Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection leads to corrupt IE


  • Please log in to reply
18 replies to this topic

#1 Nicksdad

Nicksdad

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 18 November 2012 - 05:58 PM

My machine runs Windows 7 64 bit. I recently noticed that IE seemed to be running slow, so I ran a full Malwarebytes scan which found and removed a couple viruses (trojan svc host.exe?). Since removal, my IE will no longer launch web pages. I can sometimes get to one, but it may take 5 minutes to get it to open. None of the other functions in IE work. I tried to roll back and IE update so I could reload it, but this didnt work. I upgraded to IE 10, but still no luck. I'm not sure if an infection persists or if IE is just corrupt beyond repair. Any help would be appreciated.

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:45 PM

Posted 18 November 2012 - 05:59 PM

You may need to boot into safemode with networking or use a Diff Browser.

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Edited by InadequateInfirmity, 18 November 2012 - 06:04 PM.


#3 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 18 November 2012 - 06:35 PM

18:29:26.0805 2000 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:29:27.0257 2000 ============================================================
18:29:27.0257 2000 Current date / time: 2012/11/18 18:29:27.0257
18:29:27.0257 2000 SystemInfo:
18:29:27.0257 2000
18:29:27.0257 2000 OS Version: 6.1.7601 ServicePack: 1.0
18:29:27.0257 2000 Product type: Workstation
18:29:27.0257 2000 ComputerName: AITLUS0625
18:29:27.0257 2000 UserName: AITTCalandra
18:29:27.0257 2000 Windows directory: C:\windows
18:29:27.0257 2000 System windows directory: C:\windows
18:29:27.0257 2000 Running under WOW64
18:29:27.0257 2000 Processor architecture: Intel x64
18:29:27.0257 2000 Number of processors: 4
18:29:27.0257 2000 Page size: 0x1000
18:29:27.0257 2000 Boot type: Safe boot with network
18:29:27.0257 2000 ============================================================
18:29:27.0523 2000 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:27.0523 2000 ============================================================
18:29:27.0523 2000 \Device\Harddisk0\DR0:
18:29:27.0523 2000 MBR partitions:
18:29:27.0523 2000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x98767
18:29:27.0523 2000 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x98F67, BlocksNum 0x1D12B61A
18:29:27.0523 2000 ============================================================
18:29:27.0538 2000 C: <-> \Device\Harddisk0\DR0\Partition2
18:29:27.0538 2000 ============================================================
18:29:27.0538 2000 Initialize success
18:29:27.0538 2000 ============================================================
18:29:37.0731 2292 ============================================================
18:29:37.0731 2292 Scan started
18:29:37.0731 2292 Mode: Manual; TDLFS;
18:29:37.0731 2292 ============================================================
18:29:37.0887 2292 ================ Scan system memory ========================
18:29:37.0887 2292 System memory - ok
18:29:37.0887 2292 ================ Scan services =============================
18:29:37.0965 2292 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:29:37.0965 2292 !SASCORE - ok
18:29:38.0195 2292 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:29:38.0195 2292 1394ohci - ok
18:29:38.0235 2292 [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler C:\windows\system32\drivers\accelern.sys
18:29:38.0235 2292 Acceler - ok
18:29:38.0255 2292 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:29:38.0255 2292 ACPI - ok
18:29:38.0285 2292 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:29:38.0285 2292 AcpiPmi - ok
18:29:38.0295 2292 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
18:29:38.0295 2292 adp94xx - ok
18:29:38.0315 2292 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
18:29:38.0315 2292 adpahci - ok
18:29:38.0335 2292 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
18:29:38.0335 2292 adpu320 - ok
18:29:38.0365 2292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:29:38.0365 2292 AeLookupSvc - ok
18:29:38.0425 2292 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
18:29:38.0425 2292 AESTFilters - ok
18:29:38.0525 2292 [ 9203AD68320587889DDDDC0DF6648C29 ] AeXNSClient C:\Program Files (x86)\Altiris\Altiris Agent\AeXNSAgent.exe
18:29:38.0525 2292 AeXNSClient - ok
18:29:38.0565 2292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
18:29:38.0565 2292 AFD - ok
18:29:38.0595 2292 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:29:38.0595 2292 agp440 - ok
18:29:38.0605 2292 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:29:38.0605 2292 ALG - ok
18:29:38.0635 2292 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:29:38.0635 2292 aliide - ok
18:29:38.0745 2292 [ BF0F243BF4D81835EDB254C2A9CDEAB4 ] Altiris Deployment Agent C:\Program Files\Altiris\Dagent\dagent.exe
18:29:38.0755 2292 Altiris Deployment Agent - ok
18:29:38.0765 2292 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:29:38.0765 2292 amdide - ok
18:29:38.0775 2292 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
18:29:38.0775 2292 AmdK8 - ok
18:29:38.0775 2292 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
18:29:38.0775 2292 AmdPPM - ok
18:29:38.0805 2292 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\windows\system32\drivers\amdsata.sys
18:29:38.0805 2292 amdsata - ok
18:29:38.0815 2292 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
18:29:38.0815 2292 amdsbs - ok
18:29:38.0835 2292 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:29:38.0835 2292 amdxata - ok
18:29:38.0885 2292 [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
18:29:38.0885 2292 ApfiltrService - ok
18:29:38.0935 2292 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:29:38.0935 2292 AppID - ok
18:29:38.0955 2292 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:29:38.0965 2292 AppIDSvc - ok
18:29:38.0985 2292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
18:29:38.0985 2292 Appinfo - ok
18:29:39.0025 2292 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
18:29:39.0025 2292 AppMgmt - ok
18:29:39.0055 2292 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
18:29:39.0055 2292 arc - ok
18:29:39.0065 2292 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
18:29:39.0065 2292 arcsas - ok
18:29:39.0165 2292 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:29:39.0185 2292 aspnet_state - ok
18:29:39.0205 2292 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:29:39.0205 2292 AsyncMac - ok
18:29:39.0225 2292 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
18:29:39.0225 2292 atapi - ok
18:29:39.0315 2292 [ 3CC3E7786FFD8AF358C40B9CE592F321 ] atashost C:\windows\SysWOW64\atashost.exe
18:29:39.0315 2292 atashost - ok
18:29:39.0385 2292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:29:39.0395 2292 AudioEndpointBuilder - ok
18:29:39.0395 2292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:29:39.0405 2292 AudioSrv - ok
18:29:39.0455 2292 [ F7D109AFB1DF146E2CA2304C7E1DCB16 ] awecho C:\windows\syswow64\drivers\awechomd.sys
18:29:39.0455 2292 awecho - ok
18:29:39.0525 2292 [ 64AE9C807B93BA08D63118D01D6FDF2F ] awhost32 C:\Program Files (x86)\Symantec\pcAnywhere\awhost32.exe
18:29:39.0525 2292 awhost32 - ok
18:29:39.0545 2292 [ 9808626EC988C6B7C773589B3B5993A0 ] AW_HOST C:\windows\syswow64\drivers\aw_host5.sys
18:29:39.0545 2292 AW_HOST - ok
18:29:39.0585 2292 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
18:29:39.0585 2292 AxInstSV - ok
18:29:39.0635 2292 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
18:29:39.0635 2292 b06bdrv - ok
18:29:39.0685 2292 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:29:39.0685 2292 b57nd60a - ok
18:29:39.0705 2292 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
18:29:39.0705 2292 BDESVC - ok
18:29:39.0725 2292 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:29:39.0725 2292 Beep - ok
18:29:39.0765 2292 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
18:29:39.0765 2292 BITS - ok
18:29:39.0785 2292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
18:29:39.0785 2292 blbdrive - ok
18:29:39.0815 2292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:29:39.0815 2292 bowser - ok
18:29:39.0835 2292 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
18:29:39.0835 2292 BrFiltLo - ok
18:29:39.0845 2292 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
18:29:39.0845 2292 BrFiltUp - ok
18:29:39.0865 2292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
18:29:39.0865 2292 Browser - ok
18:29:39.0885 2292 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:29:39.0885 2292 Brserid - ok
18:29:39.0885 2292 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:29:39.0885 2292 BrSerWdm - ok
18:29:39.0895 2292 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:29:39.0895 2292 BrUsbMdm - ok
18:29:39.0895 2292 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:29:39.0895 2292 BrUsbSer - ok
18:29:39.0935 2292 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
18:29:39.0935 2292 BthEnum - ok
18:29:39.0935 2292 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
18:29:39.0935 2292 BTHMODEM - ok
18:29:39.0975 2292 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
18:29:39.0975 2292 BthPan - ok
18:29:40.0005 2292 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
18:29:40.0005 2292 BTHPORT - ok
18:29:40.0035 2292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
18:29:40.0035 2292 bthserv - ok
18:29:40.0055 2292 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
18:29:40.0055 2292 BTHUSB - ok
18:29:40.0075 2292 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
18:29:40.0075 2292 btwavdt - ok
18:29:40.0075 2292 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\drivers\btwrchid.sys
18:29:40.0075 2292 btwrchid - ok
18:29:40.0155 2292 [ 5E68928BA2412E60FF1C61441313CF8D ] ccEvtMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
18:29:40.0155 2292 ccEvtMgr - ok
18:29:40.0155 2292 [ 5E68928BA2412E60FF1C61441313CF8D ] ccSetMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
18:29:40.0155 2292 ccSetMgr - ok
18:29:40.0185 2292 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:29:40.0185 2292 cdfs - ok
18:29:40.0215 2292 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:29:40.0215 2292 cdrom - ok
18:29:40.0245 2292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
18:29:40.0245 2292 CertPropSvc - ok
18:29:40.0255 2292 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
18:29:40.0255 2292 circlass - ok
18:29:40.0305 2292 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
18:29:40.0305 2292 CLFS - ok
18:29:40.0365 2292 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:40.0365 2292 clr_optimization_v2.0.50727_32 - ok
18:29:40.0405 2292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:29:40.0405 2292 clr_optimization_v2.0.50727_64 - ok
18:29:40.0445 2292 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:40.0485 2292 clr_optimization_v4.0.30319_32 - ok
18:29:40.0515 2292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:29:40.0525 2292 clr_optimization_v4.0.30319_64 - ok
18:29:40.0555 2292 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
18:29:40.0555 2292 CmBatt - ok
18:29:40.0565 2292 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
18:29:40.0565 2292 cmdide - ok
18:29:40.0615 2292 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
18:29:40.0615 2292 CNG - ok
18:29:40.0645 2292 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
18:29:40.0645 2292 Compbatt - ok
18:29:40.0655 2292 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:29:40.0655 2292 CompositeBus - ok
18:29:40.0675 2292 COMSysApp - ok
18:29:40.0695 2292 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
18:29:40.0695 2292 crcdisk - ok
18:29:40.0735 2292 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\windows\system32\cryptsvc.dll
18:29:40.0735 2292 CryptSvc - ok
18:29:40.0765 2292 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
18:29:40.0775 2292 CSC - ok
18:29:40.0785 2292 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
18:29:40.0795 2292 CscService - ok
18:29:40.0835 2292 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\windows\system32\Drivers\cvusbdrv.sys
18:29:40.0835 2292 cvusbdrv - ok
18:29:40.0885 2292 [ 1F2D3227A107899914068D1A7D041F01 ] Cwbrxd C:\windows\cwbrxd.exe
18:29:40.0885 2292 Cwbrxd - ok
18:29:40.0915 2292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:29:40.0925 2292 DcomLaunch - ok
18:29:40.0975 2292 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
18:29:40.0975 2292 defragsvc - ok
18:29:41.0005 2292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:29:41.0005 2292 DfsC - ok
18:29:41.0025 2292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
18:29:41.0035 2292 Dhcp - ok
18:29:41.0045 2292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
18:29:41.0045 2292 discache - ok
18:29:41.0075 2292 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
18:29:41.0075 2292 Disk - ok
18:29:41.0105 2292 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\windows\system32\drivers\dmvsc.sys
18:29:41.0115 2292 dmvsc - ok
18:29:41.0125 2292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:29:41.0125 2292 Dnscache - ok
18:29:41.0155 2292 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
18:29:41.0155 2292 dot3svc - ok
18:29:41.0175 2292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
18:29:41.0175 2292 DPS - ok
18:29:41.0195 2292 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:29:41.0195 2292 drmkaud - ok
18:29:41.0235 2292 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:29:41.0235 2292 DXGKrnl - ok
18:29:41.0275 2292 [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
18:29:41.0275 2292 e1cexpress - ok
18:29:41.0305 2292 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\windows\system32\DRIVERS\E1G6032E.sys
18:29:41.0305 2292 E1G60 - ok
18:29:41.0315 2292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
18:29:41.0315 2292 EapHost - ok
18:29:41.0425 2292 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
18:29:41.0445 2292 ebdrv - ok
18:29:41.0525 2292 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:29:41.0525 2292 eeCtrl - ok
18:29:41.0555 2292 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
18:29:41.0555 2292 EFS - ok
18:29:41.0605 2292 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:29:41.0605 2292 ehRecvr - ok
18:29:41.0615 2292 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
18:29:41.0615 2292 ehSched - ok
18:29:41.0635 2292 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
18:29:41.0635 2292 elxstor - ok
18:29:41.0675 2292 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:29:41.0675 2292 EraserUtilRebootDrv - ok
18:29:41.0685 2292 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
18:29:41.0685 2292 ErrDev - ok
18:29:41.0735 2292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
18:29:41.0735 2292 EventSystem - ok
18:29:41.0785 2292 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
18:29:41.0785 2292 exfat - ok
18:29:41.0785 2292 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
18:29:41.0795 2292 fastfat - ok
18:29:41.0835 2292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
18:29:41.0835 2292 Fax - ok
18:29:41.0855 2292 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
18:29:41.0855 2292 fdc - ok
18:29:41.0875 2292 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
18:29:41.0875 2292 fdPHost - ok
18:29:41.0885 2292 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:29:41.0885 2292 FDResPub - ok
18:29:41.0905 2292 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:29:41.0905 2292 FileInfo - ok
18:29:41.0915 2292 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:29:41.0915 2292 Filetrace - ok
18:29:41.0925 2292 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
18:29:41.0925 2292 flpydisk - ok
18:29:41.0935 2292 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:29:41.0935 2292 FltMgr - ok
18:29:41.0985 2292 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\windows\system32\FntCache.dll
18:29:41.0995 2292 FontCache - ok
18:29:42.0025 2292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:29:42.0025 2292 FontCache3.0.0.0 - ok
18:29:42.0055 2292 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:29:42.0055 2292 FsDepends - ok
18:29:42.0095 2292 [ CD83AD71000B23735B8FB42522E7F05A ] FSLX C:\windows\system32\drivers\fslx.sys
18:29:42.0095 2292 FSLX - ok
18:29:42.0135 2292 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:29:42.0135 2292 Fs_Rec - ok
18:29:42.0185 2292 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:29:42.0185 2292 fvevol - ok
18:29:42.0205 2292 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
18:29:42.0205 2292 gagp30kx - ok
18:29:42.0245 2292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
18:29:42.0255 2292 gpsvc - ok
18:29:42.0285 2292 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:29:42.0285 2292 hcw85cir - ok
18:29:42.0305 2292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
18:29:42.0305 2292 HDAudBus - ok
18:29:42.0335 2292 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
18:29:42.0335 2292 HidBatt - ok
18:29:42.0335 2292 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
18:29:42.0335 2292 HidBth - ok
18:29:42.0355 2292 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
18:29:42.0355 2292 HidIr - ok
18:29:42.0375 2292 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
18:29:42.0375 2292 hidserv - ok
18:29:42.0385 2292 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
18:29:42.0385 2292 HidUsb - ok
18:29:42.0415 2292 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:29:42.0415 2292 hkmsvc - ok
18:29:42.0445 2292 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:29:42.0445 2292 HomeGroupListener - ok
18:29:42.0475 2292 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:29:42.0475 2292 HomeGroupProvider - ok
18:29:42.0485 2292 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:29:42.0485 2292 HpSAMD - ok
18:29:42.0525 2292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:29:42.0525 2292 HTTP - ok
18:29:42.0545 2292 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:29:42.0545 2292 hwpolicy - ok
18:29:42.0575 2292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
18:29:42.0575 2292 i8042prt - ok
18:29:42.0605 2292 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\drivers\iaStor.sys
18:29:42.0605 2292 iaStor - ok
18:29:42.0665 2292 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:29:42.0665 2292 iaStorV - ok
18:29:42.0715 2292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:29:42.0725 2292 idsvc - ok
18:29:42.0985 2292 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
18:29:43.0045 2292 igfx - ok
18:29:43.0065 2292 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
18:29:43.0065 2292 iirsp - ok
18:29:43.0105 2292 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
18:29:43.0105 2292 IKEEXT - ok
18:29:43.0135 2292 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\drivers\Impcd.sys
18:29:43.0135 2292 Impcd - ok
18:29:43.0185 2292 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
18:29:43.0185 2292 IntcDAud - ok
18:29:43.0195 2292 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
18:29:43.0195 2292 intelide - ok
18:29:43.0215 2292 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:29:43.0215 2292 intelppm - ok
18:29:43.0235 2292 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:29:43.0245 2292 IPBusEnum - ok
18:29:43.0255 2292 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:29:43.0255 2292 IpFilterDriver - ok
18:29:43.0265 2292 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:29:43.0265 2292 IPMIDRV - ok
18:29:43.0265 2292 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:29:43.0265 2292 IPNAT - ok
18:29:43.0295 2292 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:29:43.0295 2292 IRENUM - ok
18:29:43.0315 2292 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:29:43.0315 2292 isapnp - ok
18:29:43.0335 2292 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:29:43.0335 2292 iScsiPrt - ok
18:29:43.0355 2292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
18:29:43.0355 2292 kbdclass - ok
18:29:43.0365 2292 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:29:43.0365 2292 kbdhid - ok
18:29:43.0375 2292 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
18:29:43.0375 2292 KeyIso - ok
18:29:43.0405 2292 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:29:43.0405 2292 KSecDD - ok
18:29:43.0435 2292 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:29:43.0435 2292 KSecPkg - ok
18:29:43.0445 2292 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:29:43.0445 2292 ksthunk - ok
18:29:43.0485 2292 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
18:29:43.0485 2292 KtmRm - ok
18:29:43.0535 2292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
18:29:43.0535 2292 LanmanServer - ok
18:29:43.0575 2292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:29:43.0575 2292 LanmanWorkstation - ok
18:29:43.0725 2292 [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
18:29:43.0755 2292 LiveUpdate - ok
18:29:43.0775 2292 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:29:43.0775 2292 lltdio - ok
18:29:43.0805 2292 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:29:43.0815 2292 lltdsvc - ok
18:29:43.0815 2292 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:29:43.0825 2292 lmhosts - ok
18:29:43.0865 2292 Lotus Notes Diagnostics - ok
18:29:43.0895 2292 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
18:29:43.0895 2292 LSI_FC - ok
18:29:43.0915 2292 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
18:29:43.0915 2292 LSI_SAS - ok
18:29:43.0925 2292 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
18:29:43.0925 2292 LSI_SAS2 - ok
18:29:43.0925 2292 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
18:29:43.0925 2292 LSI_SCSI - ok
18:29:43.0955 2292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
18:29:43.0955 2292 luafv - ok
18:29:43.0975 2292 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:29:43.0975 2292 Mcx2Svc - ok
18:29:43.0995 2292 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
18:29:43.0995 2292 megasas - ok
18:29:43.0995 2292 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
18:29:44.0005 2292 MegaSR - ok
18:29:44.0015 2292 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\drivers\HECIx64.sys
18:29:44.0015 2292 MEIx64 - ok
18:29:44.0075 2292 Microsoft SharePoint Workspace Audit Service - ok
18:29:44.0105 2292 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
18:29:44.0105 2292 MMCSS - ok
18:29:44.0115 2292 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
18:29:44.0115 2292 Modem - ok
18:29:44.0145 2292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:29:44.0145 2292 monitor - ok
18:29:44.0155 2292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:29:44.0155 2292 mouclass - ok
18:29:44.0185 2292 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
18:29:44.0185 2292 mouhid - ok
18:29:44.0205 2292 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:29:44.0215 2292 mountmgr - ok
18:29:44.0255 2292 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:29:44.0255 2292 MozillaMaintenance - ok
18:29:44.0285 2292 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
18:29:44.0285 2292 mpio - ok
18:29:44.0305 2292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:29:44.0305 2292 mpsdrv - ok
18:29:44.0305 2292 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:29:44.0315 2292 MRxDAV - ok
18:29:44.0315 2292 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:29:44.0315 2292 mrxsmb - ok
18:29:44.0345 2292 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:29:44.0345 2292 mrxsmb10 - ok
18:29:44.0355 2292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:29:44.0355 2292 mrxsmb20 - ok
18:29:44.0375 2292 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
18:29:44.0375 2292 msahci - ok
18:29:44.0375 2292 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:29:44.0375 2292 msdsm - ok
18:29:44.0415 2292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
18:29:44.0415 2292 MSDTC - ok
18:29:44.0445 2292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:29:44.0445 2292 Msfs - ok
18:29:44.0455 2292 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:29:44.0455 2292 mshidkmdf - ok
18:29:44.0465 2292 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:29:44.0465 2292 msisadrv - ok
18:29:44.0505 2292 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:29:44.0505 2292 MSiSCSI - ok
18:29:44.0515 2292 msiserver - ok
18:29:44.0525 2292 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:29:44.0525 2292 MSKSSRV - ok
18:29:44.0535 2292 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:29:44.0535 2292 MSPCLOCK - ok
18:29:44.0545 2292 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:29:44.0545 2292 MSPQM - ok
18:29:44.0575 2292 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:29:44.0575 2292 MsRPC - ok
18:29:44.0595 2292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:29:44.0595 2292 mssmbios - ok
18:29:44.0605 2292 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:29:44.0615 2292 MSTEE - ok
18:29:44.0635 2292 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
18:29:44.0635 2292 MTConfig - ok
18:29:44.0655 2292 Multi-user Cleanup Service - ok
18:29:44.0675 2292 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
18:29:44.0675 2292 Mup - ok
18:29:44.0705 2292 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
18:29:44.0715 2292 napagent - ok
18:29:44.0755 2292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:29:44.0755 2292 NativeWifiP - ok
18:29:44.0895 2292 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20121117.005\ENG64.SYS
18:29:44.0895 2292 NAVENG - ok
18:29:44.0945 2292 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20121117.005\EX64.SYS
18:29:44.0955 2292 NAVEX15 - ok
18:29:45.0005 2292 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
18:29:45.0005 2292 NDIS - ok
18:29:45.0035 2292 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:29:45.0035 2292 NdisCap - ok
18:29:45.0055 2292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:29:45.0055 2292 NdisTapi - ok
18:29:45.0075 2292 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:29:45.0075 2292 Ndisuio - ok
18:29:45.0085 2292 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:29:45.0085 2292 NdisWan - ok
18:29:45.0095 2292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:29:45.0095 2292 NDProxy - ok
18:29:45.0115 2292 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:29:45.0115 2292 NetBIOS - ok
18:29:45.0135 2292 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:29:45.0145 2292 NetBT - ok
18:29:45.0155 2292 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
18:29:45.0155 2292 Netlogon - ok
18:29:45.0175 2292 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
18:29:45.0185 2292 Netman - ok
18:29:45.0205 2292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:45.0235 2292 NetMsmqActivator - ok
18:29:45.0235 2292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:45.0235 2292 NetPipeActivator - ok
18:29:45.0295 2292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
18:29:45.0295 2292 netprofm - ok
18:29:45.0305 2292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:45.0305 2292 NetTcpActivator - ok
18:29:45.0305 2292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:45.0305 2292 NetTcpPortSharing - ok
18:29:45.0465 2292 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
18:29:45.0505 2292 NETwNs64 - ok
18:29:45.0525 2292 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
18:29:45.0525 2292 nfrd960 - ok
18:29:45.0555 2292 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
18:29:45.0555 2292 NlaSvc - ok
18:29:45.0585 2292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:29:45.0585 2292 Npfs - ok
18:29:45.0595 2292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
18:29:45.0595 2292 nsi - ok
18:29:45.0605 2292 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:29:45.0605 2292 nsiproxy - ok
18:29:45.0645 2292 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:29:45.0645 2292 Ntfs - ok
18:29:45.0695 2292 [ 07953351A3424BAA50FC5C4A1434FB04 ] NTI BackupNowEZSvr C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
18:29:45.0695 2292 NTI BackupNowEZSvr - ok
18:29:45.0705 2292 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\windows\system32\drivers\NTIDrvr.sys
18:29:45.0705 2292 NTIDrvr - ok
18:29:45.0715 2292 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
18:29:45.0715 2292 Null - ok
18:29:45.0755 2292 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
18:29:45.0755 2292 NVHDA - ok
18:29:45.0795 2292 [ D6DD6F3A6A0C58B95119E0633564988E ] nvkflt C:\windows\system32\DRIVERS\nvkflt.sys
18:29:45.0795 2292 nvkflt - ok
18:29:46.0045 2292 [ 0DEC98637ED9CE8FA02E45AB7D813826 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
18:29:46.0115 2292 nvlddmkm - ok
18:29:46.0195 2292 [ 4499C49459FD803ADAFB7107F329C1F9 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
18:29:46.0195 2292 nvpciflt - ok
18:29:46.0225 2292 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\windows\system32\drivers\nvraid.sys
18:29:46.0225 2292 nvraid - ok
18:29:46.0235 2292 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\windows\system32\drivers\nvstor.sys
18:29:46.0235 2292 nvstor - ok
18:29:46.0285 2292 [ 299D89CDC66C7B294F2E756673138C8E ] NVSvc C:\windows\system32\nvvsvc.exe
18:29:46.0285 2292 NVSvc - ok
18:29:46.0295 2292 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:29:46.0295 2292 nv_agp - ok
18:29:46.0315 2292 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\windows\system32\DRIVERS\o2flash.exe
18:29:46.0315 2292 O2FLASH - ok
18:29:46.0345 2292 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\windows\system32\drivers\O2MDFw7x64.sys
18:29:46.0345 2292 O2MDFRDR - ok
18:29:46.0355 2292 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\windows\system32\drivers\O2MDRw7x64.sys
18:29:46.0365 2292 O2MDRRDR - ok
18:29:46.0375 2292 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\windows\system32\drivers\o2sdjw7x64.sys
18:29:46.0375 2292 O2SDJRDR - ok
18:29:46.0385 2292 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:29:46.0385 2292 ohci1394 - ok
18:29:46.0435 2292 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:29:46.0435 2292 ose - ok
18:29:46.0625 2292 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:29:46.0665 2292 osppsvc - ok
18:29:46.0695 2292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:29:46.0695 2292 p2pimsvc - ok
18:29:46.0715 2292 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
18:29:46.0725 2292 p2psvc - ok
18:29:46.0745 2292 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
18:29:46.0755 2292 Parport - ok
18:29:46.0785 2292 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
18:29:46.0785 2292 partmgr - ok
18:29:46.0795 2292 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:29:46.0795 2292 PcaSvc - ok
18:29:46.0805 2292 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
18:29:46.0805 2292 pci - ok
18:29:46.0815 2292 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
18:29:46.0815 2292 pciide - ok
18:29:46.0815 2292 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
18:29:46.0825 2292 pcmcia - ok
18:29:46.0845 2292 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
18:29:46.0845 2292 pcw - ok
18:29:46.0865 2292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:29:46.0875 2292 PEAUTH - ok
18:29:46.0915 2292 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
18:29:46.0925 2292 PeerDistSvc - ok
18:29:47.0005 2292 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
18:29:47.0015 2292 PerfHost - ok
18:29:47.0055 2292 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
18:29:47.0065 2292 pla - ok
18:29:47.0105 2292 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:29:47.0105 2292 PlugPlay - ok
18:29:47.0135 2292 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:29:47.0135 2292 PNRPAutoReg - ok
18:29:47.0165 2292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:29:47.0165 2292 PNRPsvc - ok
18:29:47.0215 2292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:29:47.0215 2292 PolicyAgent - ok
18:29:47.0235 2292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
18:29:47.0235 2292 Power - ok
18:29:47.0265 2292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:29:47.0265 2292 PptpMiniport - ok
18:29:47.0295 2292 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
18:29:47.0295 2292 Processor - ok
18:29:47.0325 2292 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
18:29:47.0325 2292 ProfSvc - ok
18:29:47.0335 2292 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:29:47.0335 2292 ProtectedStorage - ok
18:29:47.0365 2292 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:29:47.0365 2292 Psched - ok
18:29:47.0405 2292 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
18:29:47.0415 2292 ql2300 - ok
18:29:47.0435 2292 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
18:29:47.0435 2292 ql40xx - ok
18:29:47.0455 2292 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
18:29:47.0465 2292 QWAVE - ok
18:29:47.0475 2292 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:29:47.0475 2292 QWAVEdrv - ok
18:29:47.0485 2292 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:29:47.0485 2292 RasAcd - ok
18:29:47.0525 2292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:29:47.0525 2292 RasAgileVpn - ok
18:29:47.0565 2292 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
18:29:47.0565 2292 RasAuto - ok
18:29:47.0585 2292 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:29:47.0585 2292 Rasl2tp - ok
18:29:47.0605 2292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
18:29:47.0605 2292 RasMan - ok
18:29:47.0615 2292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:29:47.0615 2292 RasPppoe - ok
18:29:47.0635 2292 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:29:47.0635 2292 RasSstp - ok
18:29:47.0645 2292 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:29:47.0645 2292 rdbss - ok
18:29:47.0665 2292 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
18:29:47.0665 2292 rdpbus - ok
18:29:47.0675 2292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:29:47.0675 2292 RDPCDD - ok
18:29:47.0695 2292 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
18:29:47.0695 2292 RDPDR - ok
18:29:47.0735 2292 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:29:47.0735 2292 RDPENCDD - ok
18:29:47.0765 2292 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:29:47.0765 2292 RDPREFMP - ok
18:29:47.0795 2292 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
18:29:47.0795 2292 RdpVideoMiniport - ok
18:29:47.0825 2292 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:29:47.0825 2292 RDPWD - ok
18:29:47.0865 2292 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:29:47.0865 2292 rdyboost - ok
18:29:47.0885 2292 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:29:47.0885 2292 RemoteAccess - ok
18:29:47.0915 2292 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:29:47.0915 2292 RemoteRegistry - ok
18:29:47.0935 2292 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
18:29:47.0935 2292 RFCOMM - ok
18:29:47.0975 2292 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys
18:29:47.0975 2292 RimUsb - ok
18:29:48.0015 2292 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
18:29:48.0015 2292 RimVSerPort - ok
18:29:48.0045 2292 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
18:29:48.0045 2292 ROOTMODEM - ok
18:29:48.0055 2292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:29:48.0055 2292 RpcEptMapper - ok
18:29:48.0075 2292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
18:29:48.0075 2292 RpcLocator - ok
18:29:48.0105 2292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
18:29:48.0105 2292 RpcSs - ok
18:29:48.0125 2292 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:29:48.0125 2292 rspndr - ok
18:29:48.0145 2292 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\windows\system32\drivers\vms3cap.sys
18:29:48.0155 2292 s3cap - ok
18:29:48.0165 2292 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
18:29:48.0165 2292 SamSs - ok
18:29:48.0215 2292 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:29:48.0215 2292 SASDIFSV - ok
18:29:48.0225 2292 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:29:48.0225 2292 SASKUTIL - ok
18:29:48.0245 2292 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:29:48.0245 2292 sbp2port - ok
18:29:48.0265 2292 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
18:29:48.0265 2292 SCardSvr - ok
18:29:48.0295 2292 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:29:48.0295 2292 scfilter - ok
18:29:48.0335 2292 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
18:29:48.0335 2292 Schedule - ok
18:29:48.0375 2292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
18:29:48.0375 2292 SCPolicySvc - ok
18:29:48.0395 2292 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:29:48.0395 2292 SDRSVC - ok
18:29:48.0425 2292 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:29:48.0425 2292 secdrv - ok
18:29:48.0445 2292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
18:29:48.0445 2292 seclogon - ok
18:29:48.0465 2292 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
18:29:48.0465 2292 SENS - ok
18:29:48.0495 2292 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:29:48.0495 2292 SensrSvc - ok
18:29:48.0515 2292 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:29:48.0515 2292 Serenum - ok
18:29:48.0525 2292 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
18:29:48.0525 2292 Serial - ok
18:29:48.0555 2292 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
18:29:48.0555 2292 sermouse - ok
18:29:48.0575 2292 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:29:48.0575 2292 SessionEnv - ok
18:29:48.0575 2292 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:29:48.0575 2292 sffdisk - ok
18:29:48.0575 2292 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:29:48.0575 2292 sffp_mmc - ok
18:29:48.0585 2292 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:29:48.0585 2292 sffp_sd - ok
18:29:48.0595 2292 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
18:29:48.0595 2292 sfloppy - ok
18:29:48.0615 2292 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:29:48.0615 2292 ShellHWDetection - ok
18:29:48.0635 2292 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
18:29:48.0635 2292 SiSRaid2 - ok
18:29:48.0635 2292 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
18:29:48.0635 2292 SiSRaid4 - ok
18:29:48.0665 2292 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:29:48.0665 2292 Smb - ok
18:29:48.0775 2292 [ 48BFC901748A6CBDBCADD7991C867060 ] SmcService c:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
18:29:48.0805 2292 SmcService - ok
18:29:48.0825 2292 [ 767DE5FFE38B673C03551F50D96EBA0B ] SNAC c:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
18:29:48.0825 2292 SNAC - ok
18:29:48.0875 2292 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:29:48.0875 2292 SNMPTRAP - ok
18:29:48.0895 2292 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
18:29:48.0895 2292 spldr - ok
18:29:48.0915 2292 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
18:29:48.0915 2292 Spooler - ok
18:29:48.0985 2292 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
18:29:49.0005 2292 sppsvc - ok
18:29:49.0015 2292 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:29:49.0015 2292 sppuinotify - ok
18:29:49.0055 2292 [ B531FC8918DCDAAE638511A123C3465E ] SRTSP C:\windows\system32\Drivers\SRTSP64.SYS
18:29:49.0055 2292 SRTSP - ok
18:29:49.0075 2292 [ 2BD3A73D0601320B72486FC3EBC2544F ] SRTSPL C:\windows\system32\Drivers\SRTSPL64.SYS
18:29:49.0075 2292 SRTSPL - ok
18:29:49.0095 2292 [ 529B337C1AEEB289F0B502EB0EE6A8F5 ] SRTSPX C:\windows\system32\Drivers\SRTSPX64.SYS
18:29:49.0095 2292 SRTSPX - ok
18:29:49.0125 2292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
18:29:49.0135 2292 srv - ok
18:29:49.0155 2292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:29:49.0165 2292 srv2 - ok
18:29:49.0185 2292 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:29:49.0185 2292 srvnet - ok
18:29:49.0225 2292 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:29:49.0225 2292 SSDPSRV - ok
18:29:49.0235 2292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
18:29:49.0245 2292 SstpSvc - ok
18:29:49.0295 2292 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:29:49.0295 2292 STacSV - ok
18:29:49.0325 2292 [ E4EA2412FB1B8AEE33667A9CC6D456A4 ] stdcfltn C:\windows\system32\DRIVERS\stdcfltn.sys
18:29:49.0325 2292 stdcfltn - ok
18:29:49.0395 2292 [ AE937A7138EB60AA8D8C7ED305AD28B9 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:29:49.0395 2292 Stereo Service - ok
18:29:49.0415 2292 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
18:29:49.0415 2292 stexstor - ok
18:29:49.0465 2292 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
18:29:49.0465 2292 STHDA - ok
18:29:49.0495 2292 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
18:29:49.0505 2292 stisvc - ok
18:29:49.0525 2292 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\windows\system32\drivers\vmstorfl.sys
18:29:49.0525 2292 storflt - ok
18:29:49.0565 2292 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
18:29:49.0565 2292 StorSvc - ok
18:29:49.0575 2292 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\windows\system32\drivers\storvsc.sys
18:29:49.0575 2292 storvsc - ok
18:29:49.0595 2292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
18:29:49.0595 2292 swenum - ok
18:29:49.0605 2292 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
18:29:49.0615 2292 swprv - ok
18:29:49.0665 2292 [ D880FBD65B6F4885AC89628225B91398 ] Symantec AntiVirus c:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
18:29:49.0675 2292 Symantec AntiVirus - ok
18:29:49.0695 2292 [ D1F1A5E72E33D6BE449F5F1F4A513DD1 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
18:29:49.0695 2292 SymEvent - ok
18:29:49.0725 2292 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\windows\system32\drivers\Synth3dVsc.sys
18:29:49.0725 2292 Synth3dVsc - ok
18:29:49.0775 2292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
18:29:49.0785 2292 SysMain - ok
18:29:49.0805 2292 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:29:49.0805 2292 TabletInputService - ok
18:29:49.0815 2292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:29:49.0815 2292 TapiSrv - ok
18:29:49.0835 2292 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
18:29:49.0835 2292 TBS - ok
18:29:49.0835 2292 [ 08228AC4B3EEF0DEE3D38D239692E510 ] tcm C:\windows\system32\drivers\tcm.sys
18:29:49.0835 2292 tcm - ok
18:29:49.0885 2292 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:29:49.0895 2292 Tcpip - ok
18:29:49.0935 2292 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:29:49.0945 2292 TCPIP6 - ok
18:29:49.0975 2292 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:29:49.0975 2292 tcpipreg - ok
18:29:49.0985 2292 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:29:49.0985 2292 TDPIPE - ok
18:29:50.0015 2292 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:29:50.0015 2292 TDTCP - ok
18:29:50.0035 2292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:29:50.0035 2292 tdx - ok
18:29:50.0055 2292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
18:29:50.0055 2292 TermDD - ok
18:29:50.0075 2292 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\windows\system32\drivers\terminpt.sys
18:29:50.0075 2292 terminpt - ok
18:29:50.0105 2292 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
18:29:50.0115 2292 TermService - ok
18:29:50.0125 2292 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
18:29:50.0125 2292 Themes - ok
18:29:50.0155 2292 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
18:29:50.0155 2292 THREADORDER - ok
18:29:50.0255 2292 [ CF77958AB434B51CA3595FB2AA0B144A ] TracSrvWrapper c:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
18:29:50.0295 2292 TracSrvWrapper - ok
18:29:50.0325 2292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
18:29:50.0335 2292 TrkWks - ok
18:29:50.0385 2292 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:29:50.0385 2292 TrustedInstaller - ok
18:29:50.0415 2292 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:29:50.0415 2292 tssecsrv - ok
18:29:50.0445 2292 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:29:50.0445 2292 TsUsbFlt - ok
18:29:50.0445 2292 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
18:29:50.0455 2292 TsUsbGD - ok
18:29:50.0455 2292 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\windows\system32\drivers\tsusbhub.sys
18:29:50.0455 2292 tsusbhub - ok
18:29:50.0485 2292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:29:50.0485 2292 tunnel - ok
18:29:50.0495 2292 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
18:29:50.0495 2292 uagp35 - ok
18:29:50.0525 2292 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\windows\system32\drivers\UBHelper.sys
18:29:50.0525 2292 UBHelper - ok
18:29:50.0545 2292 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:29:50.0545 2292 udfs - ok
18:29:50.0575 2292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:29:50.0575 2292 UI0Detect - ok
18:29:50.0585 2292 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:29:50.0585 2292 uliagpkx - ok
18:29:50.0625 2292 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
18:29:50.0625 2292 umbus - ok
18:29:50.0625 2292 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
18:29:50.0625 2292 UmPass - ok
18:29:50.0645 2292 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
18:29:50.0645 2292 UmRdpService - ok
18:29:50.0665 2292 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
18:29:50.0665 2292 upnphost - ok
18:29:50.0685 2292 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:29:50.0685 2292 usbccgp - ok
18:29:50.0705 2292 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:29:50.0705 2292 usbcir - ok
18:29:50.0715 2292 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\windows\system32\drivers\usbehci.sys
18:29:50.0715 2292 usbehci - ok
18:29:50.0735 2292 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:29:50.0735 2292 usbhub - ok
18:29:50.0735 2292 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:29:50.0735 2292 usbohci - ok
18:29:50.0765 2292 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
18:29:50.0765 2292 usbprint - ok
18:29:50.0815 2292 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
18:29:50.0815 2292 usbscan - ok
18:29:50.0855 2292 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\windows\system32\DRIVERS\usbser.sys
18:29:50.0855 2292 usbser - ok
18:29:50.0875 2292 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:29:50.0875 2292 USBSTOR - ok
18:29:50.0885 2292 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:29:50.0885 2292 usbuhci - ok
18:29:50.0925 2292 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
18:29:50.0925 2292 usbvideo - ok
18:29:50.0945 2292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
18:29:50.0945 2292 UxSms - ok
18:29:50.0955 2292 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
18:29:50.0955 2292 VaultSvc - ok
18:29:50.0975 2292 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:29:50.0975 2292 vdrvroot - ok
18:29:50.0995 2292 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
18:29:50.0995 2292 vds - ok
18:29:51.0035 2292 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:29:51.0035 2292 vga - ok
18:29:51.0035 2292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
18:29:51.0045 2292 VgaSave - ok
18:29:51.0045 2292 VGPU - ok
18:29:51.0055 2292 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:29:51.0055 2292 vhdmp - ok
18:29:51.0065 2292 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
18:29:51.0065 2292 viaide - ok
18:29:51.0075 2292 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\windows\system32\drivers\vmbus.sys
18:29:51.0075 2292 vmbus - ok
18:29:51.0075 2292 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
18:29:51.0075 2292 VMBusHID - ok
18:29:51.0105 2292 [ A96AFA32F73C065B9AE9D1554CDD00FC ] vna_ap C:\windows\system32\DRIVERS\vnaap.sys
18:29:51.0105 2292 vna_ap - ok
18:29:51.0115 2292 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:29:51.0115 2292 volmgr - ok
18:29:51.0135 2292 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:29:51.0135 2292 volmgrx - ok
18:29:51.0175 2292 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:29:51.0175 2292 volsnap - ok
18:29:51.0225 2292 [ 3BADB92F3E94EC0C7851DF03482C0187 ] vsdatant C:\windows\system32\DRIVERS\vsdatant.sys
18:29:51.0225 2292 vsdatant - ok
18:29:51.0245 2292 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
18:29:51.0245 2292 vsmraid - ok
18:29:51.0305 2292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
18:29:51.0315 2292 VSS - ok
18:29:51.0335 2292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:29:51.0335 2292 vwifibus - ok
18:29:51.0355 2292 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:29:51.0355 2292 vwififlt - ok
18:29:51.0375 2292 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
18:29:51.0375 2292 W32Time - ok
18:29:51.0395 2292 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
18:29:51.0395 2292 WacomPen - ok
18:29:51.0425 2292 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:29:51.0425 2292 WANARP - ok
18:29:51.0425 2292 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:29:51.0425 2292 Wanarpv6 - ok
18:29:51.0475 2292 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:29:51.0485 2292 WatAdminSvc - ok
18:29:51.0535 2292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
18:29:51.0545 2292 wbengine - ok
18:29:51.0565 2292 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:29:51.0565 2292 WbioSrvc - ok
18:29:51.0575 2292 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
18:29:51.0575 2292 wcncsvc - ok
18:29:51.0585 2292 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:29:51.0585 2292 WcsPlugInService - ok
18:29:51.0595 2292 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
18:29:51.0595 2292 Wd - ok
18:29:51.0625 2292 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:29:51.0635 2292 Wdf01000 - ok
18:29:51.0645 2292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:29:51.0645 2292 WdiServiceHost - ok
18:29:51.0655 2292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:29:51.0655 2292 WdiSystemHost - ok
18:29:51.0675 2292 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
18:29:51.0675 2292 WebClient - ok
18:29:51.0705 2292 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
18:29:51.0705 2292 Wecsvc - ok
18:29:51.0725 2292 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:29:51.0725 2292 wercplsupport - ok
18:29:51.0745 2292 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
18:29:51.0745 2292 WerSvc - ok
18:29:51.0775 2292 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:29:51.0775 2292 WfpLwf - ok
18:29:51.0795 2292 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:29:51.0795 2292 WIMMount - ok
18:29:51.0795 2292 WinHttpAutoProxySvc - ok
18:29:51.0835 2292 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:29:51.0835 2292 Winmgmt - ok
18:29:51.0895 2292 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
18:29:51.0905 2292 WinRM - ok
18:29:51.0945 2292 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUSB.sys
18:29:51.0945 2292 WinUsb - ok
18:29:51.0975 2292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
18:29:51.0985 2292 Wlansvc - ok
18:29:52.0005 2292 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:29:52.0005 2292 WmiAcpi - ok
18:29:52.0025 2292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:29:52.0025 2292 wmiApSrv - ok
18:29:52.0055 2292 WMPNetworkSvc - ok
18:29:52.0065 2292 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
18:29:52.0065 2292 WPCSvc - ok
18:29:52.0075 2292 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:29:52.0075 2292 WPDBusEnum - ok
18:29:52.0095 2292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:29:52.0095 2292 ws2ifsl - ok
18:29:52.0105 2292 WSearch - ok
18:29:52.0175 2292 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\windows\system32\wuaueng.dll
18:29:52.0195 2292 wuauserv - ok
18:29:52.0205 2292 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:29:52.0205 2292 WudfPf - ok
18:29:52.0275 2292 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:29:52.0275 2292 WUDFRd - ok
18:29:52.0305 2292 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:29:52.0305 2292 wudfsvc - ok
18:29:52.0315 2292 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
18:29:52.0325 2292 WwanSvc - ok
18:29:52.0345 2292 ================ Scan global ===============================
18:29:52.0375 2292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:29:52.0415 2292 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
18:29:52.0425 2292 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
18:29:52.0455 2292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:29:52.0495 2292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:29:52.0505 2292 [Global] - ok
18:29:52.0505 2292 ================ Scan MBR ==================================
18:29:52.0515 2292 [ C9BF916068238D16F510107A5AD6B482 ] \Device\Harddisk0\DR0
18:29:53.0335 2292 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:29:53.0335 2292 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:29:53.0335 2292 ================ Scan VBR ==================================
18:29:53.0365 2292 [ 5ACAE6D26E552C9E48CED172CD715FB3 ] \Device\Harddisk0\DR0\Partition1
18:29:53.0365 2292 \Device\Harddisk0\DR0\Partition1 - ok
18:29:53.0375 2292 [ 83AE3F289F0EBE9B997C0F026E5574BE ] \Device\Harddisk0\DR0\Partition2
18:29:53.0375 2292 \Device\Harddisk0\DR0\Partition2 - ok
18:29:53.0375 2292 ============================================================
18:29:53.0375 2292 Scan finished
18:29:53.0375 2292 ============================================================
18:29:53.0385 2544 Detected object count: 1
18:29:53.0385 2544 Actual detected object count: 1
18:31:48.0227 2544 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:31:48.0227 2544 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:31:48.0243 2544 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:31:48.0243 2544 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:31:48.0243 2544 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:31:48.0243 2544 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:31:48.0243 2544 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:31:48.0288 2544 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:31:48.0288 2544 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:31:48.0288 2544 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:31:48.0288 2544 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:31:48.0288 2544 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:31:48.0288 2544 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:45 PM

Posted 18 November 2012 - 07:08 PM

Boot into Normal Mode for the other scans if you can not then continue in safemode with Networking Awaiting the other logs. :)

#5 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 18 November 2012 - 07:51 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/18/2012 at 07:26 PM

Application Version : 5.6.1014

Core Rules Database Version : 9608
Trace Rules Database Version: 7420

Scan type : Complete Scan
Total Scan Time : 00:22:51

Operating System Information
Windows 7 Enterprise 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 438
Memory threats detected : 0
Registry items scanned : 74114
Registry threats detected : 0
File items scanned : 64307
File threats detected : 97

Adware.Tracking Cookie
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\IM3KM6NX.txt [ /interclick.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\UA49WB6O.txt [ /ad.yieldmanager.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\JVRMF2UE.txt [ /apmebf.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\HD1730KP.txt [ /doubleclick.net ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\US4X231Z.txt [ /specificclick.net ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\02HM51KO.txt [ /imrworldwide.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\N2Y9GY7R.txt [ /at.atwola.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\JW86DHU4.txt [ /uac.advertising.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\E0XSOQJT.txt [ /yieldmanager.net ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\RJSZCGE1.txt [ /kontera.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\A33CQ4MY.txt [ /atdmt.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\46VP69IV.txt [ /advertising.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\83VU3DAB.txt [ /a1.interclick.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\UZUW3VM0.txt [ /mediaplex.com ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\JZL2PY0D.txt [ /fastclick.net ]
C:\Users\AITTCalandra\AppData\Roaming\Microsoft\Windows\Cookies\YB45PNT6.txt [ /invitemedia.com ]
ad.yieldmanager.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\AITTCALANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GFLTF139.DEFAULT\COOKIES.SQLITE ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
cdnx.tribalfusion.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
click.searchnation.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
core.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
ds.serving-sys.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
elitetv.elitedaily.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
media.scanscout.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
media3.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
msnbcmedia.msn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
s0.2mdn.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]
videocdn.pgoamedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JW4PUFMQ ]

#6 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 12:08 AM

The Malwarebytes and E-Set scans were both clean.

Edited by Nicksdad, 19 November 2012 - 12:08 AM.


#7 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 12:16 AM

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by AITTCalandra (administrator) on 19-11-2012 at 00:11:25
Windows 7 Enterprise Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : AITLUS0625
Primary Dns Suffix . . . . . . . : nasa.group.atlascopco.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : nasa.group.atlascopco.com
emea.group.atlascopco.com
apac.group.atlascopco.com
group.atlascopco.com

Ethernet adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : nasa.group.atlascopco.com
Description . . . . . . . . . . . : Check Point Virtual Network Adapter For Endpoint VPN Client
Physical Address. . . . . . . . . : 54-25-5C-4C-CA-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : NASA.GROUP.ATLASCOPCO.COM
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : D4-BE-D9-19-AF-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.nh.comcast.net.
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : 8C-70-5A-6B-85-94
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c4d6:ac36:c211:2000%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 18, 2012 7:55:22 PM
Lease Expires . . . . . . . . . . : Monday, November 26, 2012 12:11:30 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 302518678
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-A7-47-F1-00-0C-29-94-F7-66
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.nh.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1008
173.194.43.39
173.194.43.37
173.194.43.36
173.194.43.35
173.194.43.33
173.194.43.46
173.194.43.32
173.194.43.40
173.194.43.38
173.194.43.41
173.194.43.34


Pinging google.com [173.194.43.35] with 32 bytes of data:
Reply from 173.194.43.35: bytes=32 time=86ms TTL=55
Reply from 173.194.43.35: bytes=32 time=21ms TTL=55

Ping statistics for 173.194.43.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 86ms, Average = 53ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=171ms TTL=51
Request timed out.

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 171ms, Maximum = 171ms, Average = 171ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...54 25 5c 4c ca 10 ......Check Point Virtual Network Adapter For Endpoint VPN Client
16...d4 be d9 19 af 0e ......Intel® 82579LM Gigabit Network Connection
13...8c 70 5a 6b 85 94 ......Intel® Centrino® Advanced-N 6205
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.109 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.109 281
192.168.0.109 255.255.255.255 On-link 192.168.0.109 281
192.168.0.255 255.255.255.255 On-link 192.168.0.109 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.109 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.109 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::c4d6:ac36:c211:2000/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/19/2012 00:00:01 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (11/18/2012 10:22:11 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (11/18/2012 09:06:43 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Malcol in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0008.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:06:20 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0007.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:05:43 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0003.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:05:08 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0001.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:04:24 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0000.dta by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/18/2012 08:00:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 08:00:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 08:00:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/19/2012 00:09:51 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/19/2012 00:09:51 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/19/2012 00:08:50 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/19/2012 00:08:50 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/19/2012 00:07:41 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/19/2012 00:07:41 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/19/2012 00:05:37 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/19/2012 00:05:37 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/19/2012 00:03:36 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/19/2012 00:03:36 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (11/19/2012 00:00:01 AM) (Source: System Restore)(User: )
Description: C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (11/18/2012 10:22:11 PM) (Source: System Restore)(User: )
Description: C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (11/18/2012 09:06:43 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Malcol in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0008.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:06:20 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0007.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:05:43 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0003.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:05:08 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Backdoor.Tidserv in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0001.dta by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (11/18/2012 09:04:24 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\tsk0000.dta by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/18/2012 08:00:31 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AITTCalandra\Music\Downloads\esetsmartinstaller_enu.exe

Error: (11/18/2012 08:00:26 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AITTCalandra\Music\Downloads\esetsmartinstaller_enu.exe

Error: (11/18/2012 08:00:26 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AITTCalandra\Music\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader for ScanSnap ™ 4.1 (Version: 8.02.650.72520)
AccelerometerP11 (Version: 2.00.10.33)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Reader X (Version: 10.0.0)
Adobe Shockwave Player 11.5 (Version: 11.5.10.620)
Altiris Client Task Agent (Version: 6.0.1524)
Altiris Deployment Agent (Version: 1.0.0)
Atlas Copco Tools AB - Licensing (Version: 1.27.00.14)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
BlackBerry Device Software Updater (Version: 7.1.0.34)
BlackBerry Device Software v7.1.0 for the BlackBerry 9900 smartphone (Version: 7.1.0.694 (Platform 5.1.0.507))
CardMinder (Version: V4.1L40)
CardMinder V4.1 (Version: 4.1.40.1)
Check Point VPN (Version: 75.10.0000)
Cisco WebEx Meetings
Definition update for Microsoft Office 2010 (KB982726)
Dell Touchpad (Version: 7.1208.101.125)
DWG TrueView 2012 (Version: 18.2.51.0)
ESET Online Scanner v3
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HP Photosmart Plus B210 series Basic Device Software (Version: 22.0.334.0)
IBM System i Access for Windows V6R1M0 (Version: 06.01.0800)
IDT Audio (Version: 1.0.6324.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Processor Graphics (Version: 8.15.10.2418)
Internet Explorer (Enable DEP)
Internet Explorer (Version: 9)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 24 (Version: 6.0.240)
K-Lite Codec Pack (Version: 4.6)
K-Lite Codec Pack 7.1.0 (Version: 7.1.0)
LiveReg (Symantec Corporation) (Version: 2.4.2.2295)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.96)
Lotus Notes 8.5 (Version: 8.50.8345)
Lotus Notes 8.5.1 (Version: 8.51.9271)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MULTIPROG 5.35 Build 218 (Version: 5.35.0.218)
MWSnap 3 (Version: 3.0.0.74)
NTI Backup Now EZ (Version: 2.5.2.36)
NVIDIA 3D Vision Driver 296.70 (Version: 296.70)
NVIDIA Control Panel 296.70 (Version: 296.70)
NVIDIA Graphics Driver 296.70 (Version: 296.70)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA nView 136.27 (Version: 136.27)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9670)
ScanSnap (Version: 5.1.30.19)
ScanSnap Manager (Version: V5.1L30)
ScanSnap Organizer (Version: 4.1.30.16)
ScanSnap Organizer (Version: V4.1L30)
SolidWorks viewer (Version: 19.30.7)
Sophos Virus Removal Tool (Version: 2.2)
STDriver64 (Version: 2.00.0000)
SUPERAntiSpyware (Version: 5.6.1014)
Symantec Endpoint Protection (Version: 11.0.6100.645)
Symantec pcAnywhere (Version: 12.5.0)
Symantec Workspace Virtualization Agent (Version: 6.4.1266)
TaxACT 2011 - 1040 Edition
Tools Talk BLM (Version: 2.0.0)
Tools Talk Power Focus
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Windows Driver Package - ATLAS Copco (usbser) Ports (07/20/2011 1.1.0.0) (Version: 07/20/2011 1.1.0.0)
X7Magic Setup (Version: 7.1.5)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 3978.15 MB
Available physical RAM: 1730.57 MB
Total Pagefile: 7954.49 MB
Available Pagefile: 5791.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.35 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.58 GB) (Free:180.55 GB) NTFS
2 Drive d: (ScanSnap) (CDROM) (Total:2.42 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\AITLUS0625

Asap Help Custodian Guest


**** End of log ****

#8 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 12:17 AM

I did download FireFox. It works fine in normal mode, but IE will only work in safe mode.

#9 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 12:29 AM

Here's a Symantec log with what it and TDSSKiller had found earlier. Sorry for the format

Filename Risk Action Risk Type Original Location Computer User Status Current Location Primary Action Secondary Action Logged By Action Description Date and Time
n Trojan.Gen Quarantined File C:\$Recycle.Bin\S-1-5-21-278118735-2729461451-4031961895-15118\$b81e386b92ffe1e1235e942f7d78f505\ AITLUS0625 AITTCalandra Infected Quarantine Clean security risk Quarantine Auto-Protect scan The file was quarantined successfully. 11/12/2012 22:38
n Trojan.Gen Quarantined File C:\$Recycle.Bin\S-1-5-18\$b81e386b92ffe1e1235e942f7d78f505\ AITLUS0625 SYSTEM Infected Quarantine Clean security risk Quarantine Auto-Protect scan The file was quarantined successfully. 11/12/2012 22:38
tsk0000.dta Trojan.Gen.2 Quarantined File C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\ AITLUS0625 AITTCalandra Infected Quarantine Clean security risk Quarantine Auto-Protect scan The file was quarantined successfully. 11/18/2012 21:04
tsk0001.dta Backdoor.Tidserv Restart Required - Cleaned by deletion File C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\ AITLUS0625 AITTCalandra Deleted Deleted Restart Required - Clean security risk Restart Required - Quarantine Auto-Protect scan The file was deleted successfully. 11/18/2012 21:05
tsk0003.dta Backdoor.Tidserv Cleaned by deletion File C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\ AITLUS0625 AITTCalandra Deleted Deleted Clean security risk Quarantine Auto-Protect scan The file was deleted successfully. 11/18/2012 21:05
tsk0007.dta Backdoor.Tidserv Cleaned by deletion File C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\ AITLUS0625 AITTCalandra Deleted Deleted Clean security risk Quarantine Auto-Protect scan The file was deleted successfully. 11/18/2012 21:06
tsk0000.dta Trojan.Gen.2 Quarantined File C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ AITLUS0625 AITTCalandra Infected Quarantine Clean security risk Quarantine Auto-Protect scan The file was quarantined successfully. 11/17/2012 19:06
tsk0008.dta Trojan.Malcol Cleaned by deletion File C:\TDSSKiller_Quarantine\18.11.2012_18.29.27\tdlfs0000\ AITLUS0625 AITTCalandra Deleted Deleted Clean security risk Quarantine Auto-Protect scan The file was deleted successfully. 11/18/2012 21:06
tsk0000.dta Backdoor.Tidserv Pending Analysis File C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ AITLUS0625 AITTCalandra Infected C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ Clean security risk Quarantine Auto-Protect scan 11/17/2012 19:05
tsk0001.dta Backdoor.Tidserv Pending Analysis File C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ AITLUS0625 AITTCalandra Infected C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ Clean security risk Quarantine Auto-Protect scan 11/17/2012 19:05
tsk0004.dta Backdoor.Tidserv Pending Analysis File C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ AITLUS0625 AITTCalandra Infected C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ Clean security risk Quarantine Auto-Protect scan 11/17/2012 19:05
tsk0004.dta Trojan.Malcol Pending Analysis File C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ AITLUS0625 AITTCalandra Infected C:\TDSSKiller_Quarantine\17.11.2012_19.02.47\mbr0000\tdlfs0000\ Clean security risk Quarantine Auto-Protect scan 11/17/2012 19:05
APQ2E1.tmp Backdoor.Tidserv Restart Required - Cleaned by deletion File C:\ProgramData\Symantec\SRTSP\Quarantine\ AITLUS0625 SYSTEM Deleted Deleted Restart Required - Clean security risk Restart Required - Quarantine Auto-Protect scan The file was deleted successfully. 11/17/2012 19:33
APQ2D0.tmp Backdoor.Tidserv Cleaned by deletion File C:\ProgramData\Symantec\SRTSP\Quarantine\ AITLUS0625 SYSTEM Deleted Deleted Clean security risk Quarantine Auto-Protect scan The file was deleted successfully. 11/17/2012 19:34
APQ2E2.tmp Backdoor.Tidserv Cleaned by deletion File C:\ProgramData\Symantec\SRTSP\Quarantine\ AITLUS0625 SYSTEM Deleted Deleted Clean security risk Quarantine Auto-Protect scan The file was deleted successfully. 11/17/2012 19:34
APQ2E3.tmp Trojan.Malcol Cleaned by deletion File C:\ProgramData\Symantec\SRTSP\Quarantine\ AITLUS0625 SYSTEM Deleted Deleted Clean security risk Quarantine Auto-Protect scan The file was deleted successfully. 11/17/2012 19:35
APQ2E1.tmp Backdoor.Tidserv Restart Processing File C:\ProgramData\Symantec\SRTSP\Quarantine\ AITLUS0625 AITTCalandra Infected C:\ProgramData\Symantec\SRTSP\Quarantine\ Delete Leave alone (log only) Auto-Protect scan Performing Post-Reboot Risk Processing. 11/17/2012 20:09
Cookie:aittcalandra@insightexpressai.com/ Tracking Cookies Deleted Trackware Cookie:aittcalandra@insightexpressai.com/ AITLUS0625 AITTCalandra Deleted Deleted Quarantine Leave alone (log only) Manual scan The file was deleted successfully. 11/17/2012 20:21

Edited by Nicksdad, 19 November 2012 - 12:31 AM.


#10 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 12:41 AM

# AdwCleaner v2.008 - Logfile created 11/19/2012 at 00:37:19
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Enterprise Service Pack 1 (64 bits)
# User : AITTCalandra - AITLUS0625
# Boot Mode : Normal
# Running from : C:\Users\AITTCalandra\Music\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.10.9200.16438

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\AITTCalandra\AppData\Roaming\Mozilla\Firefox\Profiles\gfltf139.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [822 octets] - [19/11/2012 00:37:19]

########## EOF - C:\AdwCleaner[S1].txt - [881 octets] ##########

#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:45 PM

Posted 19 November 2012 - 05:58 AM

Re run Tdss killer post New log.


Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe



Download Hitman Pro .

http://dl.surfright.nl/HitmanPro36.exe 32 bit

http://dl.surfright.nl/HitmanPro36_x64.exe 64 bit

Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.




Disable your Antivirus prior to running the tool below.

Download the Emsisoft Emergency Kit
http://download1.emsisoft.com/EmsisoftEmergencyKit.zip

Right click it and extract to your desktop.Double click the New Folder that is created on your desktop
Then right click and run as admin xp users double click on the Start.exe button to launch the program Click on the Emergency Scanner Option
if you see a Windows message asking if you would like EmergencyScanner.bat to run, please allow it to do so by clicking on the Run or Yes buttons.
proceed with the updates,
When it is done, click on the Back to Security Status link.
Then Select the Deep Scan button. Then hit the Scan Button.
After the scan is finished quarantine any found threats and then reboot your machine.
Post the log.

#12 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 09:09 PM

21:06:16.0162 0996 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:06:16.0520 0996 ============================================================
21:06:16.0520 0996 Current date / time: 2012/11/19 21:06:16.0520
21:06:16.0520 0996 SystemInfo:
21:06:16.0520 0996
21:06:16.0520 0996 OS Version: 6.1.7601 ServicePack: 1.0
21:06:16.0520 0996 Product type: Workstation
21:06:16.0520 0996 ComputerName: AITLUS0625
21:06:16.0520 0996 UserName: AITTCalandra
21:06:16.0520 0996 Windows directory: C:\windows
21:06:16.0520 0996 System windows directory: C:\windows
21:06:16.0520 0996 Running under WOW64
21:06:16.0520 0996 Processor architecture: Intel x64
21:06:16.0520 0996 Number of processors: 4
21:06:16.0520 0996 Page size: 0x1000
21:06:16.0520 0996 Boot type: Normal boot
21:06:16.0520 0996 ============================================================
21:06:16.0786 0996 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:06:16.0786 0996 ============================================================
21:06:16.0786 0996 \Device\Harddisk0\DR0:
21:06:16.0786 0996 MBR partitions:
21:06:16.0786 0996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x98767
21:06:16.0786 0996 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x98F67, BlocksNum 0x1D12B61A
21:06:16.0786 0996 ============================================================
21:06:16.0817 0996 C: <-> \Device\Harddisk0\DR0\Partition2
21:06:16.0817 0996 ============================================================
21:06:16.0817 0996 Initialize success
21:06:16.0817 0996 ============================================================
21:06:22.0277 3008 ============================================================
21:06:22.0277 3008 Scan started
21:06:22.0277 3008 Mode: Manual; TDLFS;
21:06:22.0277 3008 ============================================================
21:06:22.0448 3008 ================ Scan system memory ========================
21:06:22.0448 3008 System memory - ok
21:06:22.0448 3008 ================ Scan services =============================
21:06:22.0526 3008 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:06:22.0526 3008 !SASCORE - ok
21:06:22.0713 3008 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:06:22.0713 3008 1394ohci - ok
21:06:22.0745 3008 [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler C:\windows\system32\drivers\accelern.sys
21:06:22.0745 3008 Acceler - ok
21:06:22.0760 3008 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:06:22.0760 3008 ACPI - ok
21:06:22.0776 3008 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:06:22.0776 3008 AcpiPmi - ok
21:06:22.0791 3008 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:06:22.0791 3008 adp94xx - ok
21:06:22.0807 3008 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
21:06:22.0807 3008 adpahci - ok
21:06:22.0807 3008 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:06:22.0807 3008 adpu320 - ok
21:06:22.0854 3008 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:06:22.0854 3008 AeLookupSvc - ok
21:06:22.0901 3008 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
21:06:22.0901 3008 AESTFilters - ok
21:06:23.0025 3008 [ 9203AD68320587889DDDDC0DF6648C29 ] AeXNSClient C:\Program Files (x86)\Altiris\Altiris Agent\AeXNSAgent.exe
21:06:23.0025 3008 AeXNSClient - ok
21:06:23.0057 3008 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:06:23.0072 3008 AFD - ok
21:06:23.0088 3008 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:06:23.0103 3008 agp440 - ok
21:06:23.0103 3008 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:06:23.0103 3008 ALG - ok
21:06:23.0103 3008 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:06:23.0119 3008 aliide - ok
21:06:23.0259 3008 [ BF0F243BF4D81835EDB254C2A9CDEAB4 ] Altiris Deployment Agent C:\Program Files\Altiris\Dagent\dagent.exe
21:06:23.0275 3008 Altiris Deployment Agent - ok
21:06:23.0275 3008 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:06:23.0275 3008 amdide - ok
21:06:23.0275 3008 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:06:23.0275 3008 AmdK8 - ok
21:06:23.0291 3008 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:06:23.0291 3008 AmdPPM - ok
21:06:23.0306 3008 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\windows\system32\drivers\amdsata.sys
21:06:23.0306 3008 amdsata - ok
21:06:23.0322 3008 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:06:23.0337 3008 amdsbs - ok
21:06:23.0353 3008 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:06:23.0353 3008 amdxata - ok
21:06:23.0384 3008 [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
21:06:23.0384 3008 ApfiltrService - ok
21:06:23.0415 3008 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:06:23.0415 3008 AppID - ok
21:06:23.0447 3008 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:06:23.0447 3008 AppIDSvc - ok
21:06:23.0462 3008 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:06:23.0462 3008 Appinfo - ok
21:06:23.0493 3008 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
21:06:23.0493 3008 AppMgmt - ok
21:06:23.0525 3008 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
21:06:23.0525 3008 arc - ok
21:06:23.0525 3008 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
21:06:23.0540 3008 arcsas - ok
21:06:23.0618 3008 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:06:23.0618 3008 aspnet_state - ok
21:06:23.0649 3008 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:06:23.0649 3008 AsyncMac - ok
21:06:23.0649 3008 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:06:23.0649 3008 atapi - ok
21:06:23.0759 3008 [ 3CC3E7786FFD8AF358C40B9CE592F321 ] atashost C:\windows\SysWOW64\atashost.exe
21:06:23.0774 3008 atashost - ok
21:06:23.0805 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:06:23.0805 3008 AudioEndpointBuilder - ok
21:06:23.0821 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:06:23.0821 3008 AudioSrv - ok
21:06:23.0868 3008 [ F7D109AFB1DF146E2CA2304C7E1DCB16 ] awecho C:\windows\syswow64\drivers\awechomd.sys
21:06:23.0868 3008 awecho - ok
21:06:23.0946 3008 [ 64AE9C807B93BA08D63118D01D6FDF2F ] awhost32 C:\Program Files (x86)\Symantec\pcAnywhere\awhost32.exe
21:06:23.0946 3008 awhost32 - ok
21:06:23.0946 3008 [ 9808626EC988C6B7C773589B3B5993A0 ] AW_HOST C:\windows\syswow64\drivers\aw_host5.sys
21:06:23.0946 3008 AW_HOST - ok
21:06:23.0977 3008 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:06:23.0977 3008 AxInstSV - ok
21:06:24.0024 3008 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:06:24.0024 3008 b06bdrv - ok
21:06:24.0071 3008 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:06:24.0071 3008 b57nd60a - ok
21:06:24.0086 3008 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:06:24.0086 3008 BDESVC - ok
21:06:24.0102 3008 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:06:24.0102 3008 Beep - ok
21:06:24.0149 3008 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
21:06:24.0149 3008 BITS - ok
21:06:24.0164 3008 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
21:06:24.0164 3008 blbdrive - ok
21:06:24.0164 3008 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:06:24.0164 3008 bowser - ok
21:06:24.0180 3008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:06:24.0180 3008 BrFiltLo - ok
21:06:24.0195 3008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:06:24.0195 3008 BrFiltUp - ok
21:06:24.0211 3008 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:06:24.0211 3008 Browser - ok
21:06:24.0227 3008 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:06:24.0227 3008 Brserid - ok
21:06:24.0227 3008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:06:24.0227 3008 BrSerWdm - ok
21:06:24.0242 3008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:06:24.0242 3008 BrUsbMdm - ok
21:06:24.0242 3008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:06:24.0242 3008 BrUsbSer - ok
21:06:24.0273 3008 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
21:06:24.0273 3008 BthEnum - ok
21:06:24.0289 3008 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:06:24.0289 3008 BTHMODEM - ok
21:06:24.0320 3008 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:06:24.0336 3008 BthPan - ok
21:06:24.0351 3008 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
21:06:24.0351 3008 BTHPORT - ok
21:06:24.0383 3008 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:06:24.0383 3008 bthserv - ok
21:06:24.0398 3008 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
21:06:24.0398 3008 BTHUSB - ok
21:06:24.0429 3008 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
21:06:24.0429 3008 btwavdt - ok
21:06:24.0445 3008 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\drivers\btwrchid.sys
21:06:24.0445 3008 btwrchid - ok
21:06:24.0507 3008 [ 5E68928BA2412E60FF1C61441313CF8D ] ccEvtMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:06:24.0507 3008 ccEvtMgr - ok
21:06:24.0507 3008 [ 5E68928BA2412E60FF1C61441313CF8D ] ccSetMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:06:24.0507 3008 ccSetMgr - ok
21:06:24.0539 3008 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:06:24.0539 3008 cdfs - ok
21:06:24.0570 3008 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:06:24.0570 3008 cdrom - ok
21:06:24.0570 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:06:24.0570 3008 CertPropSvc - ok
21:06:24.0585 3008 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
21:06:24.0585 3008 circlass - ok
21:06:24.0601 3008 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:06:24.0601 3008 CLFS - ok
21:06:24.0648 3008 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:06:24.0648 3008 clr_optimization_v2.0.50727_32 - ok
21:06:24.0695 3008 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:06:24.0695 3008 clr_optimization_v2.0.50727_64 - ok
21:06:24.0726 3008 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:06:24.0726 3008 clr_optimization_v4.0.30319_32 - ok
21:06:24.0741 3008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:06:24.0741 3008 clr_optimization_v4.0.30319_64 - ok
21:06:24.0773 3008 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
21:06:24.0773 3008 CmBatt - ok
21:06:24.0804 3008 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:06:24.0804 3008 cmdide - ok
21:06:24.0835 3008 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:06:24.0835 3008 CNG - ok
21:06:24.0851 3008 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:06:24.0851 3008 Compbatt - ok
21:06:24.0851 3008 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:06:24.0851 3008 CompositeBus - ok
21:06:24.0851 3008 COMSysApp - ok
21:06:24.0866 3008 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:06:24.0866 3008 crcdisk - ok
21:06:24.0897 3008 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\windows\system32\cryptsvc.dll
21:06:24.0897 3008 CryptSvc - ok
21:06:24.0929 3008 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
21:06:24.0929 3008 CSC - ok
21:06:24.0960 3008 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
21:06:24.0960 3008 CscService - ok
21:06:24.0975 3008 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\windows\system32\Drivers\cvusbdrv.sys
21:06:24.0975 3008 cvusbdrv - ok
21:06:25.0007 3008 [ 1F2D3227A107899914068D1A7D041F01 ] Cwbrxd C:\windows\cwbrxd.exe
21:06:25.0007 3008 Cwbrxd - ok
21:06:25.0053 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:06:25.0053 3008 DcomLaunch - ok
21:06:25.0069 3008 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:06:25.0069 3008 defragsvc - ok
21:06:25.0085 3008 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:06:25.0085 3008 DfsC - ok
21:06:25.0116 3008 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:06:25.0116 3008 Dhcp - ok
21:06:25.0131 3008 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:06:25.0131 3008 discache - ok
21:06:25.0163 3008 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
21:06:25.0163 3008 Disk - ok
21:06:25.0194 3008 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\windows\system32\drivers\dmvsc.sys
21:06:25.0194 3008 dmvsc - ok
21:06:25.0209 3008 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:06:25.0209 3008 Dnscache - ok
21:06:25.0209 3008 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:06:25.0209 3008 dot3svc - ok
21:06:25.0225 3008 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:06:25.0225 3008 DPS - ok
21:06:25.0241 3008 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:06:25.0241 3008 drmkaud - ok
21:06:25.0287 3008 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:06:25.0287 3008 DXGKrnl - ok
21:06:25.0303 3008 [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
21:06:25.0303 3008 e1cexpress - ok
21:06:25.0334 3008 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\windows\system32\DRIVERS\E1G6032E.sys
21:06:25.0334 3008 E1G60 - ok
21:06:25.0365 3008 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:06:25.0365 3008 EapHost - ok
21:06:25.0443 3008 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
21:06:25.0459 3008 ebdrv - ok
21:06:25.0506 3008 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:06:25.0521 3008 eeCtrl - ok
21:06:25.0537 3008 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:06:25.0537 3008 EFS - ok
21:06:25.0599 3008 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:06:25.0599 3008 ehRecvr - ok
21:06:25.0599 3008 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:06:25.0599 3008 ehSched - ok
21:06:25.0630 3008 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:06:25.0630 3008 elxstor - ok
21:06:25.0662 3008 [ 5E68928BA2412E60FF1C61441313CF8D ] EraserSvc11220 c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:06:25.0662 3008 EraserSvc11220 - ok
21:06:25.0693 3008 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:06:25.0693 3008 EraserUtilRebootDrv - ok
21:06:25.0708 3008 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:06:25.0708 3008 ErrDev - ok
21:06:25.0740 3008 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:06:25.0740 3008 EventSystem - ok
21:06:25.0771 3008 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:06:25.0771 3008 exfat - ok
21:06:25.0786 3008 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:06:25.0786 3008 fastfat - ok
21:06:25.0802 3008 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:06:25.0818 3008 Fax - ok
21:06:25.0818 3008 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
21:06:25.0818 3008 fdc - ok
21:06:25.0833 3008 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:06:25.0833 3008 fdPHost - ok
21:06:25.0849 3008 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:06:25.0849 3008 FDResPub - ok
21:06:25.0849 3008 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:06:25.0864 3008 FileInfo - ok
21:06:25.0864 3008 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:06:25.0864 3008 Filetrace - ok
21:06:25.0880 3008 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:06:25.0880 3008 flpydisk - ok
21:06:25.0896 3008 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:06:25.0896 3008 FltMgr - ok
21:06:25.0927 3008 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\windows\system32\FntCache.dll
21:06:25.0942 3008 FontCache - ok
21:06:25.0974 3008 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:06:25.0974 3008 FontCache3.0.0.0 - ok
21:06:26.0005 3008 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:06:26.0005 3008 FsDepends - ok
21:06:26.0036 3008 [ CD83AD71000B23735B8FB42522E7F05A ] FSLX C:\windows\system32\drivers\fslx.sys
21:06:26.0036 3008 FSLX - ok
21:06:26.0067 3008 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:06:26.0067 3008 Fs_Rec - ok
21:06:26.0083 3008 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:06:26.0083 3008 fvevol - ok
21:06:26.0098 3008 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:06:26.0098 3008 gagp30kx - ok
21:06:26.0145 3008 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:06:26.0145 3008 gpsvc - ok
21:06:26.0176 3008 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:06:26.0176 3008 hcw85cir - ok
21:06:26.0192 3008 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:06:26.0192 3008 HDAudBus - ok
21:06:26.0208 3008 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:06:26.0208 3008 HidBatt - ok
21:06:26.0208 3008 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:06:26.0208 3008 HidBth - ok
21:06:26.0223 3008 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
21:06:26.0223 3008 HidIr - ok
21:06:26.0239 3008 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
21:06:26.0239 3008 hidserv - ok
21:06:26.0239 3008 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
21:06:26.0239 3008 HidUsb - ok
21:06:26.0254 3008 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:06:26.0254 3008 hkmsvc - ok
21:06:26.0270 3008 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:06:26.0270 3008 HomeGroupListener - ok
21:06:26.0301 3008 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:06:26.0301 3008 HomeGroupProvider - ok
21:06:26.0317 3008 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:06:26.0317 3008 HpSAMD - ok
21:06:26.0348 3008 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:06:26.0364 3008 HTTP - ok
21:06:26.0379 3008 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:06:26.0379 3008 hwpolicy - ok
21:06:26.0395 3008 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:06:26.0395 3008 i8042prt - ok
21:06:26.0410 3008 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\drivers\iaStor.sys
21:06:26.0410 3008 iaStor - ok
21:06:26.0442 3008 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:06:26.0442 3008 iaStorV - ok
21:06:26.0488 3008 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:06:26.0504 3008 idsvc - ok
21:06:26.0707 3008 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:06:26.0878 3008 igfx - ok
21:06:26.0894 3008 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:06:26.0894 3008 iirsp - ok
21:06:26.0925 3008 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:06:26.0925 3008 IKEEXT - ok
21:06:26.0941 3008 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\drivers\Impcd.sys
21:06:26.0941 3008 Impcd - ok
21:06:26.0988 3008 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:06:26.0988 3008 IntcDAud - ok
21:06:26.0988 3008 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:06:26.0988 3008 intelide - ok
21:06:27.0019 3008 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:06:27.0019 3008 intelppm - ok
21:06:27.0034 3008 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:06:27.0034 3008 IPBusEnum - ok
21:06:27.0066 3008 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:06:27.0066 3008 IpFilterDriver - ok
21:06:27.0066 3008 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:06:27.0066 3008 IPMIDRV - ok
21:06:27.0081 3008 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:06:27.0081 3008 IPNAT - ok
21:06:27.0097 3008 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:06:27.0097 3008 IRENUM - ok
21:06:27.0112 3008 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:06:27.0112 3008 isapnp - ok
21:06:27.0128 3008 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:06:27.0128 3008 iScsiPrt - ok
21:06:27.0144 3008 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
21:06:27.0144 3008 kbdclass - ok
21:06:27.0159 3008 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
21:06:27.0159 3008 kbdhid - ok
21:06:27.0159 3008 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:06:27.0159 3008 KeyIso - ok
21:06:27.0190 3008 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:06:27.0190 3008 KSecDD - ok
21:06:27.0222 3008 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:06:27.0222 3008 KSecPkg - ok
21:06:27.0237 3008 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:06:27.0237 3008 ksthunk - ok
21:06:27.0268 3008 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:06:27.0284 3008 KtmRm - ok
21:06:27.0315 3008 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
21:06:27.0315 3008 LanmanServer - ok
21:06:27.0315 3008 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:06:27.0331 3008 LanmanWorkstation - ok
21:06:27.0471 3008 [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
21:06:27.0487 3008 LiveUpdate - ok
21:06:27.0502 3008 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:06:27.0502 3008 lltdio - ok
21:06:27.0534 3008 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:06:27.0534 3008 lltdsvc - ok
21:06:27.0549 3008 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:06:27.0549 3008 lmhosts - ok
21:06:27.0580 3008 Lotus Notes Diagnostics - ok
21:06:27.0612 3008 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:06:27.0612 3008 LSI_FC - ok
21:06:27.0612 3008 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:06:27.0612 3008 LSI_SAS - ok
21:06:27.0612 3008 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:06:27.0612 3008 LSI_SAS2 - ok
21:06:27.0627 3008 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:06:27.0627 3008 LSI_SCSI - ok
21:06:27.0643 3008 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:06:27.0643 3008 luafv - ok
21:06:27.0674 3008 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:06:27.0674 3008 Mcx2Svc - ok
21:06:27.0690 3008 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
21:06:27.0690 3008 megasas - ok
21:06:27.0690 3008 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:06:27.0690 3008 MegaSR - ok
21:06:27.0705 3008 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\drivers\HECIx64.sys
21:06:27.0705 3008 MEIx64 - ok
21:06:27.0752 3008 Microsoft SharePoint Workspace Audit Service - ok
21:06:27.0783 3008 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:06:27.0783 3008 MMCSS - ok
21:06:27.0799 3008 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:06:27.0799 3008 Modem - ok
21:06:27.0814 3008 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:06:27.0814 3008 monitor - ok
21:06:27.0830 3008 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:06:27.0830 3008 mouclass - ok
21:06:27.0846 3008 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
21:06:27.0846 3008 mouhid - ok
21:06:27.0861 3008 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:06:27.0861 3008 mountmgr - ok
21:06:27.0908 3008 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:06:27.0908 3008 MozillaMaintenance - ok
21:06:27.0924 3008 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:06:27.0924 3008 mpio - ok
21:06:27.0939 3008 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:06:27.0939 3008 mpsdrv - ok
21:06:27.0939 3008 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:06:27.0939 3008 MRxDAV - ok
21:06:27.0955 3008 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:06:27.0955 3008 mrxsmb - ok
21:06:27.0986 3008 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:06:27.0986 3008 mrxsmb10 - ok
21:06:28.0002 3008 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:06:28.0002 3008 mrxsmb20 - ok
21:06:28.0017 3008 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:06:28.0017 3008 msahci - ok
21:06:28.0017 3008 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:06:28.0017 3008 msdsm - ok
21:06:28.0048 3008 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:06:28.0048 3008 MSDTC - ok
21:06:28.0080 3008 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:06:28.0080 3008 Msfs - ok
21:06:28.0080 3008 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:06:28.0080 3008 mshidkmdf - ok
21:06:28.0111 3008 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:06:28.0111 3008 msisadrv - ok
21:06:28.0142 3008 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:06:28.0142 3008 MSiSCSI - ok
21:06:28.0158 3008 msiserver - ok
21:06:28.0158 3008 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:06:28.0158 3008 MSKSSRV - ok
21:06:28.0173 3008 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:06:28.0173 3008 MSPCLOCK - ok
21:06:28.0189 3008 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:06:28.0189 3008 MSPQM - ok
21:06:28.0204 3008 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:06:28.0204 3008 MsRPC - ok
21:06:28.0236 3008 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:06:28.0236 3008 mssmbios - ok
21:06:28.0251 3008 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:06:28.0251 3008 MSTEE - ok
21:06:28.0267 3008 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:06:28.0267 3008 MTConfig - ok
21:06:28.0267 3008 Multi-user Cleanup Service - ok
21:06:28.0282 3008 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:06:28.0282 3008 Mup - ok
21:06:28.0314 3008 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:06:28.0314 3008 napagent - ok
21:06:28.0345 3008 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:06:28.0345 3008 NativeWifiP - ok
21:06:28.0454 3008 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20121119.017\ENG64.SYS
21:06:28.0454 3008 NAVENG - ok
21:06:28.0501 3008 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20121119.017\EX64.SYS
21:06:28.0516 3008 NAVEX15 - ok
21:06:28.0548 3008 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
21:06:28.0548 3008 NDIS - ok
21:06:28.0579 3008 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:06:28.0579 3008 NdisCap - ok
21:06:28.0610 3008 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:06:28.0610 3008 NdisTapi - ok
21:06:28.0626 3008 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:06:28.0626 3008 Ndisuio - ok
21:06:28.0641 3008 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:06:28.0641 3008 NdisWan - ok
21:06:28.0657 3008 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:06:28.0657 3008 NDProxy - ok
21:06:28.0672 3008 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:06:28.0672 3008 NetBIOS - ok
21:06:28.0688 3008 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:06:28.0688 3008 NetBT - ok
21:06:28.0704 3008 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:06:28.0704 3008 Netlogon - ok
21:06:28.0719 3008 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:06:28.0735 3008 Netman - ok
21:06:28.0750 3008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:28.0750 3008 NetMsmqActivator - ok
21:06:28.0766 3008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:28.0766 3008 NetPipeActivator - ok
21:06:28.0782 3008 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:06:28.0782 3008 netprofm - ok
21:06:28.0797 3008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:28.0797 3008 NetTcpActivator - ok
21:06:28.0797 3008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:06:28.0797 3008 NetTcpPortSharing - ok
21:06:28.0953 3008 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
21:06:29.0016 3008 NETwNs64 - ok
21:06:29.0031 3008 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:06:29.0031 3008 nfrd960 - ok
21:06:29.0078 3008 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
21:06:29.0078 3008 NlaSvc - ok
21:06:29.0125 3008 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:06:29.0125 3008 Npfs - ok
21:06:29.0140 3008 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:06:29.0140 3008 nsi - ok
21:06:29.0156 3008 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:06:29.0156 3008 nsiproxy - ok
21:06:29.0203 3008 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:06:29.0203 3008 Ntfs - ok
21:06:29.0250 3008 [ 07953351A3424BAA50FC5C4A1434FB04 ] NTI BackupNowEZSvr C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
21:06:29.0250 3008 NTI BackupNowEZSvr - ok
21:06:29.0265 3008 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\windows\system32\drivers\NTIDrvr.sys
21:06:29.0265 3008 NTIDrvr - ok
21:06:29.0281 3008 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:06:29.0281 3008 Null - ok
21:06:29.0312 3008 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
21:06:29.0312 3008 NVHDA - ok
21:06:29.0328 3008 [ D6DD6F3A6A0C58B95119E0633564988E ] nvkflt C:\windows\system32\DRIVERS\nvkflt.sys
21:06:29.0343 3008 nvkflt - ok
21:06:29.0624 3008 [ 0DEC98637ED9CE8FA02E45AB7D813826 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
21:06:29.0827 3008 nvlddmkm - ok
21:06:29.0874 3008 [ 4499C49459FD803ADAFB7107F329C1F9 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
21:06:29.0874 3008 nvpciflt - ok
21:06:29.0905 3008 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\windows\system32\drivers\nvraid.sys
21:06:29.0905 3008 nvraid - ok
21:06:29.0920 3008 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\windows\system32\drivers\nvstor.sys
21:06:29.0920 3008 nvstor - ok
21:06:29.0967 3008 [ 299D89CDC66C7B294F2E756673138C8E ] NVSvc C:\windows\system32\nvvsvc.exe
21:06:29.0967 3008 NVSvc - ok
21:06:29.0967 3008 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:06:29.0983 3008 nv_agp - ok
21:06:29.0998 3008 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\windows\system32\DRIVERS\o2flash.exe
21:06:29.0998 3008 O2FLASH - ok
21:06:30.0014 3008 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\windows\system32\drivers\O2MDFw7x64.sys
21:06:30.0030 3008 O2MDFRDR - ok
21:06:30.0030 3008 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\windows\system32\drivers\O2MDRw7x64.sys
21:06:30.0030 3008 O2MDRRDR - ok
21:06:30.0045 3008 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\windows\system32\drivers\o2sdjw7x64.sys
21:06:30.0045 3008 O2SDJRDR - ok
21:06:30.0045 3008 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:06:30.0045 3008 ohci1394 - ok
21:06:30.0108 3008 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:06:30.0108 3008 ose - ok
21:06:30.0264 3008 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:06:30.0295 3008 osppsvc - ok
21:06:30.0326 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:06:30.0326 3008 p2pimsvc - ok
21:06:30.0373 3008 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:06:30.0373 3008 p2psvc - ok
21:06:30.0373 3008 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
21:06:30.0388 3008 Parport - ok
21:06:30.0420 3008 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:06:30.0420 3008 partmgr - ok
21:06:30.0435 3008 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:06:30.0435 3008 PcaSvc - ok
21:06:30.0435 3008 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:06:30.0435 3008 pci - ok
21:06:30.0451 3008 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:06:30.0451 3008 pciide - ok
21:06:30.0466 3008 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:06:30.0466 3008 pcmcia - ok
21:06:30.0498 3008 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:06:30.0498 3008 pcw - ok
21:06:30.0513 3008 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:06:30.0513 3008 PEAUTH - ok
21:06:30.0544 3008 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
21:06:30.0544 3008 PeerDistSvc - ok
21:06:30.0622 3008 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:06:30.0622 3008 PerfHost - ok
21:06:30.0669 3008 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:06:30.0685 3008 pla - ok
21:06:30.0716 3008 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:06:30.0716 3008 PlugPlay - ok
21:06:30.0716 3008 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:06:30.0732 3008 PNRPAutoReg - ok
21:06:30.0732 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:06:30.0732 3008 PNRPsvc - ok
21:06:30.0763 3008 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:06:30.0763 3008 PolicyAgent - ok
21:06:30.0778 3008 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:06:30.0794 3008 Power - ok
21:06:30.0825 3008 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:06:30.0825 3008 PptpMiniport - ok
21:06:30.0856 3008 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
21:06:30.0856 3008 Processor - ok
21:06:30.0872 3008 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
21:06:30.0872 3008 ProfSvc - ok
21:06:30.0888 3008 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:06:30.0888 3008 ProtectedStorage - ok
21:06:30.0903 3008 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:06:30.0903 3008 Psched - ok
21:06:30.0934 3008 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:06:30.0950 3008 ql2300 - ok
21:06:30.0966 3008 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:06:30.0966 3008 ql40xx - ok
21:06:30.0997 3008 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:06:30.0997 3008 QWAVE - ok
21:06:31.0012 3008 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:06:31.0028 3008 QWAVEdrv - ok
21:06:31.0044 3008 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:06:31.0044 3008 RasAcd - ok
21:06:31.0075 3008 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:06:31.0075 3008 RasAgileVpn - ok
21:06:31.0090 3008 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:06:31.0090 3008 RasAuto - ok
21:06:31.0106 3008 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:06:31.0106 3008 Rasl2tp - ok
21:06:31.0153 3008 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:06:31.0153 3008 RasMan - ok
21:06:31.0168 3008 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:06:31.0168 3008 RasPppoe - ok
21:06:31.0184 3008 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:06:31.0184 3008 RasSstp - ok
21:06:31.0200 3008 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:06:31.0200 3008 rdbss - ok
21:06:31.0215 3008 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:06:31.0215 3008 rdpbus - ok
21:06:31.0231 3008 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:06:31.0231 3008 RDPCDD - ok
21:06:31.0246 3008 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
21:06:31.0246 3008 RDPDR - ok
21:06:31.0278 3008 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:06:31.0278 3008 RDPENCDD - ok
21:06:31.0309 3008 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:06:31.0309 3008 RDPREFMP - ok
21:06:31.0324 3008 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
21:06:31.0324 3008 RdpVideoMiniport - ok
21:06:31.0356 3008 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:06:31.0356 3008 RDPWD - ok
21:06:31.0371 3008 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:06:31.0371 3008 rdyboost - ok
21:06:31.0402 3008 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:06:31.0402 3008 RemoteAccess - ok
21:06:31.0434 3008 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:06:31.0434 3008 RemoteRegistry - ok
21:06:31.0449 3008 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
21:06:31.0449 3008 RFCOMM - ok
21:06:31.0465 3008 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys
21:06:31.0465 3008 RimUsb - ok
21:06:31.0496 3008 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
21:06:31.0496 3008 RimVSerPort - ok
21:06:31.0527 3008 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
21:06:31.0527 3008 ROOTMODEM - ok
21:06:31.0543 3008 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:06:31.0543 3008 RpcEptMapper - ok
21:06:31.0558 3008 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:06:31.0558 3008 RpcLocator - ok
21:06:31.0590 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:06:31.0590 3008 RpcSs - ok
21:06:31.0605 3008 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:06:31.0605 3008 rspndr - ok
21:06:31.0636 3008 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\windows\system32\drivers\vms3cap.sys
21:06:31.0636 3008 s3cap - ok
21:06:31.0652 3008 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:06:31.0652 3008 SamSs - ok
21:06:31.0683 3008 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:06:31.0683 3008 SASDIFSV - ok
21:06:31.0699 3008 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:06:31.0699 3008 SASKUTIL - ok
21:06:31.0714 3008 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:06:31.0714 3008 sbp2port - ok
21:06:31.0746 3008 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:06:31.0746 3008 SCardSvr - ok
21:06:31.0761 3008 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:06:31.0761 3008 scfilter - ok
21:06:31.0792 3008 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:06:31.0808 3008 Schedule - ok
21:06:31.0839 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:06:31.0839 3008 SCPolicySvc - ok
21:06:31.0855 3008 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:06:31.0855 3008 SDRSVC - ok
21:06:31.0870 3008 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:06:31.0870 3008 secdrv - ok
21:06:31.0886 3008 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:06:31.0886 3008 seclogon - ok
21:06:31.0902 3008 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
21:06:31.0917 3008 SENS - ok
21:06:31.0933 3008 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:06:31.0933 3008 SensrSvc - ok
21:06:31.0948 3008 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:06:31.0948 3008 Serenum - ok
21:06:31.0948 3008 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:06:31.0964 3008 Serial - ok
21:06:31.0980 3008 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
21:06:31.0980 3008 sermouse - ok
21:06:32.0011 3008 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:06:32.0011 3008 SessionEnv - ok
21:06:32.0011 3008 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:06:32.0026 3008 sffdisk - ok
21:06:32.0026 3008 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:06:32.0026 3008 sffp_mmc - ok
21:06:32.0026 3008 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:06:32.0026 3008 sffp_sd - ok
21:06:32.0042 3008 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:06:32.0042 3008 sfloppy - ok
21:06:32.0058 3008 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:06:32.0058 3008 ShellHWDetection - ok
21:06:32.0089 3008 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:06:32.0089 3008 SiSRaid2 - ok
21:06:32.0089 3008 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:06:32.0089 3008 SiSRaid4 - ok
21:06:32.0104 3008 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:06:32.0104 3008 Smb - ok
21:06:32.0214 3008 [ 48BFC901748A6CBDBCADD7991C867060 ] SmcService c:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
21:06:32.0214 3008 SmcService - ok
21:06:32.0260 3008 [ 767DE5FFE38B673C03551F50D96EBA0B ] SNAC c:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
21:06:32.0260 3008 SNAC - ok
21:06:32.0292 3008 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:06:32.0292 3008 SNMPTRAP - ok
21:06:32.0307 3008 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:06:32.0307 3008 spldr - ok
21:06:32.0338 3008 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
21:06:32.0338 3008 Spooler - ok
21:06:32.0401 3008 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:06:32.0416 3008 sppsvc - ok
21:06:32.0448 3008 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:06:32.0448 3008 sppuinotify - ok
21:06:32.0479 3008 [ B531FC8918DCDAAE638511A123C3465E ] SRTSP C:\windows\system32\Drivers\SRTSP64.SYS
21:06:32.0479 3008 SRTSP - ok
21:06:32.0494 3008 [ 2BD3A73D0601320B72486FC3EBC2544F ] SRTSPL C:\windows\system32\Drivers\SRTSPL64.SYS
21:06:32.0510 3008 SRTSPL - ok
21:06:32.0510 3008 [ 529B337C1AEEB289F0B502EB0EE6A8F5 ] SRTSPX C:\windows\system32\Drivers\SRTSPX64.SYS
21:06:32.0510 3008 SRTSPX - ok
21:06:32.0557 3008 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:06:32.0557 3008 srv - ok
21:06:32.0572 3008 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:06:32.0572 3008 srv2 - ok
21:06:32.0588 3008 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:06:32.0604 3008 srvnet - ok
21:06:32.0619 3008 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:06:32.0619 3008 SSDPSRV - ok
21:06:32.0635 3008 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:06:32.0635 3008 SstpSvc - ok
21:06:32.0697 3008 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:06:32.0697 3008 STacSV - ok
21:06:32.0728 3008 [ E4EA2412FB1B8AEE33667A9CC6D456A4 ] stdcfltn C:\windows\system32\DRIVERS\stdcfltn.sys
21:06:32.0728 3008 stdcfltn - ok
21:06:32.0791 3008 [ AE937A7138EB60AA8D8C7ED305AD28B9 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:06:32.0791 3008 Stereo Service - ok
21:06:32.0806 3008 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
21:06:32.0806 3008 stexstor - ok
21:06:32.0838 3008 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
21:06:32.0838 3008 STHDA - ok
21:06:32.0884 3008 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:06:32.0884 3008 stisvc - ok
21:06:32.0916 3008 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\windows\system32\drivers\vmstorfl.sys
21:06:32.0916 3008 storflt - ok
21:06:32.0947 3008 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
21:06:32.0947 3008 StorSvc - ok
21:06:32.0962 3008 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\windows\system32\drivers\storvsc.sys
21:06:32.0962 3008 storvsc - ok
21:06:32.0994 3008 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:06:32.0994 3008 swenum - ok
21:06:32.0994 3008 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:06:33.0009 3008 swprv - ok
21:06:33.0056 3008 [ D880FBD65B6F4885AC89628225B91398 ] Symantec AntiVirus c:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
21:06:33.0056 3008 Symantec AntiVirus - ok
21:06:33.0072 3008 [ D1F1A5E72E33D6BE449F5F1F4A513DD1 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
21:06:33.0072 3008 SymEvent - ok
21:06:33.0103 3008 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\windows\system32\drivers\Synth3dVsc.sys
21:06:33.0103 3008 Synth3dVsc - ok
21:06:33.0134 3008 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:06:33.0150 3008 SysMain - ok
21:06:33.0181 3008 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:06:33.0181 3008 TabletInputService - ok
21:06:33.0212 3008 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:06:33.0212 3008 TapiSrv - ok
21:06:33.0243 3008 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:06:33.0243 3008 TBS - ok
21:06:33.0243 3008 [ 08228AC4B3EEF0DEE3D38D239692E510 ] tcm C:\windows\system32\drivers\tcm.sys
21:06:33.0243 3008 tcm - ok
21:06:33.0337 3008 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:06:33.0352 3008 Tcpip - ok
21:06:33.0368 3008 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:06:33.0368 3008 TCPIP6 - ok
21:06:33.0399 3008 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:06:33.0415 3008 tcpipreg - ok
21:06:33.0430 3008 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:06:33.0430 3008 TDPIPE - ok
21:06:33.0446 3008 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:06:33.0446 3008 TDTCP - ok
21:06:33.0477 3008 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:06:33.0477 3008 tdx - ok
21:06:33.0493 3008 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:06:33.0493 3008 TermDD - ok
21:06:33.0508 3008 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\windows\system32\drivers\terminpt.sys
21:06:33.0508 3008 terminpt - ok
21:06:33.0539 3008 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:06:33.0555 3008 TermService - ok
21:06:33.0555 3008 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:06:33.0571 3008 Themes - ok
21:06:33.0602 3008 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:06:33.0602 3008 THREADORDER - ok
21:06:33.0695 3008 [ CF77958AB434B51CA3595FB2AA0B144A ] TracSrvWrapper c:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
21:06:33.0727 3008 TracSrvWrapper - ok
21:06:33.0758 3008 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:06:33.0758 3008 TrkWks - ok
21:06:33.0820 3008 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:06:33.0820 3008 TrustedInstaller - ok
21:06:33.0851 3008 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:06:33.0851 3008 tssecsrv - ok
21:06:33.0867 3008 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:06:33.0867 3008 TsUsbFlt - ok
21:06:33.0867 3008 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:06:33.0867 3008 TsUsbGD - ok
21:06:33.0883 3008 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\windows\system32\drivers\tsusbhub.sys
21:06:33.0883 3008 tsusbhub - ok
21:06:33.0898 3008 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:06:33.0898 3008 tunnel - ok
21:06:33.0898 3008 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:06:33.0898 3008 uagp35 - ok
21:06:33.0929 3008 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\windows\system32\drivers\UBHelper.sys
21:06:33.0929 3008 UBHelper - ok
21:06:33.0945 3008 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:06:33.0945 3008 udfs - ok
21:06:33.0992 3008 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:06:33.0992 3008 UI0Detect - ok
21:06:34.0007 3008 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:06:34.0007 3008 uliagpkx - ok
21:06:34.0023 3008 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:06:34.0039 3008 umbus - ok
21:06:34.0039 3008 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
21:06:34.0039 3008 UmPass - ok
21:06:34.0054 3008 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
21:06:34.0054 3008 UmRdpService - ok
21:06:34.0070 3008 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:06:34.0070 3008 upnphost - ok
21:06:34.0101 3008 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:06:34.0101 3008 usbccgp - ok
21:06:34.0117 3008 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:06:34.0117 3008 usbcir - ok
21:06:34.0132 3008 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\windows\system32\drivers\usbehci.sys
21:06:34.0132 3008 usbehci - ok
21:06:34.0148 3008 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:06:34.0148 3008 usbhub - ok
21:06:34.0148 3008 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:06:34.0148 3008 usbohci - ok
21:06:34.0163 3008 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
21:06:34.0163 3008 usbprint - ok
21:06:34.0195 3008 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:06:34.0195 3008 usbscan - ok
21:06:34.0226 3008 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\windows\system32\DRIVERS\usbser.sys
21:06:34.0226 3008 usbser - ok
21:06:34.0273 3008 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:06:34.0273 3008 USBSTOR - ok
21:06:34.0288 3008 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:06:34.0288 3008 usbuhci - ok
21:06:34.0319 3008 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:06:34.0319 3008 usbvideo - ok
21:06:34.0351 3008 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:06:34.0351 3008 UxSms - ok
21:06:34.0351 3008 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:06:34.0351 3008 VaultSvc - ok
21:06:34.0366 3008 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:06:34.0366 3008 vdrvroot - ok
21:06:34.0397 3008 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:06:34.0397 3008 vds - ok
21:06:34.0413 3008 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:06:34.0413 3008 vga - ok
21:06:34.0413 3008 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:06:34.0413 3008 VgaSave - ok
21:06:34.0413 3008 VGPU - ok
21:06:34.0429 3008 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:06:34.0429 3008 vhdmp - ok
21:06:34.0444 3008 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:06:34.0444 3008 viaide - ok
21:06:34.0444 3008 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\windows\system32\drivers\vmbus.sys
21:06:34.0460 3008 vmbus - ok
21:06:34.0460 3008 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
21:06:34.0460 3008 VMBusHID - ok
21:06:34.0491 3008 [ A96AFA32F73C065B9AE9D1554CDD00FC ] vna_ap C:\windows\system32\DRIVERS\vnaap.sys
21:06:34.0491 3008 vna_ap - ok
21:06:34.0507 3008 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:06:34.0507 3008 volmgr - ok
21:06:34.0538 3008 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:06:34.0538 3008 volmgrx - ok
21:06:34.0553 3008 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:06:34.0553 3008 volsnap - ok
21:06:34.0585 3008 [ 3BADB92F3E94EC0C7851DF03482C0187 ] vsdatant C:\windows\system32\DRIVERS\vsdatant.sys
21:06:34.0585 3008 vsdatant - ok
21:06:34.0600 3008 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:06:34.0600 3008 vsmraid - ok
21:06:34.0663 3008 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:06:34.0663 3008 VSS - ok
21:06:34.0694 3008 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:06:34.0694 3008 vwifibus - ok
21:06:34.0709 3008 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:06:34.0709 3008 vwififlt - ok
21:06:34.0725 3008 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:06:34.0725 3008 W32Time - ok
21:06:34.0756 3008 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:06:34.0756 3008 WacomPen - ok
21:06:34.0772 3008 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:06:34.0772 3008 WANARP - ok
21:06:34.0772 3008 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:06:34.0772 3008 Wanarpv6 - ok
21:06:34.0819 3008 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:06:34.0834 3008 WatAdminSvc - ok
21:06:34.0881 3008 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:06:34.0897 3008 wbengine - ok
21:06:34.0912 3008 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:06:34.0912 3008 WbioSrvc - ok
21:06:34.0928 3008 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:06:34.0928 3008 wcncsvc - ok
21:06:34.0943 3008 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:06:34.0943 3008 WcsPlugInService - ok
21:06:34.0990 3008 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
21:06:34.0990 3008 Wd - ok
21:06:35.0021 3008 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:06:35.0021 3008 Wdf01000 - ok
21:06:35.0037 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:06:35.0037 3008 WdiServiceHost - ok
21:06:35.0037 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:06:35.0037 3008 WdiSystemHost - ok
21:06:35.0084 3008 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:06:35.0084 3008 WebClient - ok
21:06:35.0099 3008 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:06:35.0099 3008 Wecsvc - ok
21:06:35.0115 3008 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:06:35.0115 3008 wercplsupport - ok
21:06:35.0131 3008 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:06:35.0131 3008 WerSvc - ok
21:06:35.0146 3008 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:06:35.0146 3008 WfpLwf - ok
21:06:35.0162 3008 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:06:35.0162 3008 WIMMount - ok
21:06:35.0177 3008 WinHttpAutoProxySvc - ok
21:06:35.0209 3008 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:06:35.0209 3008 Winmgmt - ok
21:06:35.0271 3008 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:06:35.0287 3008 WinRM - ok
21:06:35.0318 3008 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUSB.sys
21:06:35.0318 3008 WinUsb - ok
21:06:35.0365 3008 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:06:35.0365 3008 Wlansvc - ok
21:06:35.0380 3008 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:06:35.0380 3008 WmiAcpi - ok
21:06:35.0396 3008 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:06:35.0396 3008 wmiApSrv - ok
21:06:35.0427 3008 WMPNetworkSvc - ok
21:06:35.0443 3008 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:06:35.0443 3008 WPCSvc - ok
21:06:35.0458 3008 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:06:35.0458 3008 WPDBusEnum - ok
21:06:35.0474 3008 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:06:35.0474 3008 ws2ifsl - ok
21:06:35.0489 3008 WSearch - ok
21:06:35.0552 3008 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\windows\system32\wuaueng.dll
21:06:35.0567 3008 wuauserv - ok
21:06:35.0567 3008 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:06:35.0567 3008 WudfPf - ok
21:06:35.0599 3008 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:06:35.0599 3008 WUDFRd - ok
21:06:35.0614 3008 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:06:35.0614 3008 wudfsvc - ok
21:06:35.0630 3008 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:06:35.0630 3008 WwanSvc - ok
21:06:35.0661 3008 ================ Scan global ===============================
21:06:35.0677 3008 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:06:35.0708 3008 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
21:06:35.0708 3008 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
21:06:35.0739 3008 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:06:35.0770 3008 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:06:35.0770 3008 [Global] - ok
21:06:35.0770 3008 ================ Scan MBR ==================================
21:06:35.0786 3008 [ C9BF916068238D16F510107A5AD6B482 ] \Device\Harddisk0\DR0
21:06:36.0519 3008 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:06:36.0519 3008 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:06:36.0519 3008 ================ Scan VBR ==================================
21:06:36.0535 3008 [ 5ACAE6D26E552C9E48CED172CD715FB3 ] \Device\Harddisk0\DR0\Partition1
21:06:36.0535 3008 \Device\Harddisk0\DR0\Partition1 - ok
21:06:36.0550 3008 [ 83AE3F289F0EBE9B997C0F026E5574BE ] \Device\Harddisk0\DR0\Partition2
21:06:36.0550 3008 \Device\Harddisk0\DR0\Partition2 - ok
21:06:36.0550 3008 ============================================================
21:06:36.0550 3008 Scan finished
21:06:36.0550 3008 ============================================================
21:06:36.0550 4808 Detected object count: 1
21:06:36.0550 4808 Actual detected object count: 1
21:06:45.0582 4808 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
21:06:45.0614 4808 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
21:06:45.0645 4808 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
21:06:45.0645 4808 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
21:06:45.0660 4808 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
21:06:45.0660 4808 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
21:06:45.0660 4808 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
21:06:45.0692 4808 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:06:45.0707 4808 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:06:45.0707 4808 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
21:06:45.0707 4808 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
21:06:45.0723 4808 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
21:06:45.0723 4808 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:45 PM

Posted 19 November 2012 - 09:14 PM

Re-run Tdss killer and select delete for the item below and continue with the other scans.
21:06:45.0723 4808 \Device\Harddisk0\DR0 ( TDSS File System )

#14 Nicksdad

Nicksdad
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 19 November 2012 - 10:00 PM

I downloaded Norman a few times, but when it launches it keeps telling me it's corrupted. The first time I accidentally clicked on it before it fully downloaded, so I don't know if this caused a permanent issue.

#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:45 PM

Posted 19 November 2012 - 10:02 PM

Skip Norman and run this tool instead in safemode with networking.



Download the Emsisoft Emergency Kit
http://download1.emsisoft.com/EmsisoftEmergencyKit.zip

Right click it and extract to your desktop.Double click the New Folder that is created on your desktop
Then right click and run as admin xp users double click on the Start.exe button to launch the program Click on the Emergency Scanner Option
if you see a Windows message asking if you would like EmergencyScanner.bat to run, please allow it to do so by clicking on the Run or Yes buttons.
proceed with the updates,
When it is done, click on the Back to Security Status link.
Then Select the Deep Scan button. Then hit the Scan Button.
After the scan is finished quarantine any found threats and then reboot your machine.
Post the log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users