Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got rid of infections, but wants reassurance


  • This topic is locked This topic is locked
31 replies to this topic

#1 Mkrl7

Mkrl7

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 21 November 2012 - 12:41 PM

I ran Malwarebytes and removed 4 infections, and I also ran HijackThis after i restarted my computer and I wanted to make sure that everything is fine:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:24:41 AM, on 11/20/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hp\Button Manager\BM.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Avast\AvastUI.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGo.exe
C:\Hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
C:\PROGRA~2\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [avast5] "C:\Program Files (x86)\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "J:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Button Manager.lnk = C:\Program Files (x86)\Hp\Button Manager\BM.exe
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\24897~1.175\{61d8b~1\browse~1.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files (x86)\Avast\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files (x86)\Avast\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files (x86)\Avast\AvastSvc.exe
O23 - Service: AVG Firewall (avgfws) - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (file missing)
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15727 bytes

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 21 November 2012 - 10:05 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Mkrl7

Mkrl7
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 22 November 2012 - 05:54 PM

Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Norton Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java 7 Update 9
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X (10.1.4)
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
S.Azad-HP Desktop MalwareBytes Malwarebytes' Anti-Malware\mbamscheduler.exe
S.Azad-HP Desktop MalwareBytes Malwarebytes' Anti-Malware\csgo.exe
Symantec Norton Online Backup NOBuAgent.exe
Avast AvastSvc.exe
Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by S at 14:34:36 on 2012-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1589 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Hp\Button Manager\BM.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Avast\AvastUI.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskmgr.exe
C:\Users\S.Azad-HP\Desktop\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\S.Azad-HP\Desktop\GTA SA\GTA San Andreas\gta_sa.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [avast5] "C:\Program Files (x86)\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPBUTT~1.LNK - C:\Program Files (x86)\Hp\Button Manager\BM.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOBILE~1.LNK - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{02AA1400-8391-4D88-AB9C-80B3A6A6AE6D} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{4A9A3272-5194-4F13-894E-FDB072E600BD} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\24897~1.175\{61d8b~1\browse~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-21 75904]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-21 38016]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys [2012-9-3 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2012-9-3 912504]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-13 121936]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-5 1385632]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-11 283200]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121027.002\IDSviA64.sys [2012-10-29 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2012-9-3 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys [2012-9-3 386168]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-3 238080]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-13 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-13 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files (x86)\Avast\AvastSvc.exe [2012-11-13 40384]
R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe [2012-11-3 2400800]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 MBAMScheduler;MBAMScheduler;C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-20 399432]
R2 MBAMService;MBAMService;C:\Users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-20 676936]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-9-3 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-4-21 1127448]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-9-11 46136]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files (x86)\Avast\AvastSvc.exe [2012-11-13 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files (x86)\Avast\AvastSvc.exe [2012-11-13 40384]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-7-30 32880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-31 138912]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-7-20 44928]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-20 25928]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-7-20 29696]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-21 412776]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-11-14 31232]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-4-21 38456]
S2 avgfws;AVG Firewall;"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" --> C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [?]
S2 AVGIDSAgent;AVGIDSAgent;"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" --> C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [?]
S2 avgwd;AVG WatchDog;"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" --> C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 androidusb;Google Device Driver;C:\Windows\System32\drivers\wsadb.sys [2012-11-2 40232]
S3 DCamUSBNovatek;USB2.0 UVC Camera;C:\Windows\System32\drivers\nvtcam.sys [2010-7-14 2746624]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-11-14 743320]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-1 1255736]
.
=============== Created Last 30 ================
.
2012-11-20 22:06:18 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9907D31-9C17-458A-A764-01614DD27DE6}\offreg.dll
2012-11-20 18:11:00 -------- d-----w- C:\Users\S.Azad-HP\jagexcache
2012-11-20 17:26:18 -------- d-----w- C:\Users\S.Azad-HP\hpremote
2012-11-20 17:00:25 388096 ----a-r- C:\Users\S.Azad-HP\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-20 16:59:37 -------- d-----w- C:\Hijackthis
2012-11-20 16:45:43 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\Malwarebytes
2012-11-20 16:44:34 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-20 16:44:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-19 20:03:11 -------- d-----r- C:\Program Files (x86)\Skype
2012-11-19 10:27:18 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9907D31-9C17-458A-A764-01614DD27DE6}\mpengine.dll
2012-11-19 01:00:24 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-11-19 00:58:51 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\hpqLog
2012-11-18 01:24:57 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-18 01:24:57 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-18 01:24:57 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-18 01:24:57 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-18 01:24:56 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-18 01:24:53 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-18 01:24:51 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-16 11:12:38 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 11:12:37 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 11:12:37 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 11:12:37 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 11:02:34 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 11:02:34 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 11:02:32 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 11:02:32 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 11:02:31 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 11:02:30 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 11:02:30 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 02:44:23 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\Tunngle
2012-11-15 02:44:23 -------- d-----w- C:\ProgramData\Tunngle
2012-11-15 02:44:21 31232 ----a-w- C:\Windows\System32\drivers\tap0901t.sys
2012-11-15 02:44:19 -------- d-----w- C:\Program Files (x86)\Tunngle
2012-11-15 01:59:00 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\SKIDROW
2012-11-15 01:46:52 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\Programs
2012-11-14 11:44:12 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-11-14 03:28:20 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-11-14 03:27:46 38848 ----a-w- C:\Windows\avastSS.scr
2012-11-14 03:27:43 -------- d-----w- C:\ProgramData\Alwil Software
2012-11-14 03:27:43 -------- d-----w- C:\Program Files (x86)\Avast
2012-11-14 03:05:59 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\MFAData
2012-11-11 23:08:42 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\ArmA 2 OA
2012-11-11 23:07:44 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\ArmA 2
2012-11-11 21:24:39 -------- d-----w- C:\Program Files (x86)\ArmA 2
2012-11-11 20:46:20 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-11-11 20:39:08 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\DAEMON Tools Lite
2012-11-10 23:53:55 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\HP Support Assistant
2012-11-10 23:53:47 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\HpUpdate
2012-11-10 23:53:08 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\Hewlett-Packard
2012-11-10 23:15:15 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\DayZCommander
2012-11-10 23:04:55 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\ArmA 2 Free
2012-11-10 22:54:40 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive
2012-11-10 20:43:22 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\CrashDumps
2012-11-10 19:00:25 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\uTorrent
2012-11-09 23:21:06 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\Origin
2012-11-09 23:21:04 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\Origin
2012-11-09 18:20:40 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\Google
2012-11-09 18:14:52 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\AMD
2012-11-09 18:14:34 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\Wondershare
2012-11-09 18:14:34 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\ATI
2012-11-09 18:14:32 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\Avg2013
2012-11-09 18:14:31 -------- d-----w- C:\Users\S.Azad-HP\AppData\Local\PDFC
2012-11-09 18:14:29 -------- d-----w- C:\Users\S.Azad-HP\AppData\Roaming\Wondershare
2012-11-05 03:44:53 -------- d--h--w- C:\ProgramData\Common Files
2012-11-05 03:44:53 -------- d-----w- C:\ProgramData\MFAData
2012-11-02 11:30:47 40232 ----a-w- C:\Windows\System32\drivers\wsadb.sys
2012-11-02 11:30:47 1489704 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2012-11-02 11:25:59 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare
2012-11-02 11:25:47 -------- d-----w- C:\Program Files (x86)\Wondershare
2012-10-29 03:14:03 -------- d-----w- C:\System Recovery Files
2012-10-25 01:05:45 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-28 03:05:05 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-28 03:05:05 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-09-12 23:07:44 58368 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-09-12 22:57:44 322048 ----a-w- C:\Windows\WLXPGSS.SCR
2012-09-11 16:24:24 209406 ----a-w- C:\Windows\RiyazStudio Uninstaller.exe
2012-08-31 19:49:02 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-30 13:18:02 71680 ----a-w- C:\Windows\System32\frapsv64.dll
2012-08-30 13:18:00 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
.
============= FINISH: 14:51:40.37 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 8/31/2012 9:47:05 AM
System Uptime: 11/20/2012 9:21:20 AM (29 hours ago)
.
Motherboard: FOXCONN | | 2AB1
Processor: AMD Athlon™ II X2 220 Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 687 GiB total, 495.682 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.334 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
K: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP65: 11/16/2012 3:00:19 AM - Windows Update
RP66: 11/17/2012 5:26:20 PM - Installed GTA San Andreas
RP67: 11/18/2012 5:02:33 PM - Installed HP Support Assistant
RP68: 11/18/2012 5:11:17 PM - Windows Modules Installer
RP69: 11/18/2012 5:12:00 PM - Windows Modules Installer
RP70: 11/19/2012 3:00:10 AM - Windows Update
RP71: 11/20/2012 8:46:50 AM - Installed HiJackThis
RP72: 11/20/2012 9:00:05 AM - Installed HiJackThis
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.4)
Agatha Christie - Peril at End House
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Ask Toolbar
Ask Toolbar Updater
AVG 2013
BattlEye for OA Uninstall
Bejeweled 2 Deluxe
Bejeweled 3
Bing Rewards Client Installer
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Bounce Symphony
Build-a-lot 2
Cake Mania
Call of Duty Black Ops 2
Canon MF Toolbox 4.9.1.1.mf13
Canon MF4400 Series
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Counter-Strike: Source
Counter Strike Source SP+MP Full Game v_1.0.0.75-=AviaRa=- 1.0.0.75
D3DX10
DAEMON Tools Lite
DayZ Commander
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
Farm Frenzy
FATE - The Traitor Soul
FormatFactory 2.95
Fraps (remove only)
Garry's Mod
Google Chrome
Google Talk Plugin
Google Update Helper
GTA San Andreas
Hewlett-Packard ACLM.NET v1.2.1.1
HiJackThis
HP Auto
HP Button Manager
HP Client Services
HP Customer Experience Enhancements
HP Games
HP LinkUp
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Odometer
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
Hulu Desktop
Java 7 Update 9
Java Auto Updater
Junk Mail filter update
Kobo
LabelPrint
LightScribe System Software
Mah Jong Medley
Malwarebytes Anti-Malware version 1.65.1.1000
ManyCam 3.0.92 (remove only)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
NBA 2K13
Norton Internet Security
Norton Online Backup
Origin
PDF Complete Special Edition
Penguins!
Photo Common
Photo Gallery
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PressReader
Pro Evolution Soccer 2013
Realtek High Definition Audio Driver
Recovery Manager
Remote Graphics Receiver
RiyazStudio
RoxioNow Player
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Skype Click to Call
Skype™ 6.0
Slingo Supreme
Steam
System Requirements Lab CYRI
True Crime - Streets of LA
Tunngle beta
UEFA EURO 2012
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
uTorrentControl_v2 Toolbar
Verizon Media Manager
Virtual Villagers 4 - The Tree of Life
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.3
VoipBuster
VoipCheapCom
Wheel of Fortune 2
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Migration Assistant
WinRAR 4.20 (32-bit)
Wondershare MobileGo for Android ( Version 2.1.0 )
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
11/21/2012 1:22:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
11/21/2012 1:22:10 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/21/2012 1:22:10 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/20/2012 9:26:13 AM, Error: Service Control Manager [7031] - The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/20/2012 9:22:19 AM, Error: Service Control Manager [7034] - The HP Auto service terminated unexpectedly. It has done this 1 time(s).
11/20/2012 9:22:01 AM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
11/20/2012 9:22:01 AM, Error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The system cannot find the file specified.
11/20/2012 9:22:01 AM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The system cannot find the file specified.
11/20/2012 9:03:14 AM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
11/20/2012 9:03:14 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
11/20/2012 9:03:14 AM, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
11/20/2012 9:03:14 AM, Error: Service Control Manager [7031] - The Browser Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/20/2012 8:58:25 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error: An instance of the service is already running.
11/20/2012 8:57:54 AM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/20/2012 8:29:58 AM, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s).
11/20/2012 8:29:57 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/20/2012 6:07:01 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/18/2012 3:12:24 PM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by 86399 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.24:123) is working properly.
11/16/2012 2:31:38 PM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
11/16/2012 2:31:29 PM, Error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
11/16/2012 2:31:24 PM, Error: Service Control Manager [7034] - The HP Quick Synchronization Service service terminated unexpectedly. It has done this 1 time(s).
11/16/2012 2:31:18 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
11/16/2012 2:31:16 PM, Error: Service Control Manager [7034] - The HP Client Services service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 6:29:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).
.
==== End Of File ===========================

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 22 November 2012 - 08:04 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 25 November 2012 - 08:01 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 28 November 2012 - 08:09 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Mkrl7

Mkrl7
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 28 November 2012 - 08:28 PM

My fault I was not at home but I will now do what you asked.

#8 Mkrl7

Mkrl7
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 28 November 2012 - 08:32 PM

# AdwCleaner v2.009 - Logfile created 11/28/2012 at 17:29:07
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : S - AZAD-HP
# Boot Mode : Normal
# Running from : C:\Users\S.Azad-HP\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Browser Manager

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\user.js
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05372C5C-7CB7-4297-B942-DCD2596A84ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63187FF0-0B04-4549-A835-CF3D0F6660A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKU\S-1-5-21-28386188-2773775096-1142014347-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

*************************

AdwCleaner[S1].txt - [4989 octets] - [28/11/2012 17:29:07]

########## EOF - C:\AdwCleaner[S1].txt - [5049 octets] ##########

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 28 November 2012 - 08:47 PM

no problem
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Mkrl7

Mkrl7
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 28 November 2012 - 09:12 PM

How long does it take for the prescan? It gets stuck at the "Searching for updates..." part.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 28 November 2012 - 09:52 PM

Go ahead and stop it then



I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Mkrl7

Mkrl7
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 29 November 2012 - 08:25 PM

ComboFix 12-11-29.02 - S 11/29/2012 15:14:01.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2366 [GMT -8:00]
Running from: c:\users\S.Azad-HP\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-30 )))))))))))))))))))))))))))))))
.
.
2012-11-30 00:24 . 2012-11-30 00:24 -------- d-----w- c:\users\S\AppData\Local\temp
2012-11-30 00:24 . 2012-11-30 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-30 00:24 . 2012-11-30 00:24 -------- d-----w- c:\users\Azad\AppData\Local\temp
2012-11-29 05:01 . 2012-11-29 05:01 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C3FF8EB-8B57-4EDC-985C-AC5C5FF6FE24}\offreg.dll
2012-11-27 12:45 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C3FF8EB-8B57-4EDC-985C-AC5C5FF6FE24}\mpengine.dll
2012-11-27 05:05 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-11-27 05:04 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-11-27 05:04 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-11-22 05:39 . 2012-11-22 05:39 -------- d-----w- c:\users\Azad\AppData\Local\Windows Live Writer
2012-11-22 05:39 . 2012-11-22 05:39 -------- d-----w- c:\users\Azad\AppData\Roaming\Windows Live Writer
2012-11-20 16:59 . 2012-11-20 17:00 -------- d-----w- C:\Hijackthis
2012-11-20 16:44 . 2012-11-20 16:44 -------- d-----w- c:\programdata\Malwarebytes
2012-11-20 16:44 . 2012-09-30 03:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-19 20:30 . 2012-11-20 01:30 -------- d-----w- c:\users\Azad\AppData\Roaming\Skype
2012-11-19 20:03 . 2012-11-19 20:03 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 20:03 . 2012-11-19 20:04 -------- d-----r- c:\program files (x86)\Skype
2012-11-19 19:44 . 2012-11-27 16:59 -------- d-----w- c:\programdata\Skype
2012-11-19 19:44 . 2012-11-19 19:55 -------- d-----w- c:\users\Azad\AppData\Local\Skype
2012-11-19 19:42 . 2012-11-27 15:21 -------- d-----w- c:\users\Azad\Tracing
2012-11-19 01:00 . 2012-11-19 01:00 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-11-18 01:24 . 2004-10-22 10:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-18 01:24 . 2004-10-22 10:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-18 01:24 . 2004-10-22 10:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-18 01:24 . 2004-10-22 10:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-18 01:24 . 2004-10-22 10:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-18 01:24 . 2012-11-18 01:24 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-18 01:24 . 2012-11-18 01:24 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-16 11:12 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 11:12 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 11:12 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 11:12 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 11:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 11:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 11:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 11:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 11:02 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 11:02 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 11:02 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 04:36 . 2012-11-15 04:36 -------- d-----w- c:\programdata\NVIDIA
2012-11-15 02:44 . 2012-11-15 03:45 -------- d-----w- c:\programdata\Tunngle
2012-11-15 02:44 . 2009-09-16 00:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2012-11-15 02:44 . 2012-11-15 02:45 -------- d-----w- c:\program files (x86)\Tunngle
2012-11-14 03:28 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-11-14 03:28 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-11-14 03:28 . 2010-06-28 21:33 28752 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-11-14 03:28 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-11-14 03:28 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-11-14 03:27 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-11-14 03:27 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-11-14 03:27 . 2012-11-28 00:14 -------- d-----w- c:\program files (x86)\Avast
2012-11-14 03:27 . 2012-11-14 03:27 -------- d-----w- c:\programdata\Alwil Software
2012-11-11 21:24 . 2012-11-14 03:05 -------- d-----w- c:\program files (x86)\ArmA 2
2012-11-11 20:46 . 2012-11-11 20:46 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-10 22:54 . 2012-11-10 22:54 -------- d-----w- c:\program files (x86)\Bohemia Interactive
2012-11-09 18:13 . 2012-11-23 21:38 -------- d-----w- c:\users\S.Azad-HP
2012-11-09 03:05 . 2012-11-09 03:05 -------- d-----w- c:\users\Azad\AppData\Roaming\LockAP
2012-11-08 21:51 . 2012-11-08 21:51 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-11-05 03:44 . 2012-11-14 03:11 -------- d-----w- c:\programdata\MFAData
2012-11-05 03:44 . 2012-11-05 03:44 -------- d--h--w- c:\programdata\Common Files
2012-11-05 03:44 . 2012-11-05 03:44 -------- d-----w- c:\users\Azad\AppData\Local\MFAData
2012-11-02 11:30 . 2012-11-02 11:30 40232 ----a-w- c:\windows\system32\drivers\wsadb.sys
2012-11-02 11:30 . 2012-11-02 11:30 1489704 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-11-02 11:26 . 2012-11-02 11:26 -------- d-----w- c:\users\Azad\AppData\Local\Wondershare
2012-11-02 11:25 . 2012-11-02 11:25 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2012-11-02 11:25 . 2012-11-02 11:25 -------- d-----w- c:\users\Azad\AppData\Roaming\Wondershare
2012-11-02 11:25 . 2012-11-02 11:25 -------- d-----w- c:\users\Azad\.android
2012-11-02 11:25 . 2012-11-02 11:25 -------- d-----w- c:\program files (x86)\Wondershare
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 11:03 . 2012-08-31 17:54 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-22 21:32 . 2012-10-22 21:32 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-11-27 22:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 22:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 22:55 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-28 03:05 . 2012-09-28 03:05 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-28 03:05 . 2012-09-28 03:05 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-25 06:16 . 2012-10-25 01:05 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-14 19:19 . 2012-10-10 02:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 02:53 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-12 23:07 . 2012-09-12 23:07 58368 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-09-12 22:57 . 2012-09-12 22:57 322048 ----a-w- c:\windows\WLXPGSS.SCR
2012-09-11 16:24 . 2012-09-11 16:12 209406 ----a-w- c:\windows\RiyazStudio Uninstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
c:\program files (x86)\Ask.com\GenericAskToolbar.dll [BU]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
2012-07-10 01:46 351136 ----a-w- c:\program files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17880752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast5"="c:\program files (x86)\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Button Manager.lnk - c:\program files (x86)\Hp\Button Manager\BM.exe [2010-7-23 61440]
MobileGo Service.lnk - c:\program files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe [2012-11-2 97168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\24897~1.175\{61D8B~1\browsermngr.dll
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
R2 MBAMScheduler;MBAMScheduler;c:\users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
R2 MBAMService;MBAMService;c:\users\S.Azad-HP\Desktop\MalwareBytes\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 androidusb;Google Device Driver;c:\windows\system32\Drivers\wsadb.sys [2012-11-02 40232]
R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2746624]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-10-02 743320]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-01 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-04 75904]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-04 38016]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-05 1385632]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-11 283200]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121027.002\IDSvia64.sys [2012-09-06 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-30 32880]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-31 138912]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-07-20 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-07-20 29696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-12-22 38456]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05 03:20]
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05 03:20]
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-28386188-2773775096-1142014347-1001Core.job
- c:\users\Azad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 18:09]
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-28386188-2773775096-1142014347-1001UA.job
- c:\users\Azad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 18:09]
.
2012-11-27 c:\windows\Tasks\HPCeeScheduleForAZAD-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-11-30 c:\windows\Tasks\HPCeeScheduleForAzad.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-11-20 c:\windows\Tasks\HPCeeScheduleForS.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files (x86)\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{9E131A93-EED7-4BEB-B015-A0ADB30B5646} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-BattlEye for OA - c:\program files (x86)\Arma 2\Expansion\BattlEye\UnInstallBE.exe
AddRemove-Counter Strike Source SP+MP Full Game v_1.0.0.75-=AviaRa=- 1.0.0.75 - c:\users\S\Desktop\New folder\Counter Strike Source SP+MP Full Game v_1.0.0.75-=AviaRa=-\Uninstall.exe
AddRemove-DAEMON Tools Lite - j:\daemon tools lite\uninst.exe
AddRemove-Fraps - j:\new folder\uninstall.exe
AddRemove-UEFA EURO 2012_is1 - j:\uefa euro 2012\unins000.exe
AddRemove-VoipBuster_is1 - f:\voip\VoipBuster\unins000.exe
AddRemove-VoipCheapCom_is1 - f:\new folder\VoipCheapCom\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-29 16:56:14
ComboFix-quarantined-files.txt 2012-11-30 00:56
ComboFix2.txt 2012-11-29 06:41
.
Pre-Run: 540,045,377,536 bytes free
Post-Run: 539,739,971,584 bytes free
.
- - End Of File - - F8E3DA1E39717DA7D3282FF9A18763CD

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 30 November 2012 - 09:01 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:30 AM

Posted 02 December 2012 - 11:54 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Mkrl7

Mkrl7
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 03 December 2012 - 08:40 PM

17:24:43.0989 7024 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:24:44.0397 7024 ============================================================
17:24:44.0397 7024 Current date / time: 2012/12/03 17:24:44.0397
17:24:44.0397 7024 SystemInfo:
17:24:44.0397 7024
17:24:44.0397 7024 OS Version: 6.1.7601 ServicePack: 1.0
17:24:44.0397 7024 Product type: Workstation
17:24:44.0397 7024 ComputerName: AZAD-HP
17:24:44.0398 7024 UserName: Azad
17:24:44.0399 7024 Windows directory: C:\Windows
17:24:44.0399 7024 System windows directory: C:\Windows
17:24:44.0399 7024 Running under WOW64
17:24:44.0399 7024 Processor architecture: Intel x64
17:24:44.0399 7024 Number of processors: 2
17:24:44.0399 7024 Page size: 0x1000
17:24:44.0399 7024 Boot type: Normal boot
17:24:44.0399 7024 ============================================================
17:24:46.0324 7024 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:24:46.0376 7024 Drive \Device\Harddisk5\DR5 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:24:46.0379 7024 ============================================================
17:24:46.0379 7024 \Device\Harddisk0\DR0:
17:24:46.0379 7024 MBR partitions:
17:24:46.0379 7024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:24:46.0379 7024 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55EB4800
17:24:46.0379 7024 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55EE7000, BlocksNum 0x165E800
17:24:46.0379 7024 \Device\Harddisk5\DR5:
17:24:46.0381 7024 MBR partitions:
17:24:46.0381 7024 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x34, BlocksNum 0x1DD5A92
17:24:46.0381 7024 ============================================================
17:24:46.0415 7024 C: <-> \Device\Harddisk0\DR0\Partition2
17:24:46.0456 7024 D: <-> \Device\Harddisk0\DR0\Partition3
17:24:46.0457 7024 ============================================================
17:24:46.0457 7024 Initialize success
17:24:46.0457 7024 ============================================================
17:39:38.0703 3368 ============================================================
17:39:38.0703 3368 Scan started
17:39:38.0703 3368 Mode: Manual;
17:39:38.0703 3368 ============================================================
17:39:39.0153 3368 ================ Scan system memory ========================
17:39:39.0153 3368 System memory - ok
17:39:39.0154 3368 ================ Scan services =============================
17:39:39.0327 3368 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:39:39.0332 3368 1394ohci - ok
17:39:39.0394 3368 ACDaemon - ok
17:39:39.0419 3368 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:39:39.0423 3368 ACPI - ok
17:39:39.0436 3368 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:39:39.0438 3368 AcpiPmi - ok
17:39:39.0477 3368 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:39:39.0478 3368 AdobeARMservice - ok
17:39:39.0493 3368 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:39:39.0499 3368 adp94xx - ok
17:39:39.0520 3368 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:39:39.0524 3368 adpahci - ok
17:39:39.0539 3368 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:39:39.0542 3368 adpu320 - ok
17:39:39.0561 3368 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:39:39.0562 3368 AeLookupSvc - ok
17:39:39.0592 3368 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:39:39.0598 3368 AFD - ok
17:39:39.0621 3368 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:39:39.0623 3368 agp440 - ok
17:39:39.0631 3368 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:39:39.0634 3368 ALG - ok
17:39:39.0648 3368 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:39:39.0650 3368 aliide - ok
17:39:39.0690 3368 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:39:39.0693 3368 AMD External Events Utility - ok
17:39:39.0748 3368 AMD FUEL Service - ok
17:39:39.0764 3368 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:39:39.0768 3368 amdide - ok
17:39:39.0795 3368 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
17:39:39.0797 3368 amdiox64 - ok
17:39:39.0809 3368 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:39:39.0812 3368 AmdK8 - ok
17:39:40.0024 3368 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:39:40.0154 3368 amdkmdag - ok
17:39:40.0177 3368 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:39:40.0182 3368 amdkmdap - ok
17:39:40.0225 3368 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:39:40.0250 3368 AmdPPM - ok
17:39:40.0286 3368 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:39:40.0288 3368 amdsata - ok
17:39:40.0300 3368 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:39:40.0304 3368 amdsbs - ok
17:39:40.0319 3368 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:39:40.0321 3368 amdxata - ok
17:39:40.0347 3368 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
17:39:40.0349 3368 amd_sata - ok
17:39:40.0373 3368 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
17:39:40.0375 3368 amd_xata - ok
17:39:40.0412 3368 [ 1C95002CE0AB71D9C81B7DC2D790E4C2 ] androidusb C:\Windows\system32\Drivers\wsadb.sys
17:39:40.0414 3368 androidusb - ok
17:39:40.0451 3368 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:39:40.0454 3368 AODDriver4.1 - ok
17:39:40.0509 3368 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:39:40.0514 3368 AppID - ok
17:39:40.0561 3368 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:39:40.0562 3368 AppIDSvc - ok
17:39:40.0585 3368 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:39:40.0588 3368 Appinfo - ok
17:39:40.0606 3368 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:39:40.0609 3368 arc - ok
17:39:40.0626 3368 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:39:40.0629 3368 arcsas - ok
17:39:40.0694 3368 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:39:40.0696 3368 aspnet_state - ok
17:39:40.0714 3368 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:39:40.0715 3368 aswFsBlk - ok
17:39:40.0748 3368 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:39:40.0751 3368 aswMonFlt - ok
17:39:40.0789 3368 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:39:40.0792 3368 aswRdr - ok
17:39:40.0854 3368 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:39:40.0865 3368 aswSnx - ok
17:39:40.0886 3368 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:39:40.0893 3368 aswSP - ok
17:39:40.0904 3368 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:39:40.0907 3368 aswTdi - ok
17:39:40.0921 3368 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:39:40.0924 3368 AsyncMac - ok
17:39:40.0951 3368 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:39:40.0955 3368 atapi - ok
17:39:40.0997 3368 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\drivers\AtiPcie64.sys
17:39:40.0999 3368 AtiPcie - ok
17:39:41.0033 3368 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:39:41.0040 3368 AudioEndpointBuilder - ok
17:39:41.0053 3368 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:39:41.0058 3368 AudioSrv - ok
17:39:41.0111 3368 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files (x86)\Avast\AvastSvc.exe
17:39:41.0112 3368 avast! Antivirus - ok
17:39:41.0121 3368 avgfws - ok
17:39:41.0129 3368 AVGIDSAgent - ok
17:39:41.0139 3368 avgwd - ok
17:39:41.0166 3368 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:39:41.0170 3368 AxInstSV - ok
17:39:41.0209 3368 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:39:41.0216 3368 b06bdrv - ok
17:39:41.0241 3368 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:39:41.0245 3368 b57nd60a - ok
17:39:41.0274 3368 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:39:41.0276 3368 BDESVC - ok
17:39:41.0285 3368 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:39:41.0287 3368 Beep - ok
17:39:41.0316 3368 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:39:41.0324 3368 BFE - ok
17:39:41.0412 3368 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys
17:39:41.0441 3368 BHDrvx64 - ok
17:39:41.0481 3368 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:39:41.0495 3368 BITS - ok
17:39:41.0519 3368 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:39:41.0521 3368 blbdrive - ok
17:39:41.0564 3368 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:39:41.0567 3368 Bonjour Service - ok
17:39:41.0602 3368 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:39:41.0604 3368 bowser - ok
17:39:41.0621 3368 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:39:41.0623 3368 BrFiltLo - ok
17:39:41.0630 3368 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:39:41.0633 3368 BrFiltUp - ok
17:39:41.0661 3368 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:39:41.0664 3368 BridgeMP - ok
17:39:41.0678 3368 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:39:41.0681 3368 Browser - ok
17:39:41.0700 3368 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:39:41.0704 3368 Brserid - ok
17:39:41.0712 3368 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:39:41.0714 3368 BrSerWdm - ok
17:39:41.0725 3368 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:39:41.0726 3368 BrUsbMdm - ok
17:39:41.0733 3368 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:39:41.0734 3368 BrUsbSer - ok
17:39:41.0745 3368 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:39:41.0748 3368 BTHMODEM - ok
17:39:41.0773 3368 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:39:41.0775 3368 bthserv - ok
17:39:41.0796 3368 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:39:41.0798 3368 cdfs - ok
17:39:41.0820 3368 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:39:41.0821 3368 cdrom - ok
17:39:41.0850 3368 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:39:41.0852 3368 CertPropSvc - ok
17:39:41.0864 3368 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:39:41.0866 3368 circlass - ok
17:39:41.0883 3368 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:39:41.0888 3368 CLFS - ok
17:39:41.0935 3368 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:41.0940 3368 clr_optimization_v2.0.50727_32 - ok
17:39:41.0965 3368 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:39:41.0970 3368 clr_optimization_v2.0.50727_64 - ok
17:39:42.0029 3368 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:39:42.0039 3368 clr_optimization_v4.0.30319_32 - ok
17:39:42.0063 3368 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:39:42.0078 3368 clr_optimization_v4.0.30319_64 - ok
17:39:42.0107 3368 [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:39:42.0109 3368 clwvd - ok
17:39:42.0127 3368 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:39:42.0129 3368 CmBatt - ok
17:39:42.0142 3368 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:39:42.0144 3368 cmdide - ok
17:39:42.0177 3368 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:39:42.0185 3368 CNG - ok
17:39:42.0193 3368 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:39:42.0195 3368 Compbatt - ok
17:39:42.0216 3368 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:39:42.0218 3368 CompositeBus - ok
17:39:42.0230 3368 COMSysApp - ok
17:39:42.0243 3368 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:39:42.0244 3368 crcdisk - ok
17:39:42.0287 3368 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:39:42.0290 3368 CryptSvc - ok
17:39:42.0369 3368 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:39:42.0382 3368 cvhsvc - ok
17:39:42.0476 3368 [ 87A70750325AFC300F0977DC3137A350 ] DCamUSBNovatek C:\Windows\system32\Drivers\nvtcam.sys
17:39:42.0508 3368 DCamUSBNovatek - ok
17:39:42.0541 3368 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:39:42.0550 3368 DcomLaunch - ok
17:39:42.0576 3368 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:39:42.0580 3368 defragsvc - ok
17:39:42.0597 3368 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:39:42.0599 3368 DfsC - ok
17:39:42.0621 3368 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:39:42.0626 3368 Dhcp - ok
17:39:42.0649 3368 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:39:42.0650 3368 discache - ok
17:39:42.0674 3368 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:39:42.0675 3368 Disk - ok
17:39:42.0698 3368 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:39:42.0701 3368 Dnscache - ok
17:39:42.0721 3368 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:39:42.0725 3368 dot3svc - ok
17:39:42.0739 3368 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:39:42.0743 3368 DPS - ok
17:39:42.0769 3368 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:39:42.0770 3368 drmkaud - ok
17:39:42.0808 3368 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:39:42.0812 3368 dtsoftbus01 - ok
17:39:42.0839 3368 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:39:42.0850 3368 DXGKrnl - ok
17:39:42.0872 3368 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:39:42.0875 3368 EapHost - ok
17:39:42.0941 3368 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:39:42.0975 3368 ebdrv - ok
17:39:43.0033 3368 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:39:43.0038 3368 eeCtrl - ok
17:39:43.0071 3368 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:39:43.0074 3368 EFS - ok
17:39:43.0121 3368 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:39:43.0128 3368 ehRecvr - ok
17:39:43.0140 3368 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:39:43.0143 3368 ehSched - ok
17:39:43.0171 3368 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:39:43.0177 3368 elxstor - ok
17:39:43.0200 3368 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:39:43.0203 3368 EraserUtilRebootDrv - ok
17:39:43.0212 3368 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:39:43.0214 3368 ErrDev - ok
17:39:43.0254 3368 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:39:43.0259 3368 EventSystem - ok
17:39:43.0273 3368 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:39:43.0276 3368 exfat - ok
17:39:43.0292 3368 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:39:43.0295 3368 fastfat - ok
17:39:43.0320 3368 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:39:43.0329 3368 Fax - ok
17:39:43.0347 3368 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:39:43.0348 3368 fdc - ok
17:39:43.0365 3368 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:39:43.0367 3368 fdPHost - ok
17:39:43.0380 3368 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:39:43.0382 3368 FDResPub - ok
17:39:43.0406 3368 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:39:43.0407 3368 FileInfo - ok
17:39:43.0421 3368 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:39:43.0423 3368 Filetrace - ok
17:39:43.0428 3368 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:39:43.0430 3368 flpydisk - ok
17:39:43.0442 3368 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:39:43.0445 3368 FltMgr - ok
17:39:43.0491 3368 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:39:43.0504 3368 FontCache - ok
17:39:43.0541 3368 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:39:43.0543 3368 FontCache3.0.0.0 - ok
17:39:43.0554 3368 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:39:43.0556 3368 FsDepends - ok
17:39:43.0578 3368 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:39:43.0581 3368 Fs_Rec - ok
17:39:43.0588 3368 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:39:43.0592 3368 fvevol - ok
17:39:43.0615 3368 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:39:43.0617 3368 gagp30kx - ok
17:39:43.0687 3368 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:39:43.0693 3368 GamesAppService - ok
17:39:43.0734 3368 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:39:43.0755 3368 gpsvc - ok
17:39:43.0814 3368 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:39:43.0816 3368 gupdate - ok
17:39:43.0821 3368 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:39:43.0823 3368 gupdatem - ok
17:39:43.0841 3368 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:39:43.0843 3368 hcw85cir - ok
17:39:43.0862 3368 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:39:43.0868 3368 HdAudAddService - ok
17:39:43.0883 3368 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:39:43.0885 3368 HDAudBus - ok
17:39:43.0890 3368 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:39:43.0892 3368 HidBatt - ok
17:39:43.0899 3368 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:39:43.0901 3368 HidBth - ok
17:39:43.0926 3368 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:39:43.0928 3368 HidIr - ok
17:39:43.0948 3368 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:39:43.0950 3368 hidserv - ok
17:39:43.0987 3368 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:39:43.0989 3368 HidUsb - ok
17:39:43.0999 3368 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:39:44.0002 3368 hkmsvc - ok
17:39:44.0012 3368 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:39:44.0017 3368 HomeGroupListener - ok
17:39:44.0031 3368 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:39:44.0036 3368 HomeGroupProvider - ok
17:39:44.0119 3368 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:39:44.0122 3368 HP Support Assistant Service - ok
17:39:44.0165 3368 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
17:39:44.0175 3368 HPAuto - ok
17:39:44.0195 3368 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:39:44.0200 3368 HPClientSvc - ok
17:39:44.0233 3368 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:39:44.0244 3368 hpqwmiex - ok
17:39:44.0263 3368 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:39:44.0266 3368 HpSAMD - ok
17:39:44.0304 3368 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:39:44.0312 3368 HTTP - ok
17:39:44.0319 3368 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:39:44.0320 3368 hwpolicy - ok
17:39:44.0340 3368 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:39:44.0342 3368 i8042prt - ok
17:39:44.0365 3368 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:39:44.0370 3368 iaStorV - ok
17:39:44.0416 3368 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:39:44.0426 3368 idsvc - ok
17:39:44.0477 3368 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121027.002\IDSvia64.sys
17:39:44.0484 3368 IDSVia64 - ok
17:39:44.0616 3368 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:39:44.0686 3368 igfx - ok
17:39:44.0710 3368 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:39:44.0711 3368 iirsp - ok
17:39:44.0742 3368 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:39:44.0753 3368 IKEEXT - ok
17:39:44.0810 3368 [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:39:44.0837 3368 IntcAzAudAddService - ok
17:39:44.0850 3368 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:39:44.0852 3368 intelide - ok
17:39:44.0876 3368 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:39:44.0879 3368 intelppm - ok
17:39:44.0905 3368 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:39:44.0908 3368 IPBusEnum - ok
17:39:44.0928 3368 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:39:44.0931 3368 IpFilterDriver - ok
17:39:44.0971 3368 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:39:44.0979 3368 iphlpsvc - ok
17:39:44.0985 3368 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:39:44.0987 3368 IPMIDRV - ok
17:39:44.0993 3368 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:39:44.0996 3368 IPNAT - ok
17:39:45.0009 3368 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:39:45.0010 3368 IRENUM - ok
17:39:45.0017 3368 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:39:45.0019 3368 isapnp - ok
17:39:45.0031 3368 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:39:45.0036 3368 iScsiPrt - ok
17:39:45.0062 3368 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:39:45.0065 3368 kbdclass - ok
17:39:45.0072 3368 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:39:45.0074 3368 kbdhid - ok
17:39:45.0087 3368 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:39:45.0090 3368 KeyIso - ok
17:39:45.0110 3368 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:39:45.0112 3368 KSecDD - ok
17:39:45.0124 3368 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:39:45.0126 3368 KSecPkg - ok
17:39:45.0149 3368 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:39:45.0151 3368 ksthunk - ok
17:39:45.0179 3368 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:39:45.0185 3368 KtmRm - ok
17:39:45.0219 3368 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:39:45.0225 3368 LanmanServer - ok
17:39:45.0248 3368 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:39:45.0264 3368 LanmanWorkstation - ok
17:39:45.0377 3368 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:39:45.0398 3368 LightScribeService - ok
17:39:45.0519 3368 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:39:45.0524 3368 lltdio - ok
17:39:45.0583 3368 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:39:45.0595 3368 lltdsvc - ok
17:39:45.0620 3368 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:39:45.0625 3368 lmhosts - ok
17:39:45.0660 3368 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:39:45.0663 3368 LSI_FC - ok
17:39:45.0670 3368 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:39:45.0674 3368 LSI_SAS - ok
17:39:45.0682 3368 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:39:45.0685 3368 LSI_SAS2 - ok
17:39:45.0692 3368 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:39:45.0696 3368 LSI_SCSI - ok
17:39:45.0714 3368 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:39:45.0716 3368 luafv - ok
17:39:45.0749 3368 LVPr2M64 - ok
17:39:45.0793 3368 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
17:39:45.0795 3368 ManyCam - ok
17:39:45.0834 3368 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:39:45.0835 3368 MBAMProtector - ok
17:39:45.0875 3368 MBAMScheduler - ok
17:39:45.0879 3368 MBAMService - ok
17:39:45.0906 3368 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
17:39:45.0908 3368 mcaudrv_simple - ok
17:39:45.0928 3368 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:39:45.0933 3368 Mcx2Svc - ok
17:39:45.0948 3368 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:39:45.0950 3368 megasas - ok
17:39:45.0959 3368 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:39:45.0964 3368 MegaSR - ok
17:39:46.0026 3368 Microsoft SharePoint Workspace Audit Service - ok
17:39:46.0055 3368 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:39:46.0064 3368 MMCSS - ok
17:39:46.0073 3368 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:39:46.0075 3368 Modem - ok
17:39:46.0095 3368 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:39:46.0097 3368 monitor - ok
17:39:46.0112 3368 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:39:46.0115 3368 mouclass - ok
17:39:46.0131 3368 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:39:46.0132 3368 mouhid - ok
17:39:46.0153 3368 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:39:46.0154 3368 mountmgr - ok
17:39:46.0167 3368 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:39:46.0170 3368 mpio - ok
17:39:46.0182 3368 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:39:46.0185 3368 mpsdrv - ok
17:39:46.0218 3368 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:39:46.0228 3368 MpsSvc - ok
17:39:46.0235 3368 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:39:46.0238 3368 MRxDAV - ok
17:39:46.0265 3368 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:39:46.0267 3368 mrxsmb - ok
17:39:46.0290 3368 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:39:46.0293 3368 mrxsmb10 - ok
17:39:46.0311 3368 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:39:46.0313 3368 mrxsmb20 - ok
17:39:46.0319 3368 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:39:46.0320 3368 msahci - ok
17:39:46.0335 3368 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:39:46.0343 3368 msdsm - ok
17:39:46.0364 3368 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:39:46.0368 3368 MSDTC - ok
17:39:46.0388 3368 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:39:46.0389 3368 Msfs - ok
17:39:46.0416 3368 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:39:46.0418 3368 mshidkmdf - ok
17:39:46.0429 3368 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:39:46.0430 3368 msisadrv - ok
17:39:46.0448 3368 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:39:46.0452 3368 MSiSCSI - ok
17:39:46.0457 3368 msiserver - ok
17:39:46.0475 3368 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:39:46.0477 3368 MSKSSRV - ok
17:39:46.0501 3368 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:39:46.0503 3368 MSPCLOCK - ok
17:39:46.0516 3368 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:39:46.0521 3368 MSPQM - ok
17:39:46.0548 3368 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:39:46.0552 3368 MsRPC - ok
17:39:46.0576 3368 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:39:46.0577 3368 mssmbios - ok
17:39:46.0595 3368 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:39:46.0597 3368 MSTEE - ok
17:39:46.0607 3368 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:39:46.0608 3368 MTConfig - ok
17:39:46.0626 3368 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:39:46.0628 3368 Mup - ok
17:39:46.0648 3368 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:39:46.0655 3368 napagent - ok
17:39:46.0683 3368 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:39:46.0687 3368 NativeWifiP - ok
17:39:46.0754 3368 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121030.002\ENG64.SYS
17:39:46.0758 3368 NAVENG - ok
17:39:46.0829 3368 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121030.002\EX64.SYS
17:39:46.0874 3368 NAVEX15 - ok
17:39:46.0930 3368 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:39:46.0944 3368 NDIS - ok
17:39:46.0968 3368 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:39:46.0970 3368 NdisCap - ok
17:39:46.0988 3368 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:39:46.0990 3368 NdisTapi - ok
17:39:46.0998 3368 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:39:47.0001 3368 Ndisuio - ok
17:39:47.0013 3368 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:39:47.0016 3368 NdisWan - ok
17:39:47.0029 3368 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:39:47.0032 3368 NDProxy - ok
17:39:47.0040 3368 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:39:47.0041 3368 NetBIOS - ok
17:39:47.0050 3368 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:39:47.0053 3368 NetBT - ok
17:39:47.0062 3368 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:39:47.0065 3368 Netlogon - ok
17:39:47.0103 3368 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:39:47.0109 3368 Netman - ok
17:39:47.0143 3368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:47.0146 3368 NetMsmqActivator - ok
17:39:47.0150 3368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:47.0152 3368 NetPipeActivator - ok
17:39:47.0163 3368 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:39:47.0171 3368 netprofm - ok
17:39:47.0176 3368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:47.0178 3368 NetTcpActivator - ok
17:39:47.0184 3368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:47.0186 3368 NetTcpPortSharing - ok
17:39:47.0215 3368 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:39:47.0217 3368 nfrd960 - ok
17:39:47.0289 3368 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
17:39:47.0292 3368 NIS - ok
17:39:47.0317 3368 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:39:47.0325 3368 NlaSvc - ok
17:39:47.0416 3368 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:39:47.0454 3368 NOBU - ok
17:39:47.0466 3368 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:39:47.0468 3368 Npfs - ok
17:39:47.0488 3368 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:39:47.0491 3368 nsi - ok
17:39:47.0502 3368 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:39:47.0503 3368 nsiproxy - ok
17:39:47.0554 3368 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:39:47.0571 3368 Ntfs - ok
17:39:47.0590 3368 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:39:47.0591 3368 Null - ok
17:39:47.0623 3368 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:39:47.0625 3368 nvraid - ok
17:39:47.0644 3368 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:39:47.0648 3368 nvstor - ok
17:39:47.0672 3368 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:39:47.0674 3368 nv_agp - ok
17:39:47.0701 3368 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:39:47.0703 3368 ohci1394 - ok
17:39:47.0754 3368 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:47.0759 3368 ose - ok
17:39:47.0867 3368 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:47.0917 3368 osppsvc - ok
17:39:47.0945 3368 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:39:47.0951 3368 p2pimsvc - ok
17:39:47.0966 3368 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:39:47.0974 3368 p2psvc - ok
17:39:48.0002 3368 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:39:48.0004 3368 Parport - ok
17:39:48.0024 3368 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:39:48.0026 3368 partmgr - ok
17:39:48.0043 3368 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:39:48.0048 3368 PcaSvc - ok
17:39:48.0064 3368 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:39:48.0067 3368 pci - ok
17:39:48.0082 3368 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:39:48.0084 3368 pciide - ok
17:39:48.0095 3368 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:39:48.0098 3368 pcmcia - ok
17:39:48.0113 3368 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:39:48.0115 3368 pcw - ok
17:39:48.0144 3368 pdfcDispatcher - ok
17:39:48.0167 3368 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:39:48.0174 3368 PEAUTH - ok
17:39:48.0260 3368 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:39:48.0263 3368 PerfHost - ok
17:39:48.0304 3368 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:39:48.0320 3368 pla - ok
17:39:48.0348 3368 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:39:48.0354 3368 PlugPlay - ok
17:39:48.0363 3368 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:39:48.0367 3368 PNRPAutoReg - ok
17:39:48.0386 3368 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:39:48.0390 3368 PNRPsvc - ok
17:39:48.0426 3368 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:39:48.0429 3368 Point64 - ok
17:39:48.0447 3368 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:39:48.0454 3368 PolicyAgent - ok
17:39:48.0510 3368 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:39:48.0515 3368 Power - ok
17:39:48.0542 3368 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:39:48.0545 3368 PptpMiniport - ok
17:39:48.0560 3368 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:39:48.0563 3368 Processor - ok
17:39:48.0589 3368 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:39:48.0594 3368 ProfSvc - ok
17:39:48.0604 3368 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:39:48.0606 3368 ProtectedStorage - ok
17:39:48.0622 3368 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:39:48.0624 3368 Psched - ok
17:39:48.0658 3368 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:39:48.0674 3368 ql2300 - ok
17:39:48.0692 3368 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:39:48.0695 3368 ql40xx - ok
17:39:48.0707 3368 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:39:48.0713 3368 QWAVE - ok
17:39:48.0727 3368 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:39:48.0730 3368 QWAVEdrv - ok
17:39:48.0744 3368 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:39:48.0746 3368 RasAcd - ok
17:39:48.0775 3368 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:39:48.0777 3368 RasAgileVpn - ok
17:39:48.0795 3368 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:39:48.0800 3368 RasAuto - ok
17:39:48.0816 3368 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:39:48.0818 3368 Rasl2tp - ok
17:39:48.0836 3368 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:39:48.0842 3368 RasMan - ok
17:39:48.0857 3368 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:39:48.0860 3368 RasPppoe - ok
17:39:48.0870 3368 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:39:48.0872 3368 RasSstp - ok
17:39:48.0888 3368 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:39:48.0892 3368 rdbss - ok
17:39:48.0905 3368 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:39:48.0907 3368 rdpbus - ok
17:39:48.0914 3368 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:39:48.0915 3368 RDPCDD - ok
17:39:48.0929 3368 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:39:48.0930 3368 RDPENCDD - ok
17:39:48.0942 3368 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:39:48.0943 3368 RDPREFMP - ok
17:39:48.0974 3368 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:39:48.0978 3368 RDPWD - ok
17:39:49.0008 3368 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:39:49.0011 3368 rdyboost - ok
17:39:49.0028 3368 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:39:49.0032 3368 RemoteAccess - ok
17:39:49.0053 3368 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:39:49.0058 3368 RemoteRegistry - ok
17:39:49.0098 3368 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:39:49.0103 3368 RoxioNow Service - ok
17:39:49.0120 3368 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:39:49.0124 3368 RpcEptMapper - ok
17:39:49.0140 3368 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:39:49.0142 3368 RpcLocator - ok
17:39:49.0157 3368 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:39:49.0164 3368 RpcSs - ok
17:39:49.0177 3368 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:39:49.0180 3368 rspndr - ok
17:39:49.0211 3368 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:39:49.0217 3368 RTL8167 - ok
17:39:49.0229 3368 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:39:49.0231 3368 SamSs - ok
17:39:49.0257 3368 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:39:49.0260 3368 sbp2port - ok
17:39:49.0285 3368 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:39:49.0290 3368 SCardSvr - ok
17:39:49.0298 3368 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:39:49.0300 3368 scfilter - ok
17:39:49.0323 3368 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:39:49.0337 3368 Schedule - ok
17:39:49.0354 3368 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:39:49.0355 3368 SCPolicySvc - ok
17:39:49.0369 3368 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:39:49.0374 3368 SDRSVC - ok
17:39:49.0388 3368 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:39:49.0390 3368 secdrv - ok
17:39:49.0400 3368 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:39:49.0404 3368 seclogon - ok
17:39:49.0424 3368 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:39:49.0428 3368 SENS - ok
17:39:49.0444 3368 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:39:49.0448 3368 SensrSvc - ok
17:39:49.0475 3368 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:39:49.0479 3368 Serenum - ok
17:39:49.0494 3368 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:39:49.0497 3368 Serial - ok
17:39:49.0516 3368 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:39:49.0518 3368 sermouse - ok
17:39:49.0553 3368 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:39:49.0557 3368 SessionEnv - ok
17:39:49.0573 3368 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:39:49.0574 3368 sffdisk - ok
17:39:49.0590 3368 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:39:49.0591 3368 sffp_mmc - ok
17:39:49.0604 3368 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:39:49.0606 3368 sffp_sd - ok
17:39:49.0618 3368 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:39:49.0620 3368 sfloppy - ok
17:39:49.0660 3368 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:39:49.0669 3368 Sftfs - ok
17:39:49.0711 3368 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:39:49.0717 3368 sftlist - ok
17:39:49.0730 3368 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:39:49.0734 3368 Sftplay - ok
17:39:49.0741 3368 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:39:49.0742 3368 Sftredir - ok
17:39:49.0757 3368 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:39:49.0759 3368 Sftvol - ok
17:39:49.0772 3368 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:39:49.0775 3368 sftvsa - ok
17:39:49.0809 3368 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:39:49.0815 3368 SharedAccess - ok
17:39:49.0838 3368 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:39:49.0845 3368 ShellHWDetection - ok
17:39:49.0871 3368 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:39:49.0874 3368 SiSRaid2 - ok
17:39:49.0894 3368 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:39:49.0897 3368 SiSRaid4 - ok
17:39:49.0989 3368 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:39:50.0027 3368 Skype C2C Service - ok
17:39:50.0072 3368 [ C44DA62FBCAE62803EA95600FC263065 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:39:50.0075 3368 SkypeUpdate - ok
17:39:50.0095 3368 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:39:50.0097 3368 Smb - ok
17:39:50.0128 3368 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:39:50.0133 3368 SNMPTRAP - ok
17:39:50.0156 3368 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:39:50.0157 3368 spldr - ok
17:39:50.0183 3368 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:39:50.0193 3368 Spooler - ok
17:39:50.0261 3368 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:39:50.0309 3368 sppsvc - ok
17:39:50.0329 3368 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:39:50.0335 3368 sppuinotify - ok
17:39:50.0390 3368 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
17:39:50.0400 3368 SRTSP - ok
17:39:50.0413 3368 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
17:39:50.0416 3368 SRTSPX - ok
17:39:50.0445 3368 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:39:50.0452 3368 srv - ok
17:39:50.0469 3368 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:39:50.0485 3368 srv2 - ok
17:39:50.0501 3368 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:39:50.0503 3368 srvnet - ok
17:39:50.0541 3368 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:39:50.0548 3368 SSDPSRV - ok
17:39:50.0561 3368 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:39:50.0565 3368 SstpSvc - ok
17:39:50.0635 3368 Steam Client Service - ok
17:39:50.0688 3368 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:39:50.0710 3368 stexstor - ok
17:39:50.0805 3368 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:39:50.0833 3368 stisvc - ok
17:39:50.0851 3368 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:39:50.0853 3368 swenum - ok
17:39:50.0885 3368 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:39:50.0895 3368 swprv - ok
17:39:50.0911 3368 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
17:39:50.0918 3368 SymDS - ok
17:39:50.0973 3368 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
17:39:50.0992 3368 SymEFA - ok
17:39:51.0071 3368 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:39:51.0098 3368 SymEvent - ok
17:39:51.0124 3368 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
17:39:51.0139 3368 SymIRON - ok
17:39:51.0158 3368 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
17:39:51.0164 3368 SymNetS - ok
17:39:51.0210 3368 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:39:51.0234 3368 SysMain - ok
17:39:51.0248 3368 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:39:51.0254 3368 TabletInputService - ok
17:39:51.0273 3368 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
17:39:51.0275 3368 tap0901t - ok
17:39:51.0290 3368 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:39:51.0298 3368 TapiSrv - ok
17:39:51.0314 3368 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:39:51.0318 3368 TBS - ok
17:39:51.0367 3368 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:39:51.0387 3368 Tcpip - ok
17:39:51.0422 3368 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:39:51.0432 3368 TCPIP6 - ok
17:39:51.0450 3368 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:39:51.0452 3368 tcpipreg - ok
17:39:51.0476 3368 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:39:51.0479 3368 TDPIPE - ok
17:39:51.0495 3368 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:39:51.0497 3368 TDTCP - ok
17:39:51.0507 3368 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:39:51.0510 3368 tdx - ok
17:39:51.0527 3368 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:39:51.0529 3368 TermDD - ok
17:39:51.0553 3368 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:39:51.0563 3368 TermService - ok
17:39:51.0571 3368 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:39:51.0575 3368 Themes - ok
17:39:51.0596 3368 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:39:51.0598 3368 THREADORDER - ok
17:39:51.0614 3368 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:39:51.0619 3368 TrkWks - ok
17:39:51.0659 3368 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:39:51.0661 3368 TrustedInstaller - ok
17:39:51.0675 3368 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:39:51.0677 3368 tssecsrv - ok
17:39:51.0705 3368 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:39:51.0707 3368 TsUsbFlt - ok
17:39:51.0732 3368 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:39:51.0734 3368 TsUsbGD - ok
17:39:51.0746 3368 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:39:51.0748 3368 tunnel - ok
17:39:51.0790 3368 [ 1A5F1301C1EA3B49D1222E9CBB552EBB ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
17:39:51.0798 3368 TunngleService - ok
17:39:51.0816 3368 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:39:51.0818 3368 uagp35 - ok
17:39:51.0834 3368 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:39:51.0839 3368 udfs - ok
17:39:51.0862 3368 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:39:51.0866 3368 UI0Detect - ok
17:39:51.0892 3368 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:39:51.0895 3368 uliagpkx - ok
17:39:51.0911 3368 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:39:51.0913 3368 umbus - ok
17:39:51.0938 3368 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:39:51.0940 3368 UmPass - ok
17:39:51.0957 3368 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:39:51.0964 3368 upnphost - ok
17:39:51.0993 3368 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:39:51.0997 3368 usbaudio - ok
17:39:52.0014 3368 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:39:52.0017 3368 usbccgp - ok
17:39:52.0029 3368 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:39:52.0031 3368 usbcir - ok
17:39:52.0041 3368 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:39:52.0044 3368 usbehci - ok
17:39:52.0072 3368 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
17:39:52.0075 3368 usbfilter - ok
17:39:52.0095 3368 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:39:52.0100 3368 usbhub - ok
17:39:52.0105 3368 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:39:52.0107 3368 usbohci - ok
17:39:52.0126 3368 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:39:52.0128 3368 usbprint - ok
17:39:52.0168 3368 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:39:52.0170 3368 usbscan - ok
17:39:52.0177 3368 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:39:52.0179 3368 USBSTOR - ok
17:39:52.0196 3368 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:39:52.0198 3368 usbuhci - ok
17:39:52.0220 3368 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:39:52.0224 3368 usbvideo - ok
17:39:52.0244 3368 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:39:52.0248 3368 UxSms - ok
17:39:52.0262 3368 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:39:52.0264 3368 VaultSvc - ok
17:39:52.0288 3368 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:39:52.0290 3368 vdrvroot - ok
17:39:52.0311 3368 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:39:52.0320 3368 vds - ok
17:39:52.0338 3368 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:39:52.0340 3368 vga - ok
17:39:52.0358 3368 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:39:52.0360 3368 VgaSave - ok
17:39:52.0378 3368 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:39:52.0381 3368 vhdmp - ok
17:39:52.0390 3368 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:39:52.0392 3368 viaide - ok
17:39:52.0407 3368 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:39:52.0410 3368 volmgr - ok
17:39:52.0429 3368 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:39:52.0433 3368 volmgrx - ok
17:39:52.0441 3368 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:39:52.0444 3368 volsnap - ok
17:39:52.0469 3368 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:39:52.0476 3368 vsmraid - ok
17:39:52.0523 3368 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:39:52.0543 3368 VSS - ok
17:39:52.0558 3368 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:39:52.0560 3368 vwifibus - ok
17:39:52.0580 3368 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:39:52.0587 3368 W32Time - ok
17:39:52.0618 3368 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:39:52.0620 3368 WacomPen - ok
17:39:52.0645 3368 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:39:52.0648 3368 WANARP - ok
17:39:52.0653 3368 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:39:52.0654 3368 Wanarpv6 - ok
17:39:52.0698 3368 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:39:52.0711 3368 WatAdminSvc - ok
17:39:52.0743 3368 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:39:52.0761 3368 wbengine - ok
17:39:52.0792 3368 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:39:52.0798 3368 WbioSrvc - ok
17:39:52.0814 3368 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:39:52.0821 3368 wcncsvc - ok
17:39:52.0839 3368 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:39:52.0844 3368 WcsPlugInService - ok
17:39:52.0864 3368 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:39:52.0866 3368 Wd - ok
17:39:52.0895 3368 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:39:52.0904 3368 Wdf01000 - ok
17:39:52.0910 3368 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:39:52.0915 3368 WdiServiceHost - ok
17:39:52.0919 3368 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:39:52.0923 3368 WdiSystemHost - ok
17:39:52.0939 3368 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:39:52.0946 3368 WebClient - ok
17:39:52.0958 3368 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:39:52.0964 3368 Wecsvc - ok
17:39:52.0991 3368 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:39:52.0996 3368 wercplsupport - ok
17:39:53.0013 3368 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:39:53.0017 3368 WerSvc - ok
17:39:53.0040 3368 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:39:53.0042 3368 WfpLwf - ok
17:39:53.0062 3368 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:39:53.0063 3368 WIMMount - ok
17:39:53.0081 3368 WinDefend - ok
17:39:53.0090 3368 WinHttpAutoProxySvc - ok
17:39:53.0132 3368 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:39:53.0136 3368 Winmgmt - ok
17:39:53.0187 3368 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:39:53.0212 3368 WinRM - ok
17:39:53.0247 3368 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:39:53.0249 3368 WinUsb - ok
17:39:53.0287 3368 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:39:53.0299 3368 Wlansvc - ok
17:39:53.0408 3368 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:39:53.0455 3368 wlidsvc - ok
17:39:53.0472 3368 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:39:53.0473 3368 WmiAcpi - ok
17:39:53.0498 3368 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:39:53.0501 3368 wmiApSrv - ok
17:39:53.0527 3368 WMPNetworkSvc - ok
17:39:53.0544 3368 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:39:53.0548 3368 WPCSvc - ok
17:39:53.0562 3368 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:39:53.0566 3368 WPDBusEnum - ok
17:39:53.0581 3368 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:39:53.0583 3368 ws2ifsl - ok
17:39:53.0599 3368 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:39:53.0604 3368 wscsvc - ok
17:39:53.0610 3368 WSearch - ok
17:39:53.0661 3368 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:39:53.0690 3368 wuauserv - ok
17:39:53.0720 3368 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:39:53.0722 3368 WudfPf - ok
17:39:53.0749 3368 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:39:53.0751 3368 WUDFRd - ok
17:39:53.0760 3368 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:39:53.0765 3368 wudfsvc - ok
17:39:53.0781 3368 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:39:53.0787 3368 WwanSvc - ok
17:39:53.0814 3368 ================ Scan global ===============================
17:39:53.0829 3368 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:39:53.0865 3368 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:39:53.0877 3368 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:39:53.0900 3368 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:39:53.0925 3368 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:39:53.0931 3368 [Global] - ok
17:39:53.0932 3368 ================ Scan MBR ==================================
17:39:53.0944 3368 [ 393348A377E20ABABEC9FA67495AC958 ] \Device\Harddisk0\DR0
17:39:54.0315 3368 \Device\Harddisk0\DR0 - ok
17:39:54.0322 3368 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
17:39:54.0364 3368 \Device\Harddisk5\DR5 - ok
17:39:54.0364 3368 ================ Scan VBR ==================================
17:39:54.0368 3368 [ 247B73D5F906278ADCA8EC9C6C6789E6 ] \Device\Harddisk0\DR0\Partition1
17:39:54.0370 3368 \Device\Harddisk0\DR0\Partition1 - ok
17:39:54.0383 3368 [ 2D6744AA93DF9873245033AB9B0AACB9 ] \Device\Harddisk0\DR0\Partition2
17:39:54.0385 3368 \Device\Harddisk0\DR0\Partition2 - ok
17:39:54.0415 3368 [ 5F1083B8CFDF5CF3E2C33D5418C22D67 ] \Device\Harddisk0\DR0\Partition3
17:39:54.0416 3368 \Device\Harddisk0\DR0\Partition3 - ok
17:39:54.0421 3368 [ 8EE77230DAF442E2F5EEC4F099AE32B4 ] \Device\Harddisk5\DR5\Partition1
17:39:54.0423 3368 \Device\Harddisk5\DR5\Partition1 - ok
17:39:54.0424 3368 ============================================================
17:39:54.0424 3368 Scan finished
17:39:54.0424 3368 ============================================================
17:39:54.0438 0460 Detected object count: 0
17:39:54.0438 0460 Actual detected object count: 0
17:40:02.0091 6580 ============================================================
17:40:02.0092 6580 Scan started
17:40:02.0092 6580 Mode: Manual;
17:40:02.0092 6580 ============================================================
17:40:02.0622 6580 ================ Scan system memory ========================
17:40:02.0622 6580 System memory - ok
17:40:02.0623 6580 ================ Scan services =============================
17:40:02.0810 6580 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:40:02.0813 6580 1394ohci - ok
17:40:02.0852 6580 ACDaemon - ok
17:40:02.0869 6580 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:40:02.0873 6580 ACPI - ok
17:40:02.0880 6580 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:40:02.0881 6580 AcpiPmi - ok
17:40:02.0918 6580 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:40:02.0922 6580 AdobeARMservice - ok
17:40:02.0942 6580 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:40:02.0946 6580 adp94xx - ok
17:40:02.0961 6580 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:40:02.0963 6580 adpahci - ok
17:40:02.0980 6580 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:40:02.0981 6580 adpu320 - ok
17:40:03.0002 6580 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:40:03.0004 6580 AeLookupSvc - ok
17:40:03.0034 6580 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:40:03.0038 6580 AFD - ok
17:40:03.0054 6580 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:40:03.0056 6580 agp440 - ok
17:40:03.0064 6580 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:40:03.0065 6580 ALG - ok
17:40:03.0073 6580 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:40:03.0075 6580 aliide - ok
17:40:03.0107 6580 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:40:03.0109 6580 AMD External Events Utility - ok
17:40:03.0155 6580 AMD FUEL Service - ok
17:40:03.0164 6580 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:40:03.0164 6580 amdide - ok
17:40:03.0186 6580 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
17:40:03.0187 6580 amdiox64 - ok
17:40:03.0200 6580 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:40:03.0201 6580 AmdK8 - ok
17:40:03.0408 6580 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:40:03.0469 6580 amdkmdag - ok
17:40:03.0493 6580 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:40:03.0496 6580 amdkmdap - ok
17:40:03.0517 6580 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:40:03.0518 6580 AmdPPM - ok
17:40:03.0543 6580 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:40:03.0545 6580 amdsata - ok
17:40:03.0558 6580 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:40:03.0560 6580 amdsbs - ok
17:40:03.0569 6580 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:40:03.0570 6580 amdxata - ok
17:40:03.0596 6580 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
17:40:03.0597 6580 amd_sata - ok
17:40:03.0622 6580 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
17:40:03.0623 6580 amd_xata - ok
17:40:03.0653 6580 [ 1C95002CE0AB71D9C81B7DC2D790E4C2 ] androidusb C:\Windows\system32\Drivers\wsadb.sys
17:40:03.0654 6580 androidusb - ok
17:40:03.0676 6580 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:40:03.0677 6580 AODDriver4.1 - ok
17:40:03.0692 6580 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:40:03.0693 6580 AppID - ok
17:40:03.0710 6580 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:40:03.0711 6580 AppIDSvc - ok
17:40:03.0719 6580 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:40:03.0720 6580 Appinfo - ok
17:40:03.0737 6580 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:40:03.0738 6580 arc - ok
17:40:03.0750 6580 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:40:03.0751 6580 arcsas - ok
17:40:03.0810 6580 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:40:03.0811 6580 aspnet_state - ok
17:40:03.0830 6580 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:40:03.0831 6580 aswFsBlk - ok
17:40:03.0848 6580 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:40:03.0848 6580 aswMonFlt - ok
17:40:03.0864 6580 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:40:03.0865 6580 aswRdr - ok
17:40:03.0910 6580 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:40:03.0916 6580 aswSnx - ok
17:40:03.0935 6580 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:40:03.0938 6580 aswSP - ok
17:40:03.0954 6580 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:40:03.0955 6580 aswTdi - ok
17:40:03.0963 6580 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:40:03.0964 6580 AsyncMac - ok
17:40:03.0993 6580 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:40:03.0993 6580 atapi - ok
17:40:04.0013 6580 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\drivers\AtiPcie64.sys
17:40:04.0014 6580 AtiPcie - ok
17:40:04.0048 6580 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:40:04.0053 6580 AudioEndpointBuilder - ok
17:40:04.0065 6580 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:40:04.0069 6580 AudioSrv - ok
17:40:04.0120 6580 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files (x86)\Avast\AvastSvc.exe
17:40:04.0121 6580 avast! Antivirus - ok
17:40:04.0125 6580 avgfws - ok
17:40:04.0130 6580 AVGIDSAgent - ok
17:40:04.0137 6580 avgwd - ok
17:40:04.0157 6580 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:40:04.0159 6580 AxInstSV - ok
17:40:04.0175 6580 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:40:04.0178 6580 b06bdrv - ok
17:40:04.0190 6580 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:40:04.0192 6580 b57nd60a - ok
17:40:04.0202 6580 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:40:04.0204 6580 BDESVC - ok
17:40:04.0227 6580 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:40:04.0227 6580 Beep - ok
17:40:04.0257 6580 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:40:04.0261 6580 BFE - ok
17:40:04.0355 6580 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys
17:40:04.0375 6580 BHDrvx64 - ok
17:40:04.0416 6580 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:40:04.0428 6580 BITS - ok
17:40:04.0444 6580 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:40:04.0445 6580 blbdrive - ok
17:40:04.0497 6580 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:40:04.0500 6580 Bonjour Service - ok
17:40:04.0527 6580 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:40:04.0528 6580 bowser - ok
17:40:04.0546 6580 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:40:04.0547 6580 BrFiltLo - ok
17:40:04.0563 6580 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:40:04.0564 6580 BrFiltUp - ok
17:40:04.0578 6580 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:40:04.0579 6580 BridgeMP - ok
17:40:04.0594 6580 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:40:04.0596 6580 Browser - ok
17:40:04.0609 6580 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:40:04.0611 6580 Brserid - ok
17:40:04.0620 6580 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:40:04.0621 6580 BrSerWdm - ok
17:40:04.0633 6580 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:40:04.0633 6580 BrUsbMdm - ok
17:40:04.0640 6580 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:40:04.0640 6580 BrUsbSer - ok
17:40:04.0653 6580 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:40:04.0655 6580 BTHMODEM - ok
17:40:04.0681 6580 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:40:04.0682 6580 bthserv - ok
17:40:04.0695 6580 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:40:04.0696 6580 cdfs - ok
17:40:04.0711 6580 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:40:04.0713 6580 cdrom - ok
17:40:04.0729 6580 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:40:04.0730 6580 CertPropSvc - ok
17:40:04.0741 6580 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:40:04.0742 6580 circlass - ok
17:40:04.0756 6580 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:40:04.0759 6580 CLFS - ok
17:40:04.0809 6580 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:40:04.0810 6580 clr_optimization_v2.0.50727_32 - ok
17:40:04.0830 6580 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:40:04.0831 6580 clr_optimization_v2.0.50727_64 - ok
17:40:04.0869 6580 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:40:04.0870 6580 clr_optimization_v4.0.30319_32 - ok
17:40:04.0894 6580 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:40:04.0896 6580 clr_optimization_v4.0.30319_64 - ok
17:40:04.0922 6580 [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:40:04.0923 6580 clwvd - ok
17:40:04.0934 6580 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:40:04.0935 6580 CmBatt - ok
17:40:04.0940 6580 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:40:04.0941 6580 cmdide - ok
17:40:04.0958 6580 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:40:04.0961 6580 CNG - ok
17:40:04.0974 6580 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:40:04.0975 6580 Compbatt - ok
17:40:04.0989 6580 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:40:04.0990 6580 CompositeBus - ok
17:40:04.0995 6580 COMSysApp - ok
17:40:05.0008 6580 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:40:05.0009 6580 crcdisk - ok
17:40:05.0045 6580 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:40:05.0047 6580 CryptSvc - ok
17:40:05.0110 6580 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:40:05.0115 6580 cvhsvc - ok
17:40:05.0169 6580 [ 87A70750325AFC300F0977DC3137A350 ] DCamUSBNovatek C:\Windows\system32\Drivers\nvtcam.sys
17:40:05.0185 6580 DCamUSBNovatek - ok
17:40:05.0206 6580 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:40:05.0212 6580 DcomLaunch - ok
17:40:05.0242 6580 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:40:05.0245 6580 defragsvc - ok
17:40:05.0254 6580 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:40:05.0256 6580 DfsC - ok
17:40:05.0271 6580 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:40:05.0274 6580 Dhcp - ok
17:40:05.0298 6580 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:40:05.0299 6580 discache - ok
17:40:05.0314 6580 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:40:05.0315 6580 Disk - ok
17:40:05.0338 6580 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:40:05.0340 6580 Dnscache - ok
17:40:05.0353 6580 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:40:05.0356 6580 dot3svc - ok
17:40:05.0371 6580 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:40:05.0374 6580 DPS - ok
17:40:05.0384 6580 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:40:05.0385 6580 drmkaud - ok
17:40:05.0415 6580 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:40:05.0417 6580 dtsoftbus01 - ok
17:40:05.0446 6580 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:40:05.0453 6580 DXGKrnl - ok
17:40:05.0479 6580 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:40:05.0481 6580 EapHost - ok
17:40:05.0541 6580 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:40:05.0559 6580 ebdrv - ok
17:40:05.0590 6580 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:40:05.0593 6580 eeCtrl - ok
17:40:05.0620 6580 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:40:05.0622 6580 EFS - ok
17:40:05.0671 6580 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:40:05.0675 6580 ehRecvr - ok
17:40:05.0689 6580 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:40:05.0690 6580 ehSched - ok
17:40:05.0704 6580 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:40:05.0708 6580 elxstor - ok
17:40:05.0732 6580 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:40:05.0734 6580 EraserUtilRebootDrv - ok
17:40:05.0752 6580 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:40:05.0753 6580 ErrDev - ok
17:40:05.0777 6580 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:40:05.0781 6580 EventSystem - ok
17:40:05.0797 6580 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:40:05.0799 6580 exfat - ok
17:40:05.0824 6580 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:40:05.0826 6580 fastfat - ok
17:40:05.0844 6580 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:40:05.0849 6580 Fax - ok
17:40:05.0862 6580 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:40:05.0863 6580 fdc - ok
17:40:05.0880 6580 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:40:05.0882 6580 fdPHost - ok
17:40:05.0895 6580 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:40:05.0897 6580 FDResPub - ok
17:40:05.0913 6580 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:40:05.0914 6580 FileInfo - ok
17:40:05.0928 6580 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:40:05.0929 6580 Filetrace - ok
17:40:05.0936 6580 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:40:05.0937 6580 flpydisk - ok
17:40:05.0949 6580 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:40:05.0952 6580 FltMgr - ok
17:40:06.0048 6580 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:40:06.0056 6580 FontCache - ok
17:40:06.0149 6580 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:40:06.0151 6580 FontCache3.0.0.0 - ok
17:40:06.0195 6580 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:40:06.0197 6580 FsDepends - ok
17:40:06.0253 6580 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:40:06.0255 6580 Fs_Rec - ok
17:40:06.0297 6580 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:40:06.0303 6580 fvevol - ok
17:40:06.0323 6580 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:40:06.0324 6580 gagp30kx - ok
17:40:06.0359 6580 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:40:06.0362 6580 GamesAppService - ok
17:40:06.0395 6580 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:40:06.0403 6580 gpsvc - ok
17:40:06.0463 6580 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:40:06.0464 6580 gupdate - ok
17:40:06.0468 6580 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:40:06.0470 6580 gupdatem - ok
17:40:06.0498 6580 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:40:06.0499 6580 hcw85cir - ok
17:40:06.0509 6580 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:40:06.0511 6580 HdAudAddService - ok
17:40:06.0523 6580 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:40:06.0525 6580 HDAudBus - ok
17:40:06.0530 6580 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:40:06.0531 6580 HidBatt - ok
17:40:06.0539 6580 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:40:06.0541 6580 HidBth - ok
17:40:06.0546 6580 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:40:06.0547 6580 HidIr - ok
17:40:06.0563 6580 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:40:06.0565 6580 hidserv - ok
17:40:06.0577 6580 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:40:06.0578 6580 HidUsb - ok
17:40:06.0598 6580 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:40:06.0601 6580 hkmsvc - ok
17:40:06.0611 6580 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:40:06.0614 6580 HomeGroupListener - ok
17:40:06.0630 6580 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:40:06.0633 6580 HomeGroupProvider - ok
17:40:06.0709 6580 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:40:06.0712 6580 HP Support Assistant Service - ok
17:40:06.0761 6580 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
17:40:06.0772 6580 HPAuto - ok
17:40:06.0796 6580 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:40:06.0803 6580 HPClientSvc - ok
17:40:06.0842 6580 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:40:06.0849 6580 hpqwmiex - ok
17:40:06.0861 6580 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:40:06.0862 6580 HpSAMD - ok
17:40:06.0886 6580 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:40:06.0891 6580 HTTP - ok
17:40:06.0901 6580 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:40:06.0903 6580 hwpolicy - ok
17:40:06.0914 6580 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:40:06.0915 6580 i8042prt - ok
17:40:06.0938 6580 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:40:06.0941 6580 iaStorV - ok
17:40:06.0998 6580 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:40:07.0011 6580 idsvc - ok
17:40:07.0066 6580 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121027.002\IDSvia64.sys
17:40:07.0072 6580 IDSVia64 - ok
17:40:07.0164 6580 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:40:07.0195 6580 igfx - ok
17:40:07.0209 6580 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:40:07.0209 6580 iirsp - ok
17:40:07.0241 6580 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:40:07.0247 6580 IKEEXT - ok
17:40:07.0308 6580 [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:40:07.0322 6580 IntcAzAudAddService - ok
17:40:07.0333 6580 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:40:07.0333 6580 intelide - ok
17:40:07.0350 6580 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:40:07.0352 6580 intelppm - ok
17:40:07.0379 6580 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:40:07.0381 6580 IPBusEnum - ok
17:40:07.0388 6580 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:40:07.0389 6580 IpFilterDriver - ok
17:40:07.0428 6580 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:40:07.0433 6580 iphlpsvc - ok
17:40:07.0445 6580 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:40:07.0446 6580 IPMIDRV - ok
17:40:07.0452 6580 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:40:07.0454 6580 IPNAT - ok
17:40:07.0466 6580 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:40:07.0468 6580 IRENUM - ok
17:40:07.0476 6580 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:40:07.0476 6580 isapnp - ok
17:40:07.0497 6580 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:40:07.0499 6580 iScsiPrt - ok
17:40:07.0510 6580 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:40:07.0511 6580 kbdclass - ok
17:40:07.0521 6580 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:40:07.0522 6580 kbdhid - ok
17:40:07.0536 6580 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:40:07.0538 6580 KeyIso - ok
17:40:07.0559 6580 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:40:07.0560 6580 KSecDD - ok
17:40:07.0573 6580 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:40:07.0574 6580 KSecPkg - ok
17:40:07.0598 6580 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:40:07.0599 6580 ksthunk - ok
17:40:07.0620 6580 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:40:07.0624 6580 KtmRm - ok
17:40:07.0651 6580 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:40:07.0656 6580 LanmanServer - ok
17:40:07.0680 6580 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:40:07.0685 6580 LanmanWorkstation - ok
17:40:07.0726 6580 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:40:07.0726 6580 LightScribeService - ok
17:40:07.0742 6580 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:40:07.0744 6580 lltdio - ok
17:40:07.0770 6580 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:40:07.0774 6580 lltdsvc - ok
17:40:07.0786 6580 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:40:07.0788 6580 lmhosts - ok
17:40:07.0808 6580 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:40:07.0810 6580 LSI_FC - ok
17:40:07.0815 6580 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:40:07.0817 6580 LSI_SAS - ok
17:40:07.0833 6580 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:40:07.0835 6580 LSI_SAS2 - ok
17:40:07.0841 6580 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:40:07.0843 6580 LSI_SCSI - ok
17:40:07.0854 6580 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:40:07.0855 6580 luafv - ok
17:40:07.0860 6580 LVPr2M64 - ok
17:40:07.0891 6580 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
17:40:07.0892 6580 ManyCam - ok
17:40:07.0933 6580 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:40:07.0934 6580 MBAMProtector - ok
17:40:07.0974 6580 MBAMScheduler - ok
17:40:07.0978 6580 MBAMService - ok
17:40:08.0005 6580 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
17:40:08.0006 6580 mcaudrv_simple - ok
17:40:08.0018 6580 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:40:08.0021 6580 Mcx2Svc - ok
17:40:08.0026 6580 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:40:08.0027 6580 megasas - ok
17:40:08.0036 6580 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:40:08.0038 6580 MegaSR - ok
17:40:08.0083 6580 Microsoft SharePoint Workspace Audit Service - ok
17:40:08.0095 6580 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:40:08.0097 6580 MMCSS - ok
17:40:08.0119 6580 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:40:08.0120 6580 Modem - ok
17:40:08.0135 6580 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:40:08.0136 6580 monitor - ok
17:40:08.0144 6580 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:40:08.0145 6580 mouclass - ok
17:40:08.0154 6580 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:40:08.0155 6580 mouhid - ok
17:40:08.0168 6580 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:40:08.0170 6580 mountmgr - ok
17:40:08.0176 6580 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:40:08.0178 6580 mpio - ok
17:40:08.0190 6580 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:40:08.0191 6580 mpsdrv - ok
17:40:08.0217 6580 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:40:08.0223 6580 MpsSvc - ok
17:40:08.0230 6580 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:40:08.0231 6580 MRxDAV - ok
17:40:08.0255 6580 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:40:08.0257 6580 mrxsmb - ok
17:40:08.0280 6580 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:40:08.0282 6580 mrxsmb10 - ok
17:40:08.0293 6580 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:40:08.0294 6580 mrxsmb20 - ok
17:40:08.0315 6580 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:40:08.0316 6580 msahci - ok
17:40:08.0324 6580 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:40:08.0325 6580 msdsm - ok
17:40:08.0337 6580 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:40:08.0340 6580 MSDTC - ok
17:40:08.0362 6580 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:40:08.0363 6580 Msfs - ok
17:40:08.0373 6580 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:40:08.0373 6580 mshidkmdf - ok
17:40:08.0386 6580 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:40:08.0387 6580 msisadrv - ok
17:40:08.0414 6580 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:40:08.0416 6580 MSiSCSI - ok
17:40:08.0422 6580 msiserver - ok
17:40:08.0430 6580 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:40:08.0431 6580 MSKSSRV - ok
17:40:08.0450 6580 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:40:08.0451 6580 MSPCLOCK - ok
17:40:08.0465 6580 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:40:08.0467 6580 MSPQM - ok
17:40:08.0497 6580 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:40:08.0500 6580 MsRPC - ok
17:40:08.0525 6580 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:40:08.0526 6580 mssmbios - ok
17:40:08.0531 6580 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:40:08.0533 6580 MSTEE - ok
17:40:08.0547 6580 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:40:08.0548 6580 MTConfig - ok
17:40:08.0567 6580 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:40:08.0568 6580 Mup - ok
17:40:08.0588 6580 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:40:08.0593 6580 napagent - ok
17:40:08.0615 6580 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:40:08.0618 6580 NativeWifiP - ok
17:40:08.0686 6580 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121030.002\ENG64.SYS
17:40:08.0689 6580 NAVENG - ok
17:40:08.0741 6580 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121030.002\EX64.SYS
17:40:08.0755 6580 NAVEX15 - ok
17:40:08.0793 6580 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:40:08.0799 6580 NDIS - ok
17:40:08.0809 6580 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:40:08.0810 6580 NdisCap - ok
17:40:08.0820 6580 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:40:08.0821 6580 NdisTapi - ok
17:40:08.0826 6580 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:40:08.0828 6580 Ndisuio - ok
17:40:08.0854 6580 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:40:08.0855 6580 NdisWan - ok
17:40:08.0869 6580 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:40:08.0871 6580 NDProxy - ok
17:40:08.0880 6580 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:40:08.0881 6580 NetBIOS - ok
17:40:08.0891 6580 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:40:08.0893 6580 NetBT - ok
17:40:08.0903 6580 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:40:08.0905 6580 Netlogon - ok
17:40:08.0935 6580 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:40:08.0940 6580 Netman - ok
17:40:08.0967 6580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:08.0969 6580 NetMsmqActivator - ok
17:40:08.0973 6580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:08.0975 6580 NetPipeActivator - ok
17:40:08.0987 6580 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:40:08.0992 6580 netprofm - ok
17:40:09.0000 6580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:09.0002 6580 NetTcpActivator - ok
17:40:09.0007 6580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:09.0008 6580 NetTcpPortSharing - ok
17:40:09.0022 6580 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:40:09.0023 6580 nfrd960 - ok
17:40:09.0096 6580 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
17:40:09.0099 6580 NIS - ok
17:40:09.0126 6580 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:40:09.0138 6580 NlaSvc - ok
17:40:09.0215 6580 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:40:09.0235 6580 NOBU - ok
17:40:09.0257 6580 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:40:09.0258 6580 Npfs - ok
17:40:09.0279 6580 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:40:09.0282 6580 nsi - ok
17:40:09.0293 6580 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:40:09.0294 6580 nsiproxy - ok
17:40:09.0344 6580 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:40:09.0353 6580 Ntfs - ok
17:40:09.0363 6580 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:40:09.0364 6580 Null - ok
17:40:09.0388 6580 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:40:09.0390 6580 nvraid - ok
17:40:09.0402 6580 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:40:09.0403 6580 nvstor - ok
17:40:09.0420 6580 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:40:09.0422 6580 nv_agp - ok
17:40:09.0450 6580 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:40:09.0451 6580 ohci1394 - ok
17:40:09.0476 6580 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:40:09.0477 6580 ose - ok
17:40:09.0575 6580 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:40:09.0603 6580 osppsvc - ok
17:40:09.0627 6580 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:40:09.0631 6580 p2pimsvc - ok
17:40:09.0649 6580 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:40:09.0654 6580 p2psvc - ok
17:40:09.0675 6580 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:40:09.0677 6580 Parport - ok
17:40:09.0698 6580 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:40:09.0700 6580 partmgr - ok
17:40:09.0716 6580 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:40:09.0720 6580 PcaSvc - ok
17:40:09.0738 6580 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:40:09.0739 6580 pci - ok
17:40:09.0756 6580 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:40:09.0757 6580 pciide - ok
17:40:09.0769 6580 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:40:09.0770 6580 pcmcia - ok
17:40:09.0787 6580 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:40:09.0788 6580 pcw - ok
17:40:09.0810 6580 pdfcDispatcher - ok
17:40:09.0832 6580 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:40:09.0837 6580 PEAUTH - ok
17:40:09.0909 6580 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:40:09.0911 6580 PerfHost - ok
17:40:09.0961 6580 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:40:09.0971 6580 pla - ok
17:40:09.0997 6580 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:40:10.0003 6580 PlugPlay - ok
17:40:10.0020 6580 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:40:10.0024 6580 PNRPAutoReg - ok
17:40:10.0043 6580 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:40:10.0047 6580 PNRPsvc - ok
17:40:10.0084 6580 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:40:10.0085 6580 Point64 - ok
17:40:10.0113 6580 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:40:10.0122 6580 PolicyAgent - ok
17:40:10.0143 6580 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:40:10.0147 6580 Power - ok
17:40:10.0175 6580 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:40:10.0177 6580 PptpMiniport - ok
17:40:10.0209 6580 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:40:10.0210 6580 Processor - ok
17:40:10.0246 6580 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:40:10.0251 6580 ProfSvc - ok
17:40:10.0261 6580 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:40:10.0264 6580 ProtectedStorage - ok
17:40:10.0279 6580 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:40:10.0280 6580 Psched - ok
17:40:10.0326 6580 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:40:10.0338 6580 ql2300 - ok
17:40:10.0358 6580 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:40:10.0360 6580 ql40xx - ok
17:40:10.0381 6580 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:40:10.0387 6580 QWAVE - ok
17:40:10.0401 6580 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:40:10.0403 6580 QWAVEdrv - ok
17:40:10.0426 6580 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:40:10.0428 6580 RasAcd - ok
17:40:10.0457 6580 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:40:10.0459 6580 RasAgileVpn - ok
17:40:10.0469 6580 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:40:10.0477 6580 RasAuto - ok
17:40:10.0506 6580 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:40:10.0509 6580 Rasl2tp - ok
17:40:10.0527 6580 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:40:10.0532 6580 RasMan - ok
17:40:10.0548 6580 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:40:10.0550 6580 RasPppoe - ok
17:40:10.0569 6580 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:40:10.0571 6580 RasSstp - ok
17:40:10.0596 6580 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:40:10.0598 6580 rdbss - ok
17:40:10.0612 6580 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:40:10.0613 6580 rdpbus - ok
17:40:10.0621 6580 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:40:10.0623 6580 RDPCDD - ok
17:40:10.0645 6580 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:40:10.0646 6580 RDPENCDD - ok
17:40:10.0659 6580 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:40:10.0661 6580 RDPREFMP - ok
17:40:10.0690 6580 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:40:10.0693 6580 RDPWD - ok
17:40:10.0701 6580 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:40:10.0705 6580 rdyboost - ok
17:40:10.0727 6580 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:40:10.0730 6580 RemoteAccess - ok
17:40:10.0760 6580 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:40:10.0763 6580 RemoteRegistry - ok
17:40:10.0814 6580 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:40:10.0818 6580 RoxioNow Service - ok
17:40:10.0836 6580 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:40:10.0841 6580 RpcEptMapper - ok
17:40:10.0864 6580 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:40:10.0867 6580 RpcLocator - ok
17:40:10.0889 6580 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:40:10.0896 6580 RpcSs - ok
17:40:10.0918 6580 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:40:10.0920 6580 rspndr - ok
17:40:10.0952 6580 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:40:10.0957 6580 RTL8167 - ok
17:40:10.0969 6580 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:40:10.0973 6580 SamSs - ok
17:40:10.0990 6580 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:40:10.0992 6580 sbp2port - ok
17:40:11.0018 6580 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:40:11.0022 6580 SCardSvr - ok
17:40:11.0027 6580 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:40:11.0029 6580 scfilter - ok
17:40:11.0056 6580 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:40:11.0067 6580 Schedule - ok
17:40:11.0087 6580 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:40:11.0088 6580 SCPolicySvc - ok
17:40:11.0110 6580 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:40:11.0114 6580 SDRSVC - ok
17:40:11.0137 6580 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:40:11.0139 6580 secdrv - ok
17:40:11.0149 6580 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:40:11.0154 6580 seclogon - ok
17:40:11.0164 6580 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:40:11.0169 6580 SENS - ok
17:40:11.0183 6580 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:40:11.0188 6580 SensrSvc - ok
17:40:11.0199 6580 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:40:11.0201 6580 Serenum - ok
17:40:11.0218 6580 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:40:11.0220 6580 Serial - ok
17:40:11.0233 6580 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:40:11.0235 6580 sermouse - ok
17:40:11.0268 6580 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:40:11.0272 6580 SessionEnv - ok
17:40:11.0288 6580 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:40:11.0289 6580 sffdisk - ok
17:40:11.0305 6580 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:40:11.0306 6580 sffp_mmc - ok
17:40:11.0320 6580 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:40:11.0321 6580 sffp_sd - ok
17:40:11.0342 6580 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:40:11.0343 6580 sfloppy - ok
17:40:11.0376 6580 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:40:11.0380 6580 Sftfs - ok
17:40:11.0410 6580 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:40:11.0413 6580 sftlist - ok
17:40:11.0429 6580 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:40:11.0432 6580 Sftplay - ok
17:40:11.0448 6580 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:40:11.0450 6580 Sftredir - ok
17:40:11.0465 6580 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:40:11.0466 6580 Sftvol - ok
17:40:11.0479 6580 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:40:11.0482 6580 sftvsa - ok
17:40:11.0499 6580 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:40:11.0503 6580 SharedAccess - ok
17:40:11.0528 6580 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:40:11.0533 6580 ShellHWDetection - ok
17:40:11.0545 6580 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:40:11.0547 6580 SiSRaid2 - ok
17:40:11.0568 6580 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:40:11.0569 6580 SiSRaid4 - ok
17:40:11.0646 6580 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:40:11.0664 6580 Skype C2C Service - ok
17:40:11.0696 6580 [ C44DA62FBCAE62803EA95600FC263065 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:40:11.0698 6580 SkypeUpdate - ok
17:40:11.0710 6580 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:40:11.0712 6580 Smb - ok
17:40:11.0735 6580 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:40:11.0738 6580 SNMPTRAP - ok
17:40:11.0747 6580 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:40:11.0749 6580 spldr - ok
17:40:11.0774 6580 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:40:11.0779 6580 Spooler - ok
17:40:11.0852 6580 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:40:11.0873 6580 sppsvc - ok
17:40:11.0886 6580 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:40:11.0890 6580 sppuinotify - ok
17:40:11.0954 6580 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
17:40:11.0966 6580 SRTSP - ok
17:40:11.0987 6580 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
17:40:11.0989 6580 SRTSPX - ok
17:40:12.0019 6580 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:40:12.0023 6580 srv - ok
17:40:12.0043 6580 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:40:12.0047 6580 srv2 - ok
17:40:12.0058 6580 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:40:12.0060 6580 srvnet - ok
17:40:12.0082 6580 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:40:12.0086 6580 SSDPSRV - ok
17:40:12.0101 6580 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:40:12.0104 6580 SstpSvc - ok
17:40:12.0126 6580 Steam Client Service - ok
17:40:12.0154 6580 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:40:12.0155 6580 stexstor - ok
17:40:12.0188 6580 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:40:12.0194 6580 stisvc - ok
17:40:12.0208 6580 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:40:12.0208 6580 swenum - ok
17:40:12.0225 6580 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:40:12.0231 6580 swprv - ok
17:40:12.0251 6580 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
17:40:12.0254 6580 SymDS - ok
17:40:12.0296 6580 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
17:40:12.0301 6580 SymEFA - ok
17:40:12.0320 6580 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:40:12.0322 6580 SymEvent - ok
17:40:12.0332 6580 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
17:40:12.0334 6580 SymIRON - ok
17:40:12.0349 6580 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
17:40:12.0352 6580 SymNetS - ok
17:40:12.0390 6580 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:40:12.0402 6580 SysMain - ok
17:40:12.0413 6580 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:40:12.0416 6580 TabletInputService - ok
17:40:12.0439 6580 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
17:40:12.0440 6580 tap0901t - ok
17:40:12.0456 6580 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:40:12.0460 6580 TapiSrv - ok
17:40:12.0473 6580 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:40:12.0478 6580 TBS - ok
17:40:12.0591 6580 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:40:12.0604 6580 Tcpip - ok
17:40:12.0632 6580 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:40:12.0643 6580 TCPIP6 - ok
17:40:12.0658 6580 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:40:12.0659 6580 tcpipreg - ok
17:40:12.0684 6580 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:40:12.0685 6580 TDPIPE - ok
17:40:12.0703 6580 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:40:12.0704 6580 TDTCP - ok
17:40:12.0711 6580 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:40:12.0712 6580 tdx - ok
17:40:12.0726 6580 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:40:12.0727 6580 TermDD - ok
17:40:12.0760 6580 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:40:12.0767 6580 TermService - ok
17:40:12.0778 6580 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:40:12.0783 6580 Themes - ok
17:40:12.0803 6580 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:40:12.0806 6580 THREADORDER - ok
17:40:12.0822 6580 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:40:12.0826 6580 TrkWks - ok
17:40:12.0868 6580 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:40:12.0872 6580 TrustedInstaller - ok
17:40:12.0890 6580 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:40:12.0892 6580 tssecsrv - ok
17:40:12.0912 6580 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:40:12.0914 6580 TsUsbFlt - ok
17:40:12.0939 6580 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:40:12.0940 6580 TsUsbGD - ok
17:40:12.0956 6580 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:40:12.0957 6580 tunnel - ok
17:40:12.0999 6580 [ 1A5F1301C1EA3B49D1222E9CBB552EBB ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
17:40:13.0004 6580 TunngleService - ok
17:40:13.0023 6580 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:40:13.0024 6580 uagp35 - ok
17:40:13.0041 6580 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:40:13.0044 6580 udfs - ok
17:40:13.0070 6580 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:40:13.0073 6580 UI0Detect - ok
17:40:13.0091 6580 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:40:13.0092 6580 uliagpkx - ok
17:40:13.0110 6580 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:40:13.0111 6580 umbus - ok
17:40:13.0129 6580 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:40:13.0130 6580 UmPass - ok
17:40:13.0148 6580 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:40:13.0153 6580 upnphost - ok
17:40:13.0175 6580 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:40:13.0177 6580 usbaudio - ok
17:40:13.0197 6580 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:40:13.0198 6580 usbccgp - ok
17:40:13.0219 6580 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:40:13.0221 6580 usbcir - ok
17:40:13.0232 6580 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:40:13.0233 6580 usbehci - ok
17:40:13.0254 6580 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
17:40:13.0255 6580 usbfilter - ok
17:40:13.0269 6580 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:40:13.0272 6580 usbhub - ok
17:40:13.0277 6580 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:40:13.0279 6580 usbohci - ok
17:40:13.0292 6580 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:40:13.0293 6580 usbprint - ok
17:40:13.0325 6580 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:40:13.0326 6580 usbscan - ok
17:40:13.0337 6580 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:40:13.0339 6580 USBSTOR - ok
17:40:13.0353 6580 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:40:13.0354 6580 usbuhci - ok
17:40:13.0369 6580 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:40:13.0371 6580 usbvideo - ok
17:40:13.0393 6580 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:40:13.0396 6580 UxSms - ok
17:40:13.0411 6580 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:40:13.0413 6580 VaultSvc - ok
17:40:13.0429 6580 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:40:13.0430 6580 vdrvroot - ok
17:40:13.0451 6580 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:40:13.0457 6580 vds - ok
17:40:13.0478 6580 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:40:13.0480 6580 vga - ok
17:40:13.0490 6580 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:40:13.0492 6580 VgaSave - ok
17:40:13.0518 6580 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:40:13.0520 6580 vhdmp - ok
17:40:13.0531 6580 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:40:13.0532 6580 viaide - ok
17:40:13.0548 6580 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:40:13.0549 6580 volmgr - ok
17:40:13.0569 6580 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:40:13.0572 6580 volmgrx - ok
17:40:13.0581 6580 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:40:13.0584 6580 volsnap - ok
17:40:13.0601 6580 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:40:13.0603 6580 vsmraid - ok
17:40:13.0638 6580 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:40:13.0650 6580 VSS - ok
17:40:13.0665 6580 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:40:13.0666 6580 vwifibus - ok
17:40:13.0696 6580 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:40:13.0702 6580 W32Time - ok
17:40:13.0717 6580 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:40:13.0718 6580 WacomPen - ok
17:40:13.0736 6580 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:40:13.0737 6580 WANARP - ok
17:40:13.0741 6580 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:40:13.0743 6580 Wanarpv6 - ok
17:40:13.0788 6580 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:40:13.0796 6580 WatAdminSvc - ok
17:40:13.0825 6580 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:40:13.0836 6580 wbengine - ok
17:40:13.0849 6580 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:40:13.0853 6580 WbioSrvc - ok
17:40:13.0872 6580 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:40:13.0877 6580 wcncsvc - ok
17:40:13.0896 6580 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:40:13.0900 6580 WcsPlugInService - ok
17:40:13.0922 6580 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:40:13.0922 6580 Wd - ok
17:40:13.0951 6580 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:40:13.0956 6580 Wdf01000 - ok
17:40:13.0962 6580 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:40:13.0966 6580 WdiServiceHost - ok
17:40:13.0970 6580 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:40:13.0974 6580 WdiSystemHost - ok
17:40:13.0988 6580 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:40:13.0992 6580 WebClient - ok
17:40:14.0007 6580 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:40:14.0011 6580 Wecsvc - ok
17:40:14.0019 6580 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:40:14.0023 6580 wercplsupport - ok
17:40:14.0037 6580 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:40:14.0041 6580 WerSvc - ok
17:40:14.0045 6580 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:40:14.0049 6580 WfpLwf - ok
17:40:14.0060 6580 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:40:14.0062 6580 WIMMount - ok
17:40:14.0080 6580 WinDefend - ok
17:40:14.0091 6580 WinHttpAutoProxySvc - ok
17:40:14.0139 6580 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:40:14.0141 6580 Winmgmt - ok
17:40:14.0186 6580 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:40:14.0200 6580 WinRM - ok
17:40:14.0229 6580 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:40:14.0231 6580 WinUsb - ok
17:40:14.0268 6580 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:40:14.0276 6580 Wlansvc - ok
17:40:14.0395 6580 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:40:14.0415 6580 wlidsvc - ok
17:40:14.0429 6580 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:40:14.0431 6580 WmiAcpi - ok
17:40:14.0463 6580 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:40:14.0466 6580 wmiApSrv - ok
17:40:14.0493 6580 WMPNetworkSvc - ok
17:40:14.0514 6580 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:40:14.0517 6580 WPCSvc - ok
17:40:14.0536 6580 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:40:14.0539 6580 WPDBusEnum - ok
17:40:14.0555 6580 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:40:14.0556 6580 ws2ifsl - ok
17:40:14.0573 6580 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:40:14.0577 6580 wscsvc - ok
17:40:14.0583 6580 WSearch - ok
17:40:14.0634 6580 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:40:14.0650 6580 wuauserv - ok
17:40:14.0677 6580 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:40:14.0678 6580 WudfPf - ok
17:40:14.0698 6580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:40:14.0700 6580 WUDFRd - ok
17:40:14.0709 6580 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:40:14.0714 6580 wudfsvc - ok
17:40:14.0730 6580 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:40:14.0735 6580 WwanSvc - ok
17:40:14.0749 6580 ================ Scan global ===============================
17:40:14.0770 6580 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:40:14.0798 6580 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:40:14.0807 6580 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:40:14.0832 6580 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:40:14.0857 6580 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:40:14.0862 6580 [Global] - ok
17:40:14.0863 6580 ================ Scan MBR ==================================
17:40:14.0877 6580 [ 393348A377E20ABABEC9FA67495AC958 ] \Device\Harddisk0\DR0
17:40:15.0229 6580 \Device\Harddisk0\DR0 - ok
17:40:15.0235 6580 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
17:40:15.0266 6580 \Device\Harddisk5\DR5 - ok
17:40:15.0266 6580 ================ Scan VBR ==================================
17:40:15.0269 6580 [ 247B73D5F906278ADCA8EC9C6C6789E6 ] \Device\Harddisk0\DR0\Partition1
17:40:15.0271 6580 \Device\Harddisk0\DR0\Partition1 - ok
17:40:15.0282 6580 [ 2D6744AA93DF9873245033AB9B0AACB9 ] \Device\Harddisk0\DR0\Partition2
17:40:15.0284 6580 \Device\Harddisk0\DR0\Partition2 - ok
17:40:15.0314 6580 [ 5F1083B8CFDF5CF3E2C33D5418C22D67 ] \Device\Harddisk0\DR0\Partition3
17:40:15.0315 6580 \Device\Harddisk0\DR0\Partition3 - ok
17:40:15.0320 6580 [ 8EE77230DAF442E2F5EEC4F099AE32B4 ] \Device\Harddisk5\DR5\Partition1
17:40:15.0324 6580 \Device\Harddisk5\DR5\Partition1 - ok
17:40:15.0325 6580 ============================================================
17:40:15.0325 6580 Scan finished
17:40:15.0325 6580 ============================================================
17:40:15.0350 6740 Detected object count: 0
17:40:15.0350 6740 Actual detected object count: 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users