Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maljavagen23 Win 7 box


  • Please log in to reply
7 replies to this topic

#1 roberth5

roberth5

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:55 AM

Posted 01 November 2012 - 01:42 PM

I have a Win 7 (Dell) box that has become very sluggish and in IE will not go to some websites. I scanned with eset and panda online, superantispyware, malwarebytes, ran CCleaner many times. And of course ran the endpoint scan which keeps coming up with maljava!gen23 warning/removal.

Is there a way to eject this malware for good?

Thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 AM

Posted 01 November 2012 - 02:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 roberth5

roberth5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:55 AM

Posted 02 November 2012 - 09:59 AM

I ran all of the scans mentioned above, The 1st one found nothing and I could not see how to generate a log.

The 2nd ran and I will attach a log.

The eset ran, nothing found, again did not see how to create or view a log.


09:02:38.0630 4484 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:02:38.0989 4484 ============================================================
09:02:38.0989 4484 Current date / time: 2012/11/02 09:02:38.0989
09:02:38.0989 4484 SystemInfo:
09:02:38.0989 4484
09:02:38.0989 4484 OS Version: 6.1.7601 ServicePack: 1.0
09:02:38.0989 4484 Product type: Workstation
09:02:38.0989 4484 ComputerName: DFD1
09:02:38.0989 4484 UserName: tommyb
09:02:38.0989 4484 Windows directory: C:\Windows
09:02:38.0989 4484 System windows directory: C:\Windows
09:02:38.0989 4484 Processor architecture: Intel x86
09:02:38.0989 4484 Number of processors: 4
09:02:38.0989 4484 Page size: 0x1000
09:02:38.0989 4484 Boot type: Normal boot
09:02:38.0989 4484 ============================================================
09:02:39.0769 4484 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:02:39.0769 4484 ============================================================
09:02:39.0769 4484 \Device\Harddisk0\DR0:
09:02:39.0784 4484 MBR partitions:
09:02:39.0784 4484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
09:02:39.0784 4484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x389EA000
09:02:39.0784 4484 ============================================================
09:02:39.0847 4484 C: <-> \Device\Harddisk0\DR0\Partition2
09:02:39.0847 4484 ============================================================
09:02:39.0847 4484 Initialize success
09:02:39.0847 4484 ============================================================
09:03:08.0067 5604 ============================================================
09:03:08.0067 5604 Scan started
09:03:08.0067 5604 Mode: Manual; TDLFS;
09:03:08.0067 5604 ============================================================
09:03:08.0722 5604 ================ Scan system memory ========================
09:03:08.0722 5604 System memory - ok
09:03:08.0722 5604 ================ Scan services =============================
09:03:08.0769 5604 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:03:08.0769 5604 !SASCORE - ok
09:03:08.0894 5604 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:03:08.0909 5604 1394ohci - ok
09:03:08.0941 5604 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:03:08.0941 5604 ACPI - ok
09:03:08.0956 5604 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:03:08.0956 5604 AcpiPmi - ok
09:03:09.0019 5604 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:03:09.0019 5604 AdobeARMservice - ok
09:03:09.0065 5604 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:03:09.0065 5604 AdobeFlashPlayerUpdateSvc - ok
09:03:09.0097 5604 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:03:09.0112 5604 adp94xx - ok
09:03:09.0112 5604 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:03:09.0128 5604 adpahci - ok
09:03:09.0128 5604 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:03:09.0128 5604 adpu320 - ok
09:03:09.0143 5604 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:03:09.0159 5604 AeLookupSvc - ok
09:03:09.0190 5604 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
09:03:09.0190 5604 AFD - ok
09:03:09.0206 5604 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:03:09.0206 5604 agp440 - ok
09:03:09.0237 5604 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:03:09.0237 5604 aic78xx - ok
09:03:09.0237 5604 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:03:09.0268 5604 ALG - ok
09:03:09.0268 5604 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:03:09.0268 5604 aliide - ok
09:03:09.0299 5604 [ FE312AE26A8BC51361D9680A7D42D92E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:03:09.0299 5604 AMD External Events Utility - ok
09:03:09.0315 5604 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:03:09.0331 5604 amdagp - ok
09:03:09.0331 5604 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:03:09.0331 5604 amdide - ok
09:03:09.0331 5604 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:03:09.0346 5604 AmdK8 - ok
09:03:09.0455 5604 [ BBB4FA5FB2D81C3E395E9A96F3DC11D9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:03:09.0549 5604 amdkmdag - ok
09:03:09.0580 5604 [ 871784C4DDC1A7016A3804614468C10E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:03:09.0580 5604 amdkmdap - ok
09:03:09.0596 5604 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:03:09.0596 5604 AmdPPM - ok
09:03:09.0596 5604 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:03:09.0611 5604 amdsata - ok
09:03:09.0627 5604 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:03:09.0627 5604 amdsbs - ok
09:03:09.0643 5604 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:03:09.0643 5604 amdxata - ok
09:03:09.0674 5604 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:03:09.0674 5604 AppID - ok
09:03:09.0705 5604 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:03:09.0721 5604 AppIDSvc - ok
09:03:09.0721 5604 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
09:03:09.0721 5604 Appinfo - ok
09:03:09.0736 5604 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
09:03:09.0752 5604 AppMgmt - ok
09:03:09.0752 5604 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
09:03:09.0767 5604 arc - ok
09:03:09.0783 5604 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:03:09.0783 5604 arcsas - ok
09:03:09.0861 5604 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:03:09.0908 5604 aspnet_state - ok
09:03:09.0923 5604 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:03:09.0923 5604 AsyncMac - ok
09:03:09.0939 5604 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:03:09.0939 5604 atapi - ok
09:03:09.0986 5604 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:03:10.0001 5604 AudioEndpointBuilder - ok
09:03:10.0017 5604 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:03:10.0017 5604 Audiosrv - ok
09:03:10.0033 5604 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:03:10.0048 5604 AxInstSV - ok
09:03:10.0064 5604 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
09:03:10.0079 5604 b06bdrv - ok
09:03:10.0095 5604 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:03:10.0095 5604 b57nd60x - ok
09:03:10.0126 5604 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:03:10.0126 5604 BDESVC - ok
09:03:10.0142 5604 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:03:10.0142 5604 Beep - ok
09:03:10.0157 5604 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:03:10.0173 5604 BFE - ok
09:03:10.0204 5604 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
09:03:10.0220 5604 BITS - ok
09:03:10.0251 5604 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:03:10.0251 5604 blbdrive - ok
09:03:10.0282 5604 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:03:10.0282 5604 bowser - ok
09:03:10.0298 5604 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:03:10.0298 5604 BrFiltLo - ok
09:03:10.0313 5604 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:03:10.0329 5604 BrFiltUp - ok
09:03:10.0345 5604 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:03:10.0360 5604 BridgeMP - ok
09:03:10.0360 5604 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:03:10.0376 5604 Browser - ok
09:03:10.0391 5604 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:03:10.0407 5604 Brserid - ok
09:03:10.0407 5604 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:03:10.0407 5604 BrSerWdm - ok
09:03:10.0423 5604 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:03:10.0423 5604 BrUsbMdm - ok
09:03:10.0438 5604 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:03:10.0438 5604 BrUsbSer - ok
09:03:10.0438 5604 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:03:10.0454 5604 BTHMODEM - ok
09:03:10.0469 5604 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:03:10.0485 5604 bthserv - ok
09:03:10.0610 5604 catchme - ok
09:03:10.0657 5604 [ 399A7DF138D2110A3EB9BD64D6327F62 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
09:03:10.0657 5604 ccEvtMgr - ok
09:03:10.0703 5604 [ 399A7DF138D2110A3EB9BD64D6327F62 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
09:03:10.0703 5604 ccSetMgr - ok
09:03:10.0750 5604 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:03:10.0750 5604 cdfs - ok
09:03:10.0797 5604 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:03:10.0797 5604 cdrom - ok
09:03:10.0813 5604 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:03:10.0828 5604 CertPropSvc - ok
09:03:10.0844 5604 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
09:03:10.0859 5604 circlass - ok
09:03:10.0875 5604 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:03:10.0875 5604 CLFS - ok
09:03:10.0922 5604 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:03:10.0953 5604 clr_optimization_v2.0.50727_32 - ok
09:03:10.0984 5604 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:03:11.0000 5604 clr_optimization_v4.0.30319_32 - ok
09:03:11.0015 5604 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:03:11.0031 5604 CmBatt - ok
09:03:11.0031 5604 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:03:11.0031 5604 cmdide - ok
09:03:11.0062 5604 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
09:03:11.0078 5604 CNG - ok
09:03:11.0109 5604 [ 83B54F32C6F55D853AD67A0C45D258C7 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
09:03:11.0125 5604 CnxtHdAudService - ok
09:03:11.0140 5604 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:03:11.0140 5604 Compbatt - ok
09:03:11.0156 5604 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:03:11.0156 5604 CompositeBus - ok
09:03:11.0156 5604 COMSysApp - ok
09:03:11.0171 5604 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:03:11.0187 5604 crcdisk - ok
09:03:11.0203 5604 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:03:11.0203 5604 CryptSvc - ok
09:03:11.0234 5604 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
09:03:11.0234 5604 CSC - ok
09:03:11.0249 5604 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
09:03:11.0249 5604 CscService - ok
09:03:11.0281 5604 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:03:11.0281 5604 DcomLaunch - ok
09:03:11.0296 5604 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:03:11.0312 5604 defragsvc - ok
09:03:11.0312 5604 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:03:11.0312 5604 DfsC - ok
09:03:11.0359 5604 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:03:11.0359 5604 Dhcp - ok
09:03:11.0374 5604 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:03:11.0374 5604 discache - ok
09:03:11.0405 5604 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
09:03:11.0405 5604 Disk - ok
09:03:11.0421 5604 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:03:11.0437 5604 dmvsc - ok
09:03:11.0452 5604 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:03:11.0468 5604 Dnscache - ok
09:03:11.0483 5604 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:03:11.0483 5604 dot3svc - ok
09:03:11.0530 5604 [ B5E479EB83707DD698F66953E922042C ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:03:11.0546 5604 dot4 - ok
09:03:11.0546 5604 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:03:11.0561 5604 Dot4Print - ok
09:03:11.0577 5604 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:03:11.0593 5604 dot4usb - ok
09:03:11.0593 5604 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:03:11.0608 5604 DPS - ok
09:03:11.0624 5604 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:03:11.0639 5604 drmkaud - ok
09:03:11.0671 5604 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:03:11.0671 5604 DXGKrnl - ok
09:03:11.0686 5604 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:03:11.0686 5604 EapHost - ok
09:03:11.0749 5604 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
09:03:11.0811 5604 ebdrv - ok
09:03:11.0842 5604 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:03:11.0842 5604 eeCtrl - ok
09:03:11.0858 5604 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
09:03:11.0873 5604 EFS - ok
09:03:11.0936 5604 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:03:11.0998 5604 ehRecvr - ok
09:03:12.0014 5604 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:03:12.0014 5604 ehSched - ok
09:03:12.0045 5604 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:03:12.0061 5604 elxstor - ok
09:03:12.0076 5604 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:03:12.0076 5604 EraserUtilRebootDrv - ok
09:03:12.0092 5604 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:03:12.0092 5604 ErrDev - ok
09:03:12.0139 5604 esgiguard - ok
09:03:12.0170 5604 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:03:12.0185 5604 EventSystem - ok
09:03:12.0201 5604 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:03:12.0201 5604 exfat - ok
09:03:12.0217 5604 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:03:12.0232 5604 fastfat - ok
09:03:12.0248 5604 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:03:12.0295 5604 Fax - ok
09:03:12.0310 5604 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
09:03:12.0310 5604 fdc - ok
09:03:12.0326 5604 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:03:12.0326 5604 fdPHost - ok
09:03:12.0326 5604 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:03:12.0341 5604 FDResPub - ok
09:03:12.0341 5604 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:03:12.0341 5604 FileInfo - ok
09:03:12.0341 5604 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:03:12.0357 5604 Filetrace - ok
09:03:12.0373 5604 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:03:12.0373 5604 flpydisk - ok
09:03:12.0388 5604 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:03:12.0388 5604 FltMgr - ok
09:03:12.0419 5604 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
09:03:12.0435 5604 FontCache - ok
09:03:12.0466 5604 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:03:12.0466 5604 FontCache3.0.0.0 - ok
09:03:12.0466 5604 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:03:12.0482 5604 FsDepends - ok
09:03:12.0513 5604 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:03:12.0513 5604 Fs_Rec - ok
09:03:12.0529 5604 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:03:12.0529 5604 fvevol - ok
09:03:12.0529 5604 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:03:12.0544 5604 gagp30kx - ok
09:03:12.0575 5604 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:03:12.0575 5604 gpsvc - ok
09:03:12.0653 5604 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:03:12.0653 5604 gupdate - ok
09:03:12.0653 5604 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:03:12.0653 5604 gupdatem - ok
09:03:12.0669 5604 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:03:12.0669 5604 hcw85cir - ok
09:03:12.0700 5604 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:03:12.0700 5604 HDAudBus - ok
09:03:12.0716 5604 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:03:12.0716 5604 HidBatt - ok
09:03:12.0716 5604 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:03:12.0731 5604 HidBth - ok
09:03:12.0747 5604 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:03:12.0747 5604 HidIr - ok
09:03:12.0763 5604 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
09:03:12.0778 5604 hidserv - ok
09:03:12.0778 5604 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:03:12.0778 5604 HidUsb - ok
09:03:12.0809 5604 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:03:12.0825 5604 hkmsvc - ok
09:03:12.0841 5604 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:03:12.0856 5604 HomeGroupListener - ok
09:03:12.0872 5604 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:03:12.0872 5604 HomeGroupProvider - ok
09:03:12.0903 5604 [ 299683D4C8AAA3F6F5D5D226A1782A6E ] HPFXBULK C:\Windows\system32\drivers\hpfxbulk.sys
09:03:12.0903 5604 HPFXBULK - ok
09:03:12.0919 5604 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:03:12.0934 5604 HpSAMD - ok
09:03:12.0950 5604 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:03:12.0950 5604 HTTP - ok
09:03:12.0965 5604 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:03:12.0965 5604 hwpolicy - ok
09:03:12.0981 5604 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:03:12.0981 5604 i8042prt - ok
09:03:13.0012 5604 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:03:13.0012 5604 iaStorV - ok
09:03:13.0059 5604 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:03:13.0090 5604 idsvc - ok
09:03:13.0090 5604 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:03:13.0106 5604 iirsp - ok
09:03:13.0137 5604 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
09:03:13.0153 5604 IKEEXT - ok
09:03:13.0184 5604 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:03:13.0184 5604 intelide - ok
09:03:13.0215 5604 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:03:13.0215 5604 intelppm - ok
09:03:13.0215 5604 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:03:13.0231 5604 IPBusEnum - ok
09:03:13.0246 5604 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:03:13.0262 5604 IpFilterDriver - ok
09:03:13.0262 5604 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:03:13.0277 5604 iphlpsvc - ok
09:03:13.0277 5604 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:03:13.0293 5604 IPMIDRV - ok
09:03:13.0293 5604 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:03:13.0309 5604 IPNAT - ok
09:03:13.0324 5604 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:03:13.0324 5604 IRENUM - ok
09:03:13.0324 5604 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:03:13.0324 5604 isapnp - ok
09:03:13.0340 5604 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:03:13.0355 5604 iScsiPrt - ok
09:03:13.0402 5604 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files\Intel\Services\IPT\jhi_service.exe
09:03:13.0402 5604 jhi_service - ok
09:03:13.0418 5604 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:03:13.0418 5604 kbdclass - ok
09:03:13.0433 5604 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:03:13.0433 5604 kbdhid - ok
09:03:13.0449 5604 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
09:03:13.0449 5604 KeyIso - ok
09:03:13.0480 5604 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:03:13.0480 5604 KSecDD - ok
09:03:13.0496 5604 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:03:13.0496 5604 KSecPkg - ok
09:03:13.0511 5604 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:03:13.0527 5604 KtmRm - ok
09:03:13.0558 5604 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
09:03:13.0574 5604 LanmanServer - ok
09:03:13.0589 5604 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:03:13.0605 5604 LanmanWorkstation - ok
09:03:13.0683 5604 [ F3FE36DDE7F59B7D4F9581C920670198 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
09:03:13.0699 5604 LiveUpdate - ok
09:03:13.0730 5604 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:03:13.0730 5604 lltdio - ok
09:03:13.0761 5604 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:03:13.0761 5604 lltdsvc - ok
09:03:13.0777 5604 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:03:13.0792 5604 lmhosts - ok
09:03:13.0870 5604 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
09:03:13.0870 5604 LMIGuardianSvc - ok
09:03:13.0886 5604 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
09:03:13.0886 5604 LMIInfo - ok
09:03:13.0917 5604 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
09:03:13.0917 5604 LMIMaint - ok
09:03:13.0933 5604 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
09:03:13.0933 5604 lmimirr - ok
09:03:13.0933 5604 LMIRfsClientNP - ok
09:03:13.0948 5604 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
09:03:13.0964 5604 LMIRfsDriver - ok
09:03:13.0995 5604 [ 5F5899711DF18A02162B6D518C17B0D7 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:03:14.0011 5604 LMS - ok
09:03:14.0011 5604 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
09:03:14.0026 5604 LogMeIn - ok
09:03:14.0042 5604 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:03:14.0057 5604 LSI_FC - ok
09:03:14.0057 5604 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:03:14.0057 5604 LSI_SAS - ok
09:03:14.0073 5604 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:03:14.0073 5604 LSI_SAS2 - ok
09:03:14.0073 5604 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:03:14.0089 5604 LSI_SCSI - ok
09:03:14.0089 5604 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:03:14.0089 5604 luafv - ok
09:03:14.0120 5604 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:03:14.0120 5604 Mcx2Svc - ok
09:03:14.0120 5604 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
09:03:14.0135 5604 megasas - ok
09:03:14.0151 5604 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:03:14.0151 5604 MegaSR - ok
09:03:14.0167 5604 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
09:03:14.0167 5604 MEI - ok
09:03:14.0182 5604 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:03:14.0182 5604 MMCSS - ok
09:03:14.0182 5604 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:03:14.0198 5604 Modem - ok
09:03:14.0213 5604 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:03:14.0213 5604 monitor - ok
09:03:14.0229 5604 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:03:14.0229 5604 mouclass - ok
09:03:14.0245 5604 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:03:14.0245 5604 mouhid - ok
09:03:14.0245 5604 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:03:14.0245 5604 mountmgr - ok
09:03:14.0323 5604 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:03:14.0323 5604 MozillaMaintenance - ok
09:03:14.0338 5604 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:03:14.0338 5604 mpio - ok
09:03:14.0354 5604 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:03:14.0354 5604 mpsdrv - ok
09:03:14.0385 5604 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:03:14.0401 5604 MpsSvc - ok
09:03:14.0401 5604 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:03:14.0401 5604 MRxDAV - ok
09:03:14.0432 5604 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:03:14.0432 5604 mrxsmb - ok
09:03:14.0447 5604 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:03:14.0447 5604 mrxsmb10 - ok
09:03:14.0463 5604 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:03:14.0463 5604 mrxsmb20 - ok
09:03:14.0479 5604 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:03:14.0494 5604 msahci - ok
09:03:14.0525 5604 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:03:14.0525 5604 msdsm - ok
09:03:14.0541 5604 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:03:14.0572 5604 MSDTC - ok
09:03:14.0572 5604 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:03:14.0572 5604 Msfs - ok
09:03:14.0588 5604 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:03:14.0588 5604 mshidkmdf - ok
09:03:14.0603 5604 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:03:14.0603 5604 msisadrv - ok
09:03:14.0619 5604 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:03:14.0635 5604 MSiSCSI - ok
09:03:14.0635 5604 msiserver - ok
09:03:14.0666 5604 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:03:14.0666 5604 MSKSSRV - ok
09:03:14.0681 5604 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:03:14.0681 5604 MSPCLOCK - ok
09:03:14.0697 5604 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:03:14.0697 5604 MSPQM - ok
09:03:14.0713 5604 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:03:14.0713 5604 MsRPC - ok
09:03:14.0728 5604 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:03:14.0728 5604 mssmbios - ok
09:03:14.0728 5604 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:03:14.0744 5604 MSTEE - ok
09:03:14.0744 5604 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:03:14.0744 5604 MTConfig - ok
09:03:14.0759 5604 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
09:03:14.0759 5604 Mup - ok
09:03:14.0791 5604 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
09:03:14.0791 5604 napagent - ok
09:03:14.0822 5604 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:03:14.0822 5604 NativeWifiP - ok
09:03:14.0931 5604 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121101.032\NAVENG.SYS
09:03:14.0931 5604 NAVENG - ok
09:03:14.0962 5604 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121101.032\NAVEX15.SYS
09:03:15.0009 5604 NAVEX15 - ok
09:03:15.0025 5604 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:03:15.0040 5604 NDIS - ok
09:03:15.0056 5604 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:03:15.0056 5604 NdisCap - ok
09:03:15.0071 5604 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:03:15.0071 5604 NdisTapi - ok
09:03:15.0087 5604 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:03:15.0087 5604 Ndisuio - ok
09:03:15.0087 5604 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:03:15.0103 5604 NdisWan - ok
09:03:15.0103 5604 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:03:15.0103 5604 NDProxy - ok
09:03:15.0149 5604 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:03:15.0149 5604 Net Driver HPZ12 - ok
09:03:15.0165 5604 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:03:15.0165 5604 NetBIOS - ok
09:03:15.0181 5604 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:03:15.0181 5604 NetBT - ok
09:03:15.0181 5604 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
09:03:15.0181 5604 Netlogon - ok
09:03:15.0227 5604 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
09:03:15.0243 5604 Netman - ok
09:03:15.0259 5604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:03:15.0274 5604 NetMsmqActivator - ok
09:03:15.0290 5604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:03:15.0290 5604 NetPipeActivator - ok
09:03:15.0305 5604 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
09:03:15.0321 5604 netprofm - ok
09:03:15.0321 5604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:03:15.0321 5604 NetTcpActivator - ok
09:03:15.0321 5604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:03:15.0321 5604 NetTcpPortSharing - ok
09:03:15.0352 5604 [ 104BE93F0607C6AA0D85319581F96EC2 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
09:03:15.0352 5604 netvsc - ok
09:03:15.0368 5604 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:03:15.0383 5604 nfrd960 - ok
09:03:15.0399 5604 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:03:15.0415 5604 NlaSvc - ok
09:03:15.0430 5604 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:03:15.0430 5604 Npfs - ok
09:03:15.0446 5604 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
09:03:15.0446 5604 nsi - ok
09:03:15.0446 5604 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:03:15.0446 5604 nsiproxy - ok
09:03:15.0493 5604 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:03:15.0493 5604 Ntfs - ok
09:03:15.0508 5604 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
09:03:15.0508 5604 Null - ok
09:03:15.0524 5604 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:03:15.0539 5604 nvraid - ok
09:03:15.0555 5604 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:03:15.0555 5604 nvstor - ok
09:03:15.0571 5604 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:03:15.0586 5604 nv_agp - ok
09:03:15.0586 5604 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:03:15.0586 5604 ohci1394 - ok
09:03:15.0617 5604 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:03:15.0649 5604 ose - ok
09:03:15.0727 5604 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:03:15.0742 5604 osppsvc - ok
09:03:15.0758 5604 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:03:15.0773 5604 p2pimsvc - ok
09:03:15.0789 5604 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
09:03:15.0805 5604 p2psvc - ok
09:03:15.0820 5604 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
09:03:15.0836 5604 Parport - ok
09:03:15.0851 5604 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:03:15.0851 5604 partmgr - ok
09:03:15.0867 5604 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:03:15.0883 5604 Parvdm - ok
09:03:15.0883 5604 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:03:15.0898 5604 PcaSvc - ok
09:03:15.0914 5604 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
09:03:15.0914 5604 pci - ok
09:03:15.0945 5604 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
09:03:15.0945 5604 pciide - ok
09:03:15.0961 5604 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:03:15.0976 5604 pcmcia - ok
09:03:15.0992 5604 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
09:03:15.0992 5604 pcw - ok
09:03:16.0007 5604 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:03:16.0007 5604 PEAUTH - ok
09:03:16.0039 5604 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:03:16.0070 5604 PeerDistSvc - ok
09:03:16.0101 5604 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
09:03:16.0163 5604 pla - ok
09:03:16.0195 5604 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:03:16.0210 5604 PlugPlay - ok
09:03:16.0210 5604 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:03:16.0226 5604 Pml Driver HPZ12 - ok
09:03:16.0226 5604 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:03:16.0241 5604 PNRPAutoReg - ok
09:03:16.0241 5604 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:03:16.0241 5604 PNRPsvc - ok
09:03:16.0273 5604 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:03:16.0288 5604 PolicyAgent - ok
09:03:16.0304 5604 [ AC42F771CC29727BD1663F211E9AC507 ] Power C:\Windows\system32\umpo.dll
09:03:16.0304 5604 Power - ok
09:03:16.0335 5604 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:03:16.0335 5604 PptpMiniport - ok
09:03:16.0335 5604 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
09:03:16.0335 5604 Processor - ok
09:03:16.0366 5604 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
09:03:16.0382 5604 ProfSvc - ok
09:03:16.0397 5604 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:03:16.0397 5604 ProtectedStorage - ok
09:03:16.0413 5604 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:03:16.0413 5604 Psched - ok
09:03:16.0444 5604 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:03:16.0444 5604 PxHelp20 - ok
09:03:16.0491 5604 [ 17996CA5C59259AE02CA95BD11D7BEEC ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:03:16.0491 5604 QBCFMonitorService - ok
09:03:16.0507 5604 [ 2241EAF40E472C471CB80CF6B97CCA11 ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:03:16.0522 5604 QBFCService - ok
09:03:16.0553 5604 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:03:16.0600 5604 ql2300 - ok
09:03:16.0600 5604 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:03:16.0616 5604 ql40xx - ok
09:03:16.0631 5604 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
09:03:16.0647 5604 QWAVE - ok
09:03:16.0647 5604 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:03:16.0663 5604 QWAVEdrv - ok
09:03:16.0663 5604 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:03:16.0663 5604 RasAcd - ok
09:03:16.0694 5604 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:03:16.0694 5604 RasAgileVpn - ok
09:03:16.0694 5604 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
09:03:16.0709 5604 RasAuto - ok
09:03:16.0741 5604 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:03:16.0741 5604 Rasl2tp - ok
09:03:16.0756 5604 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
09:03:16.0772 5604 RasMan - ok
09:03:16.0787 5604 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:03:16.0787 5604 RasPppoe - ok
09:03:16.0787 5604 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:03:16.0787 5604 RasSstp - ok
09:03:16.0803 5604 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:03:16.0803 5604 rdbss - ok
09:03:16.0819 5604 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:03:16.0819 5604 rdpbus - ok
09:03:16.0819 5604 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:03:16.0819 5604 RDPCDD - ok
09:03:16.0850 5604 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:03:16.0850 5604 RDPDR - ok
09:03:16.0850 5604 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:03:16.0850 5604 RDPENCDD - ok
09:03:16.0865 5604 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:03:16.0865 5604 RDPREFMP - ok
09:03:16.0897 5604 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:03:16.0897 5604 RDPWD - ok
09:03:16.0912 5604 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:03:16.0912 5604 rdyboost - ok
09:03:16.0943 5604 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
09:03:16.0959 5604 RemoteAccess - ok
09:03:16.0959 5604 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:03:16.0975 5604 RemoteRegistry - ok
09:03:17.0053 5604 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:03:17.0099 5604 RoxMediaDB12OEM - ok
09:03:17.0115 5604 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:03:17.0131 5604 RoxWatch12 - ok
09:03:17.0162 5604 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:03:17.0162 5604 RpcEptMapper - ok
09:03:17.0177 5604 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
09:03:17.0193 5604 RpcLocator - ok
09:03:17.0209 5604 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
09:03:17.0209 5604 RpcSs - ok
09:03:17.0240 5604 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:03:17.0240 5604 rspndr - ok
09:03:17.0255 5604 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
09:03:17.0255 5604 RTL8167 - ok
09:03:17.0287 5604 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:03:17.0287 5604 s3cap - ok
09:03:17.0287 5604 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
09:03:17.0302 5604 SamSs - ok
09:03:17.0333 5604 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:03:17.0333 5604 SASDIFSV - ok
09:03:17.0349 5604 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:03:17.0365 5604 SASKUTIL - ok
09:03:17.0380 5604 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:03:17.0396 5604 sbp2port - ok
09:03:17.0427 5604 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:03:17.0427 5604 SCardSvr - ok
09:03:17.0443 5604 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:03:17.0458 5604 scfilter - ok
09:03:17.0474 5604 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
09:03:17.0489 5604 Schedule - ok
09:03:17.0505 5604 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:03:17.0505 5604 SCPolicySvc - ok
09:03:17.0505 5604 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:03:17.0521 5604 SDRSVC - ok
09:03:17.0536 5604 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:03:17.0536 5604 secdrv - ok
09:03:17.0552 5604 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
09:03:17.0552 5604 seclogon - ok
09:03:17.0567 5604 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
09:03:17.0567 5604 SENS - ok
09:03:17.0583 5604 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:03:17.0599 5604 SensrSvc - ok
09:03:17.0614 5604 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:03:17.0614 5604 Serenum - ok
09:03:17.0630 5604 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:03:17.0630 5604 Serial - ok
09:03:17.0645 5604 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:03:17.0645 5604 sermouse - ok
09:03:17.0677 5604 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
09:03:17.0677 5604 SessionEnv - ok
09:03:17.0692 5604 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:03:17.0692 5604 sffdisk - ok
09:03:17.0692 5604 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:03:17.0708 5604 sffp_mmc - ok
09:03:17.0723 5604 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:03:17.0723 5604 sffp_sd - ok
09:03:17.0723 5604 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:03:17.0723 5604 sfloppy - ok
09:03:17.0770 5604 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:03:17.0770 5604 SharedAccess - ok
09:03:17.0786 5604 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:03:17.0801 5604 ShellHWDetection - ok
09:03:17.0801 5604 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:03:17.0817 5604 sisagp - ok
09:03:17.0833 5604 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:03:17.0833 5604 SiSRaid2 - ok
09:03:17.0833 5604 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:03:17.0848 5604 SiSRaid4 - ok
09:03:17.0864 5604 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:03:17.0864 5604 Smb - ok
09:03:17.0973 5604 [ A58CFA1B9D223B1E13F756CFC3DD8F63 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
09:03:17.0989 5604 SmcService - ok
09:03:18.0004 5604 [ 5DF21EEECC50A04FAA2E771E6728543D ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
09:03:18.0035 5604 SNAC - ok
09:03:18.0067 5604 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:03:18.0082 5604 SNMPTRAP - ok
09:03:18.0113 5604 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
09:03:18.0129 5604 SPBBCDrv - ok
09:03:18.0145 5604 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
09:03:18.0145 5604 spldr - ok
09:03:18.0176 5604 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
09:03:18.0176 5604 Spooler - ok
09:03:18.0238 5604 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
09:03:18.0472 5604 sppsvc - ok
09:03:18.0488 5604 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:03:18.0488 5604 sppuinotify - ok
09:03:18.0503 5604 [ 14389E87D0D2E25B12BF2CC74CFAEE07 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
09:03:18.0519 5604 SRTSP - ok
09:03:18.0535 5604 [ AED0F68C185FE698A21CEFCD76F0B8A4 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
09:03:18.0550 5604 SRTSPL - ok
09:03:18.0581 5604 [ 0E2CA6326726477FE29863808BBAD413 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
09:03:18.0581 5604 SRTSPX - ok
09:03:18.0597 5604 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:03:18.0613 5604 srv - ok
09:03:18.0613 5604 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:03:18.0613 5604 srv2 - ok
09:03:18.0628 5604 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:03:18.0628 5604 srvnet - ok
09:03:18.0659 5604 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:03:18.0659 5604 SSDPSRV - ok
09:03:18.0675 5604 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:03:18.0691 5604 SstpSvc - ok
09:03:18.0706 5604 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:03:18.0706 5604 stexstor - ok
09:03:18.0737 5604 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
09:03:18.0753 5604 StiSvc - ok
09:03:18.0769 5604 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:03:18.0784 5604 stllssvr - ok
09:03:18.0800 5604 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
09:03:18.0800 5604 StorSvc - ok
09:03:18.0831 5604 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:03:18.0831 5604 storvsc - ok
09:03:18.0831 5604 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:03:18.0831 5604 swenum - ok
09:03:18.0862 5604 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
09:03:18.0862 5604 swprv - ok
09:03:18.0909 5604 [ 96900995907415FB4A8A18D97B3AA4A3 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
09:03:18.0925 5604 Symantec AntiVirus - ok
09:03:18.0940 5604 [ E42A34E6F5CA71A84D4C2DE620AAD13D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
09:03:18.0956 5604 SymEvent - ok
09:03:18.0956 5604 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
09:03:18.0956 5604 SYMREDRV - ok
09:03:18.0971 5604 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
09:03:18.0971 5604 SYMTDI - ok
09:03:18.0987 5604 [ 04990C25043705985F1EC40BF704AAAC ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
09:03:18.0987 5604 SynthVid - ok
09:03:19.0018 5604 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
09:03:19.0049 5604 SysMain - ok
09:03:19.0049 5604 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:03:19.0065 5604 TabletInputService - ok
09:03:19.0065 5604 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
09:03:19.0081 5604 TapiSrv - ok
09:03:19.0081 5604 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
09:03:19.0096 5604 TBS - ok
09:03:19.0127 5604 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:03:19.0143 5604 Tcpip - ok
09:03:19.0174 5604 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:03:19.0174 5604 TCPIP6 - ok
09:03:19.0205 5604 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:03:19.0205 5604 tcpipreg - ok
09:03:19.0221 5604 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:03:19.0221 5604 TDPIPE - ok
09:03:19.0252 5604 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:03:19.0252 5604 TDTCP - ok
09:03:19.0268 5604 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:03:19.0268 5604 tdx - ok
09:03:19.0268 5604 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:03:19.0268 5604 TermDD - ok
09:03:19.0299 5604 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
09:03:19.0315 5604 TermService - ok
09:03:19.0330 5604 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
09:03:19.0346 5604 Themes - ok
09:03:19.0346 5604 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
09:03:19.0346 5604 THREADORDER - ok
09:03:19.0361 5604 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
09:03:19.0377 5604 TrkWks - ok
09:03:19.0408 5604 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:03:19.0408 5604 TrustedInstaller - ok
09:03:19.0408 5604 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:03:19.0408 5604 tssecsrv - ok
09:03:19.0424 5604 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:03:19.0439 5604 TsUsbFlt - ok
09:03:19.0455 5604 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:03:19.0471 5604 TsUsbGD - ok
09:03:19.0486 5604 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:03:19.0486 5604 tunnel - ok
09:03:19.0502 5604 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:03:19.0502 5604 uagp35 - ok
09:03:19.0517 5604 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:03:19.0533 5604 udfs - ok
09:03:19.0549 5604 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:03:19.0564 5604 UI0Detect - ok
09:03:19.0595 5604 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:03:19.0595 5604 uliagpkx - ok
09:03:19.0611 5604 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:03:19.0611 5604 umbus - ok
09:03:19.0627 5604 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
09:03:19.0627 5604 UmPass - ok
09:03:19.0642 5604 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
09:03:19.0658 5604 UmRdpService - ok
09:03:19.0736 5604 [ F7A1F83F28B125AA3737BC06EABB0CD5 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:03:19.0751 5604 UNS - ok
09:03:19.0767 5604 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
09:03:19.0783 5604 upnphost - ok
09:03:19.0798 5604 [ 4663AD7F61519E88687393BFCB154E4C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:03:19.0798 5604 usbccgp - ok
09:03:19.0829 5604 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:03:19.0829 5604 usbcir - ok
09:03:19.0861 5604 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:03:19.0861 5604 usbehci - ok
09:03:19.0892 5604 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:03:19.0892 5604 usbhub - ok
09:03:19.0923 5604 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:03:19.0923 5604 usbohci - ok
09:03:19.0939 5604 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:03:19.0939 5604 usbprint - ok
09:03:19.0954 5604 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:03:19.0970 5604 USBSTOR - ok
09:03:19.0985 5604 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:03:19.0985 5604 usbuhci - ok
09:03:20.0001 5604 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
09:03:20.0017 5604 UxSms - ok
09:03:20.0017 5604 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
09:03:20.0032 5604 VaultSvc - ok
09:03:20.0032 5604 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:03:20.0032 5604 vdrvroot - ok
09:03:20.0048 5604 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
09:03:20.0063 5604 vds - ok
09:03:20.0079 5604 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:03:20.0079 5604 vga - ok
09:03:20.0095 5604 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:03:20.0095 5604 VgaSave - ok
09:03:20.0095 5604 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:03:20.0110 5604 vhdmp - ok
09:03:20.0126 5604 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:03:20.0141 5604 viaagp - ok
09:03:20.0157 5604 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:03:20.0157 5604 ViaC7 - ok
09:03:20.0173 5604 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
09:03:20.0173 5604 viaide - ok
09:03:20.0188 5604 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:03:20.0188 5604 VMBusHID - ok
09:03:20.0204 5604 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:03:20.0204 5604 volmgr - ok
09:03:20.0219 5604 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:03:20.0219 5604 volmgrx - ok
09:03:20.0235 5604 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:03:20.0235 5604 volsnap - ok
09:03:20.0251 5604 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:03:20.0266 5604 vsmraid - ok
09:03:20.0297 5604 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
09:03:20.0313 5604 VSS - ok
09:03:20.0313 5604 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:03:20.0329 5604 vwifibus - ok
09:03:20.0329 5604 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
09:03:20.0344 5604 W32Time - ok
09:03:20.0344 5604 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:03:20.0344 5604 WacomPen - ok
09:03:20.0360 5604 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:03:20.0360 5604 WANARP - ok
09:03:20.0360 5604 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:03:20.0360 5604 Wanarpv6 - ok
09:03:20.0407 5604 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:03:20.0453 5604 WatAdminSvc - ok
09:03:20.0485 5604 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
09:03:20.0516 5604 wbengine - ok
09:03:20.0531 5604 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:03:20.0531 5604 WbioSrvc - ok
09:03:20.0547 5604 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:03:20.0547 5604 wcncsvc - ok
09:03:20.0563 5604 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:03:20.0563 5604 WcsPlugInService - ok
09:03:20.0594 5604 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
09:03:20.0594 5604 Wd - ok
09:03:20.0609 5604 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:03:20.0625 5604 Wdf01000 - ok
09:03:20.0625 5604 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:03:20.0625 5604 WdiServiceHost - ok
09:03:20.0625 5604 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:03:20.0641 5604 WdiSystemHost - ok
09:03:20.0641 5604 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
09:03:20.0656 5604 WebClient - ok
09:03:20.0672 5604 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:03:20.0672 5604 Wecsvc - ok
09:03:20.0687 5604 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:03:20.0703 5604 wercplsupport - ok
09:03:20.0719 5604 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
09:03:20.0719 5604 WerSvc - ok
09:03:20.0734 5604 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:03:20.0734 5604 WfpLwf - ok
09:03:20.0750 5604 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:03:20.0750 5604 WIMMount - ok
09:03:20.0781 5604 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:03:20.0797 5604 WinDefend - ok
09:03:20.0812 5604 WinHttpAutoProxySvc - ok
09:03:20.0843 5604 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:03:20.0859 5604 Winmgmt - ok
09:03:20.0890 5604 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
09:03:20.0921 5604 WinRM - ok
09:03:20.0968 5604 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:03:20.0984 5604 Wlansvc - ok
09:03:21.0015 5604 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:03:21.0031 5604 wlcrasvc - ok
09:03:21.0077 5604 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:03:21.0093 5604 wlidsvc - ok
09:03:21.0109 5604 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:03:21.0109 5604 WmiAcpi - ok
09:03:21.0140 5604 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:03:21.0155 5604 wmiApSrv - ok
09:03:21.0187 5604 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:03:21.0233 5604 WMPNetworkSvc - ok
09:03:21.0249 5604 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:03:21.0249 5604 WPCSvc - ok
09:03:21.0265 5604 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:03:21.0265 5604 WPDBusEnum - ok
09:03:21.0280 5604 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:03:21.0280 5604 ws2ifsl - ok
09:03:21.0280 5604 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
09:03:21.0296 5604 wscsvc - ok
09:03:21.0327 5604 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:03:21.0327 5604 WSDPrintDevice - ok
09:03:21.0327 5604 WSearch - ok
09:03:21.0374 5604 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:03:21.0405 5604 wuauserv - ok
09:03:21.0421 5604 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:03:21.0436 5604 WudfPf - ok
09:03:21.0452 5604 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:03:21.0452 5604 wudfsvc - ok
09:03:21.0467 5604 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:03:21.0467 5604 WwanSvc - ok
09:03:21.0483 5604 ================ Scan global ===============================
09:03:21.0514 5604 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:03:21.0545 5604 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
09:03:21.0561 5604 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
09:03:21.0577 5604 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:03:21.0608 5604 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:03:21.0608 5604 [Global] - ok
09:03:21.0608 5604 ================ Scan MBR ==================================
09:03:21.0623 5604 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:03:21.0889 5604 \Device\Harddisk0\DR0 - ok
09:03:21.0889 5604 ================ Scan VBR ==================================
09:03:21.0904 5604 [ D3326FFAD739C0A12A0320B976BF2ACB ] \Device\Harddisk0\DR0\Partition1
09:03:21.0904 5604 \Device\Harddisk0\DR0\Partition1 - ok
09:03:21.0935 5604 [ 1ACF4C0563623FD33E84ECCE063A4D29 ] \Device\Harddisk0\DR0\Partition2
09:03:21.0935 5604 \Device\Harddisk0\DR0\Partition2 - ok
09:03:21.0935 5604 ============================================================
09:03:21.0935 5604 Scan finished
09:03:21.0935 5604 ============================================================
09:03:21.0951 5804 Detected object count: 0
09:03:21.0951 5804 Actual detected object count: 0
09:03:54.0617 6076 Deinitialize success

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 AM

Posted 02 November 2012 - 10:13 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 roberth5

roberth5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:55 AM

Posted 12 November 2012 - 12:11 PM

FSS Log:
Farbar Service Scanner Version: 27-10-2012
Ran by peterb (administrator) on 07-11-2012 at 08:55:11
Running from "P:\Downloads\Tommy Problem"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) SYMTDI(8) Tcpip(3) WPS(9)
0x0A0000000400000001000000020000000300000008000000090000000500000006000000070000000A000000
IpSec Tag value is correct.

**** End of log ****

#6 roberth5

roberth5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:55 AM

Posted 12 November 2012 - 12:13 PM

Junkware Log:
Junkware Removal Tool (JRT) by Thisisu
Version: 2.4.9 (11.02.2012)
OS: Windows 7 Professional x86
Ran by max on Fri 11/02/2012 at 16:56:22.71
Blog: http://thisisudax.blogspot.com
**************************************************************

*** Services: 0 Detections

*** Registry Values: 0 Detections

*** Registry Keys: 0 Detections

*** Files: 0 Detections

*** Folders: 0 Detections

*** FireFox detected and repaired

*** Event Viewer Logs - Cleared

**************************************************************
Scan was completed on Fri 11/02/2012 at 16:59:48.52
End of Report

#7 roberth5

roberth5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:55 AM

Posted 12 November 2012 - 12:15 PM

Mini Tool Box Log:


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (11/05/2012 00:54:57 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (11/04/2012 05:18:09 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (11/03/2012 08:42:57 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\Max.DFLEX\AppData\Local\temp\DWH1877.tmp by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (11/03/2012 10:36:02 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (11/03/2012 04:34:33 AM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\Max.DFLEX\AppData\Local\temp\DWH77F2.tmp by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (11/02/2012 08:23:16 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\Max.DFLEX\AppData\Local\temp\DWH5867.tmp by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (11/02/2012 04:12:05 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\ProgramData\Symantec\SRTSP\Quarantine\APQDFE.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.


=========================== Installed Programs ============================


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3316.94 MB
Available physical RAM: 1949.19 MB
Total Pagefile: 6632.17 MB
Available Pagefile: 5344.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.94 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:452.96 GB) (Free:397.1 GB) NTFS
2 Drive d: (HP_P2050) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\DFD1

Administrator Guest Max

========================= Restore Points ==================================

03-10-2012 17:28:11 ComboFix created restore point
03-10-2012 20:02:24 Installed Crystal Reports XI Release 2
11-10-2012 04:00:01 Scheduled Checkpoint
11-10-2012 07:00:11 Windows Update
19-10-2012 04:00:04 Scheduled Checkpoint
27-10-2012 04:00:01 Scheduled Checkpoint
01-11-2012 14:20:40 ComboFix created restore point

**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 AM

Posted 12 November 2012 - 09:01 PM

malwarebytes log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users