder Filter" "AAC Encoder Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtraace.dll"
+ "Samsung H264 Decoding Filter" "H.264 Decoding Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll"
+ "Samsung H264 Encoding Filter" "Pixtree h264 video encoder dshow filter" "PIXTREE, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvef.dll"
+ "Samsung MP4 Muxer Filter" "" "" "c:\program files (x86)\samsung\intelli-studio\filters\ssmp4mux.ax"
+ "Samsung MPEG-4 Splitter Filter" "Pixtree MP4 Splitter Filter" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrmp4s.dll"
+ "SlideShow" "" "" "c:\program files (x86)\newtech infosystems\nti media maker 8\photo maker\slideshow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzllwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzllwn7.dll"

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 23 September 2012 - 08:37 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 TonyPEO

TonyPEO
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 23 September 2012 - 09:30 AM

Thank you so much!!!

I appreciate all the time you spent.

Cheers.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users