Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Command Processor


  • Please log in to reply
11 replies to this topic

#1 Hymanyclan

Hymanyclan

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 16 February 2013 - 07:08 PM

A few days ago I started getting the "command processor not working" popup. Not sure what it was so i just X out and continued and this happened numerous time each day. Eventually everything slowed down and could not access certain websites an eventually screen would freeze and have to shutdown and restart. I used malwarebytes removal tool and it found "trojan fake alert" and deleted it. However this did not solve my issue and it just got worse.

I have Vista home premium with SP2, AMD Athlon 2.70 GHz and 4.00GB memory and 32 bit system.

I also have Norton 360 and all other scans have shown no other issue

Thanks for any assistance as computer is barely functioning


Edited by hamluis, 16 February 2013 - 08:22 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:53 PM

Posted 18 February 2013 - 10:30 AM

Hi and welcome to BC!

 

Lets see what we can find.

 

Please Download

Rkill

    Double-click on the RKill desktop icon to run the tool.
    If using Vista or Win. 7, right-click on it and Run As Administrator.
    A black DOS box will show and then disappear (wait for it to go away).  This is normal and indicates the tool ran successfully.
    If not, delete the file, then download and use the one provided in Link 2.
    If the tool does not run, please let me know.  Or if it seems to have taken to long.


Do not reboot the computer until you have run the applications listed below, otherwise you will have to run Rkill again.
Post the log that Rkill makes, on your desktop, in your next post.
 

 

 

Please Download Tdsskiller

    Run TDSSKiller.exe
    Click on Change Parameters
    Put a check in the box of Detect TDLFS file system
    Start scan
    When it is finished the utility outputs a list of detected objects with descriptions:
    The utility automatically selects an action (Cure or Delete) for malicious objects and asks you what to do with suspicious objects (Skip, by default)
    Just stick with the default options and click Continue
    If it wants to reboot please allow it to do so and let me know
    Click on Report and post the contents of the text file that will open

    By default, the utility outputs the log into system disk (it is usually the disk where the operating system is installed, C:\) root folder. The Log will have a name like: TDSSKiller.Version_Date_Time_log.txt.
 

 

 

Please Download

ESET online scanner

Install it

Click on START, it should download the virus definitions
When scan completes, click on LIST of found threats

Export the list to desktop, copy the contents of the text file in your reply
You may not get a listing if nothing is found
 

 

Please also post you'r most recent logs from Malwarebytes and Norton.



#3 Hymanyclan

Hymanyclan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 21 February 2013 - 11:36 AM

Sorry for delay but  I was out of town for a few days. I have run all the requested items and have attached below.

None showed any major issues, but I still have freezes and constant "cycling' and have to re-boot all the time.  I had to re-boot during this response as I could not double click on any of my desktop items.

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/20/2013 05:51:42 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 

 

 

 

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 02/20/2013 05:51:55 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

 

The following is the TDSSkiller:

 

17:56:51.0204 4304  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:56:51.0688 4304  ============================================================
17:56:51.0688 4304  Current date / time: 2013/02/20 17:56:51.0688
17:56:51.0688 4304  SystemInfo:
17:56:51.0688 4304 
17:56:51.0688 4304  OS Version: 6.0.6002 ServicePack: 2.0
17:56:51.0688 4304  Product type: Workstation
17:56:51.0688 4304  ComputerName: NOEL-PC
17:56:51.0688 4304  UserName: NoelK
17:56:51.0688 4304  Windows directory: C:\Windows
17:56:51.0688 4304  System windows directory: C:\Windows
17:56:51.0688 4304  Processor architecture: Intel x86
17:56:51.0688 4304  Number of processors: 2
17:56:51.0688 4304  Page size: 0x1000
17:56:51.0688 4304  Boot type: Normal boot
17:56:51.0688 4304  ============================================================
17:56:52.0070 4304  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:56:52.0090 4304  ============================================================
17:56:52.0090 4304  \Device\Harddisk0\DR0:
17:56:52.0090 4304  MBR partitions:
17:56:52.0090 4304  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x390DB9C0
17:56:52.0090 4304  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x390DB9FF, BlocksNum 0x12A9242
17:56:52.0090 4304  ============================================================
17:56:52.0110 4304  C: <-> \Device\Harddisk0\DR0\Partition1
17:56:52.0150 4304  D: <-> \Device\Harddisk0\DR0\Partition2
17:56:52.0150 4304  ============================================================
17:56:52.0150 4304  Initialize success
17:56:52.0150 4304  ============================================================
17:57:45.0046 6076  ============================================================
17:57:45.0046 6076  Scan started
17:57:45.0046 6076  Mode: Manual; TDLFS;
17:57:45.0046 6076  ============================================================
17:57:45.0904 6076  ================ Scan system memory ========================
17:57:45.0904 6076  System memory - ok
17:57:45.0904 6076  ================ Scan services =============================
17:57:46.0294 6076  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
17:57:46.0310 6076  ACPI - ok
17:57:46.0388 6076  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:57:46.0403 6076  AdobeARMservice - ok
17:57:46.0466 6076  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:57:46.0466 6076  AdobeFlashPlayerUpdateSvc - ok
17:57:46.0497 6076  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:57:46.0513 6076  adp94xx - ok
17:57:46.0528 6076  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:57:46.0528 6076  adpahci - ok
17:57:46.0544 6076  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
17:57:46.0544 6076  adpu160m - ok
17:57:46.0559 6076  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:57:46.0559 6076  adpu320 - ok
17:57:46.0606 6076  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:57:46.0606 6076  AeLookupSvc - ok
17:57:46.0637 6076  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
17:57:46.0653 6076  AFD - ok
17:57:46.0669 6076  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:57:46.0669 6076  agp440 - ok
17:57:46.0684 6076  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:57:46.0684 6076  aic78xx - ok
17:57:46.0715 6076  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
17:57:46.0715 6076  ALG - ok
17:57:46.0731 6076  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:57:46.0731 6076  aliide - ok
17:57:46.0747 6076  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:57:46.0747 6076  amdagp - ok
17:57:46.0747 6076  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:57:46.0762 6076  amdide - ok
17:57:46.0762 6076  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
17:57:46.0762 6076  AmdK7 - ok
17:57:46.0778 6076  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:57:46.0778 6076  AmdK8 - ok
17:57:46.0809 6076  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
17:57:46.0809 6076  Appinfo - ok
17:57:46.0871 6076  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:57:46.0871 6076  Apple Mobile Device - ok
17:57:46.0887 6076  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
17:57:46.0887 6076  arc - ok
17:57:46.0903 6076  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:57:46.0903 6076  arcsas - ok
17:57:46.0965 6076  [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:57:46.0981 6076  aspnet_state - ok
17:57:46.0996 6076  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:57:46.0996 6076  AsyncMac - ok
17:57:47.0027 6076  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:57:47.0027 6076  atapi - ok
17:57:47.0074 6076  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:57:47.0074 6076  AudioEndpointBuilder - ok
17:57:47.0074 6076  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:57:47.0090 6076  Audiosrv - ok
17:57:47.0121 6076  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:57:47.0121 6076  Beep - ok
17:57:47.0152 6076  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
17:57:47.0152 6076  BFE - ok
17:57:47.0277 6076  [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130208.001\BHDrvx86.sys
17:57:47.0293 6076  BHDrvx86 - ok
17:57:47.0355 6076  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
17:57:47.0355 6076  BITS - ok
17:57:47.0386 6076  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
17:57:47.0386 6076  blbdrive - ok
17:57:47.0433 6076  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:57:47.0433 6076  Bonjour Service - ok
17:57:47.0464 6076  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:57:47.0464 6076  bowser - ok
17:57:47.0480 6076  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
17:57:47.0480 6076  BrFiltLo - ok
17:57:47.0495 6076  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
17:57:47.0495 6076  BrFiltUp - ok
17:57:47.0511 6076  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
17:57:47.0511 6076  Browser - ok
17:57:47.0527 6076  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
17:57:47.0527 6076  Brserid - ok
17:57:47.0542 6076  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
17:57:47.0542 6076  BrSerWdm - ok
17:57:47.0558 6076  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
17:57:47.0558 6076  BrUsbMdm - ok
17:57:47.0589 6076  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
17:57:47.0589 6076  BrUsbSer - ok
17:57:47.0605 6076  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:57:47.0605 6076  BTHMODEM - ok
17:57:47.0667 6076  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360      C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys
17:57:47.0667 6076  ccSet_N360 - ok
17:57:47.0698 6076  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:57:47.0698 6076  cdfs - ok
17:57:47.0729 6076  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:57:47.0729 6076  cdrom - ok
17:57:47.0776 6076  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:57:47.0776 6076  CertPropSvc - ok
17:57:47.0792 6076  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
17:57:47.0807 6076  circlass - ok
17:57:47.0839 6076  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
17:57:47.0839 6076  CLFS - ok
17:57:47.0854 6076  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:57:47.0854 6076  clr_optimization_v2.0.50727_32 - ok
17:57:47.0901 6076  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:57:47.0901 6076  clr_optimization_v4.0.30319_32 - ok
17:57:47.0917 6076  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:57:47.0917 6076  cmdide - ok
17:57:47.0932 6076  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:57:47.0932 6076  Compbatt - ok
17:57:47.0948 6076  COMSysApp - ok
17:57:47.0948 6076  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:57:47.0948 6076  crcdisk - ok
17:57:47.0963 6076  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
17:57:47.0963 6076  Crusoe - ok
17:57:48.0010 6076  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:57:48.0010 6076  CryptSvc - ok
17:57:48.0073 6076  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:57:48.0073 6076  DcomLaunch - ok
17:57:48.0088 6076  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:57:48.0104 6076  DfsC - ok
17:57:48.0166 6076  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
17:57:48.0197 6076  DFSR - ok
17:57:48.0229 6076  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
17:57:48.0229 6076  Dhcp - ok
17:57:48.0260 6076  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
17:57:48.0260 6076  disk - ok
17:57:48.0307 6076  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:57:48.0307 6076  Dnscache - ok
17:57:48.0338 6076  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:57:48.0353 6076  dot3svc - ok
17:57:48.0385 6076  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:57:48.0385 6076  Dot4 - ok
17:57:48.0416 6076  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:57:48.0416 6076  Dot4Print - ok
17:57:48.0431 6076  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:57:48.0447 6076  dot4usb - ok
17:57:48.0494 6076  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
17:57:48.0494 6076  DPS - ok
17:57:48.0525 6076  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:57:48.0525 6076  drmkaud - ok
17:57:48.0572 6076  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:57:48.0572 6076  DXGKrnl - ok
17:57:48.0603 6076  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
17:57:48.0603 6076  E1G60 - ok
17:57:48.0634 6076  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
17:57:48.0634 6076  EapHost - ok
17:57:48.0665 6076  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
17:57:48.0665 6076  Ecache - ok
17:57:48.0728 6076  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:57:48.0743 6076  eeCtrl - ok
17:57:48.0790 6076  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:57:48.0790 6076  ehRecvr - ok
17:57:48.0806 6076  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
17:57:48.0806 6076  ehSched - ok
17:57:48.0821 6076  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
17:57:48.0821 6076  ehstart - ok
17:57:48.0837 6076  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:57:48.0853 6076  elxstor - ok
17:57:48.0899 6076  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
17:57:48.0899 6076  EMDMgmt - ok
17:57:48.0946 6076  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:57:48.0946 6076  EraserUtilRebootDrv - ok
17:57:48.0962 6076  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:57:48.0962 6076  ErrDev - ok
17:57:48.0993 6076  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
17:57:48.0993 6076  EventSystem - ok
17:57:49.0040 6076  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
17:57:49.0040 6076  exfat - ok
17:57:49.0087 6076  [ 1C3F11687E1D2FAF512D5D26237662EA ] faproct         C:\Windows\system32\DRIVERS\faproct.sys
17:57:49.0087 6076  faproct - ok
17:57:49.0149 6076  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:57:49.0149 6076  fastfat - ok
17:57:49.0165 6076  [ 518F099A6883F915D468669295B19702 ] faunidrv        C:\Windows\system32\DRIVERS\faunidrv.sys
17:57:49.0165 6076  faunidrv - ok
17:57:49.0196 6076  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:57:49.0196 6076  fdc - ok
17:57:49.0243 6076  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:57:49.0243 6076  fdPHost - ok
17:57:49.0258 6076  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:57:49.0258 6076  FDResPub - ok
17:57:49.0274 6076  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:57:49.0274 6076  FileInfo - ok
17:57:49.0305 6076  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:57:49.0305 6076  Filetrace - ok
17:57:49.0336 6076  [ F213323E98C0552D173401C5A9765E7D ] firedogAdvisorSrvHost C:\Program Files\firedog advisor\firedogAdvisorSrvHost.exe
17:57:49.0336 6076  firedogAdvisorSrvHost - ok
17:57:49.0352 6076  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:57:49.0367 6076  flpydisk - ok
17:57:49.0399 6076  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:57:49.0399 6076  FltMgr - ok
17:57:49.0477 6076  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
17:57:49.0477 6076  FontCache - ok
17:57:49.0508 6076  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:57:49.0508 6076  FontCache3.0.0.0 - ok
17:57:49.0555 6076  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:57:49.0555 6076  Fs_Rec - ok
17:57:49.0586 6076  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:57:49.0586 6076  gagp30kx - ok
17:57:49.0648 6076  [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
17:57:49.0648 6076  GameConsoleService - ok
17:57:49.0695 6076  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:57:49.0695 6076  GEARAspiWDM - ok
17:57:49.0742 6076  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:57:49.0773 6076  gpsvc - ok
17:57:49.0820 6076  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:57:49.0820 6076  gupdate - ok
17:57:49.0835 6076  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:57:49.0835 6076  gupdatem - ok
17:57:49.0898 6076  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:57:49.0898 6076  gusvc - ok
17:57:49.0945 6076  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:57:49.0960 6076  HDAudBus - ok
17:57:49.0991 6076  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:57:49.0991 6076  HidBth - ok
17:57:50.0007 6076  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:57:50.0023 6076  HidIr - ok
17:57:50.0054 6076  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
17:57:50.0054 6076  hidserv - ok
17:57:50.0085 6076  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:57:50.0085 6076  HidUsb - ok
17:57:50.0116 6076  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:57:50.0116 6076  hkmsvc - ok
17:57:50.0194 6076  [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
17:57:50.0194 6076  HP Health Check Service - ok
17:57:50.0241 6076  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
17:57:50.0241 6076  HpCISSs - ok
17:57:50.0303 6076  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:57:50.0319 6076  hpqcxs08 - ok
17:57:50.0335 6076  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:57:50.0381 6076  hpqddsvc - ok
17:57:50.0428 6076  [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
17:57:50.0444 6076  HPSLPSVC - ok
17:57:50.0475 6076  [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP          C:\Windows\system32\DRIVERS\HSX_DP.sys
17:57:50.0491 6076  HSF_DP - ok
17:57:50.0522 6076  [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
17:57:50.0522 6076  HSXHWBS2 - ok
17:57:50.0553 6076  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:57:50.0569 6076  HTTP - ok
17:57:50.0584 6076  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
17:57:50.0584 6076  i2omp - ok
17:57:50.0600 6076  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:57:50.0600 6076  i8042prt - ok
17:57:50.0615 6076  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
17:57:50.0631 6076  iaStorV - ok
17:57:50.0678 6076  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:57:50.0678 6076  IDriverT - ok
17:57:50.0756 6076  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:57:50.0771 6076  idsvc - ok
17:57:50.0834 6076  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130216.001\IDSvix86.sys
17:57:50.0849 6076  IDSVix86 - ok
17:57:50.0927 6076  [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
17:57:50.0943 6076  IHA_MessageCenter - ok
17:57:50.0974 6076  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:57:50.0974 6076  iirsp - ok
17:57:51.0005 6076  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:57:51.0021 6076  IKEEXT - ok
17:57:51.0091 6076  [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:57:51.0121 6076  IntcAzAudAddService - ok
17:57:51.0161 6076  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:57:51.0161 6076  intelide - ok
17:57:51.0181 6076  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:57:51.0181 6076  intelppm - ok
17:57:51.0201 6076  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:57:51.0211 6076  IPBusEnum - ok
17:57:51.0221 6076  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:57:51.0221 6076  IpFilterDriver - ok
17:57:51.0251 6076  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:57:51.0261 6076  iphlpsvc - ok
17:57:51.0261 6076  IpInIp - ok
17:57:51.0281 6076  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
17:57:51.0281 6076  IPMIDRV - ok
17:57:51.0291 6076  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
17:57:51.0301 6076  IPNAT - ok
17:57:51.0361 6076  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:57:51.0371 6076  iPod Service - ok
17:57:51.0371 6076  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:57:51.0381 6076  IRENUM - ok
17:57:51.0401 6076  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:57:51.0401 6076  isapnp - ok
17:57:51.0441 6076  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:57:51.0441 6076  iScsiPrt - ok
17:57:51.0461 6076  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
17:57:51.0461 6076  iteatapi - ok
17:57:51.0481 6076  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
17:57:51.0481 6076  iteraid - ok
17:57:51.0491 6076  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:57:51.0491 6076  kbdclass - ok
17:57:51.0501 6076  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:57:51.0501 6076  kbdhid - ok
17:57:51.0531 6076  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
17:57:51.0531 6076  KeyIso - ok
17:57:51.0571 6076  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:57:51.0571 6076  KSecDD - ok
17:57:51.0601 6076  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:57:51.0611 6076  KtmRm - ok
17:57:51.0641 6076  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:57:51.0641 6076  LanmanServer - ok
17:57:51.0681 6076  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:57:51.0691 6076  LanmanWorkstation - ok
17:57:51.0721 6076  [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:57:51.0721 6076  LightScribeService - ok
17:57:51.0781 6076  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:57:51.0781 6076  lltdio - ok
17:57:51.0801 6076  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:57:51.0811 6076  lltdsvc - ok
17:57:51.0831 6076  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:57:51.0841 6076  lmhosts - ok
17:57:51.0871 6076  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:57:51.0871 6076  LSI_FC - ok
17:57:51.0881 6076  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:57:51.0881 6076  LSI_SAS - ok
17:57:51.0901 6076  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:57:51.0901 6076  LSI_SCSI - ok
17:57:51.0931 6076  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
17:57:51.0931 6076  luafv - ok
17:57:51.0971 6076  [ 4A0B6533F035D74729942EE1D19C35C5 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
17:57:52.0111 6076  lxdnCATSCustConnectService - ok
17:57:52.0121 6076  lxdn_device - ok
17:57:52.0151 6076  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:57:52.0161 6076  MBAMProtector - ok
17:57:52.0201 6076  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:57:52.0211 6076  MBAMScheduler - ok
17:57:52.0231 6076  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:57:52.0241 6076  MBAMService - ok
17:57:52.0291 6076  [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
17:57:52.0291 6076  McciCMService - ok
17:57:52.0311 6076  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:57:52.0311 6076  Mcx2Svc - ok
17:57:52.0331 6076  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:57:52.0331 6076  mdmxsdk - ok
17:57:52.0361 6076  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:57:52.0361 6076  megasas - ok
17:57:52.0381 6076  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
17:57:52.0391 6076  MegaSR - ok
17:57:52.0441 6076  Microsoft SharePoint Workspace Audit Service - ok
17:57:52.0461 6076  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
17:57:52.0461 6076  MMCSS - ok
17:57:52.0481 6076  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
17:57:52.0481 6076  Modem - ok
17:57:52.0491 6076  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:57:52.0491 6076  monitor - ok
17:57:52.0511 6076  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:57:52.0511 6076  mouclass - ok
17:57:52.0521 6076  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\drivers\mouhid.sys
17:57:52.0531 6076  mouhid - ok
17:57:52.0541 6076  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
17:57:52.0541 6076  MountMgr - ok
17:57:52.0561 6076  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:57:52.0561 6076  mpio - ok
17:57:52.0581 6076  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:57:52.0581 6076  mpsdrv - ok
17:57:52.0621 6076  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:57:52.0621 6076  MpsSvc - ok
17:57:52.0641 6076  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
17:57:52.0641 6076  Mraid35x - ok
17:57:52.0691 6076  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
17:57:52.0691 6076  MREMP50 - ok
17:57:52.0701 6076  MREMP50a64 - ok
17:57:52.0711 6076  MREMPR5 - ok
17:57:52.0721 6076  MRENDIS5 - ok
17:57:52.0731 6076  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
17:57:52.0731 6076  MRESP50 - ok
17:57:52.0741 6076  MRESP50a64 - ok
17:57:52.0771 6076  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:57:52.0771 6076  MRxDAV - ok
17:57:52.0811 6076  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:57:52.0811 6076  mrxsmb - ok
17:57:52.0851 6076  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:57:52.0851 6076  mrxsmb10 - ok
17:57:52.0861 6076  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:57:52.0861 6076  mrxsmb20 - ok
17:57:52.0891 6076  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
17:57:52.0891 6076  msahci - ok
17:57:52.0911 6076  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:57:52.0911 6076  msdsm - ok
17:57:52.0931 6076  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
17:57:52.0931 6076  MSDTC - ok
17:57:52.0961 6076  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:57:52.0961 6076  Msfs - ok
17:57:52.0981 6076  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:57:52.0981 6076  msisadrv - ok
17:57:53.0001 6076  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:57:53.0011 6076  MSiSCSI - ok
17:57:53.0011 6076  msiserver - ok
17:57:53.0041 6076  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:57:53.0041 6076  MSKSSRV - ok
17:57:53.0061 6076  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:57:53.0061 6076  MSPCLOCK - ok
17:57:53.0087 6076  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:57:53.0087 6076  MSPQM - ok
17:57:53.0133 6076  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:57:53.0133 6076  MsRPC - ok
17:57:53.0149 6076  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:57:53.0149 6076  mssmbios - ok
17:57:53.0165 6076  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:57:53.0165 6076  MSTEE - ok
17:57:53.0180 6076  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
17:57:53.0180 6076  Mup - ok
17:57:53.0227 6076  [ 4BA84C832E0741A294C4444556DFE993 ] N360            C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
17:57:53.0243 6076  N360 - ok
17:57:53.0274 6076  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
17:57:53.0289 6076  napagent - ok
17:57:53.0336 6076  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:57:53.0336 6076  NativeWifiP - ok
17:57:53.0414 6076  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130220.003\NAVENG.SYS
17:57:53.0414 6076  NAVENG - ok
17:57:53.0477 6076  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130220.003\NAVEX15.SYS
17:57:53.0508 6076  NAVEX15 - ok
17:57:53.0570 6076  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:57:53.0586 6076  NDIS - ok
17:57:53.0617 6076  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:57:53.0617 6076  NdisTapi - ok
17:57:53.0633 6076  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:57:53.0633 6076  Ndisuio - ok
17:57:53.0679 6076  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:57:53.0679 6076  NdisWan - ok
17:57:53.0711 6076  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:57:53.0711 6076  NDProxy - ok
17:57:53.0742 6076  [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:57:53.0742 6076  Net Driver HPZ12 - ok
17:57:53.0773 6076  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:57:53.0773 6076  NetBIOS - ok
17:57:53.0820 6076  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
17:57:53.0820 6076  netbt - ok
17:57:53.0835 6076  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
17:57:53.0835 6076  Netlogon - ok
17:57:53.0867 6076  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
17:57:53.0882 6076  Netman - ok
17:57:53.0913 6076  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
17:57:53.0913 6076  netprofm - ok
17:57:53.0960 6076  [ C9AFE484B3645DA74FD459F45E4F756F ] netr73          C:\Windows\system32\DRIVERS\netr73.sys
17:57:53.0960 6076  netr73 - ok
17:57:53.0991 6076  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:57:53.0991 6076  NetTcpPortSharing - ok
17:57:54.0007 6076  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:57:54.0007 6076  nfrd960 - ok
17:57:54.0023 6076  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:57:54.0038 6076  NlaSvc - ok
17:57:54.0054 6076  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:57:54.0054 6076  Npfs - ok
17:57:54.0069 6076  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
17:57:54.0069 6076  nsi - ok
17:57:54.0085 6076  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:57:54.0085 6076  nsiproxy - ok
17:57:54.0132 6076  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:57:54.0147 6076  Ntfs - ok
17:57:54.0163 6076  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
17:57:54.0163 6076  ntrigdigi - ok
17:57:54.0163 6076  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
17:57:54.0163 6076  Null - ok
17:57:54.0210 6076  [ D958A2B5F6AD5C3B8CCDC4D7DA62466C ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
17:57:54.0225 6076  NVENETFD - ok
17:57:54.0381 6076  [ FBBA09782F2FAC5A57619DF378BA9372 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:57:54.0459 6076  nvlddmkm - ok
17:57:54.0475 6076  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:57:54.0475 6076  nvraid - ok
17:57:54.0506 6076  [ 6F5BB0B40D251351A913B61BA9D64B3F ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
17:57:54.0506 6076  nvrd32 - ok
17:57:54.0522 6076  [ C44EE36DD84FA95EB81D79C374756003 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
17:57:54.0522 6076  nvsmu - ok
17:57:54.0537 6076  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:57:54.0537 6076  nvstor - ok
17:57:54.0569 6076  [ 1A649B87A7B7C1220A2B16B121F2198E ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
17:57:54.0569 6076  nvstor32 - ok
17:57:54.0600 6076  [ CF7769F13B3ECC5E2BF1B3D1C5831AE8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:57:54.0600 6076  nvsvc - ok
17:57:54.0615 6076  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:57:54.0615 6076  nv_agp - ok
17:57:54.0631 6076  NwlnkFlt - ok
17:57:54.0631 6076  NwlnkFwd - ok
17:57:54.0662 6076  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
17:57:54.0662 6076  ohci1394 - ok
17:57:54.0709 6076  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:57:54.0709 6076  ose - ok
17:57:54.0849 6076  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:57:54.0896 6076  osppsvc - ok
17:57:54.0943 6076  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
17:57:54.0959 6076  p2pimsvc - ok
17:57:54.0974 6076  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:57:54.0974 6076  p2psvc - ok
17:57:55.0005 6076  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
17:57:55.0005 6076  Parport - ok
17:57:55.0037 6076  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:57:55.0037 6076  partmgr - ok
17:57:55.0052 6076  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
17:57:55.0052 6076  Parvdm - ok
17:57:55.0068 6076  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:57:55.0068 6076  PcaSvc - ok
17:57:55.0083 6076  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
17:57:55.0099 6076  pci - ok
17:57:55.0130 6076  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
17:57:55.0146 6076  pciide - ok
17:57:55.0146 6076  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:57:55.0161 6076  pcmcia - ok
17:57:55.0193 6076  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:57:55.0208 6076  PEAUTH - ok
17:57:55.0255 6076  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
17:57:55.0271 6076  pla - ok
17:57:55.0302 6076  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:57:55.0302 6076  PlugPlay - ok
17:57:55.0333 6076  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:57:55.0349 6076  Pml Driver HPZ12 - ok
17:57:55.0364 6076  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
17:57:55.0380 6076  PNRPAutoReg - ok
17:57:55.0380 6076  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
17:57:55.0395 6076  PNRPsvc - ok
17:57:55.0411 6076  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:57:55.0411 6076  PolicyAgent - ok
17:57:55.0442 6076  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:57:55.0442 6076  PptpMiniport - ok
17:57:55.0458 6076  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
17:57:55.0473 6076  Processor - ok
17:57:55.0489 6076  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:57:55.0489 6076  ProfSvc - ok
17:57:55.0489 6076  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:57:55.0505 6076  ProtectedStorage - ok
17:57:55.0536 6076  [ 390C204CED3785609AB24E9C52054A84 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
17:57:55.0536 6076  Ps2 - ok
17:57:55.0567 6076  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:57:55.0567 6076  PSched - ok
17:57:55.0614 6076  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:57:55.0629 6076  ql2300 - ok
17:57:55.0645 6076  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:57:55.0645 6076  ql40xx - ok
17:57:55.0676 6076  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
17:57:55.0676 6076  QWAVE - ok
17:57:55.0707 6076  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:57:55.0707 6076  QWAVEdrv - ok
17:57:55.0723 6076  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:57:55.0723 6076  RasAcd - ok
17:57:55.0739 6076  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
17:57:55.0739 6076  RasAuto - ok
17:57:55.0754 6076  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:57:55.0754 6076  Rasl2tp - ok
17:57:55.0785 6076  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
17:57:55.0801 6076  RasMan - ok
17:57:55.0832 6076  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:57:55.0832 6076  RasPppoe - ok
17:57:55.0863 6076  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:57:55.0863 6076  RasSstp - ok
17:57:55.0895 6076  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:57:55.0910 6076  rdbss - ok
17:57:55.0926 6076  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:57:55.0941 6076  RDPCDD - ok
17:57:55.0973 6076  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
17:57:55.0973 6076  rdpdr - ok
17:57:55.0988 6076  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:57:55.0988 6076  RDPENCDD - ok
17:57:56.0035 6076  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:57:56.0035 6076  RDPWD - ok
17:57:56.0097 6076  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
17:57:56.0097 6076  RealNetworks Downloader Resolver Service - ok
17:57:56.0129 6076  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:57:56.0129 6076  RemoteAccess - ok
17:57:56.0160 6076  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:57:56.0160 6076  RemoteRegistry - ok
17:57:56.0175 6076  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
17:57:56.0175 6076  RpcLocator - ok
17:57:56.0222 6076  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
17:57:56.0222 6076  RpcSs - ok
17:57:56.0238 6076  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:57:56.0238 6076  rspndr - ok
17:57:56.0253 6076  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
17:57:56.0253 6076  SamSs - ok
17:57:56.0269 6076  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:57:56.0269 6076  sbp2port - ok
17:57:56.0300 6076  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:57:56.0300 6076  SCardSvr - ok
17:57:56.0347 6076  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
17:57:56.0363 6076  Schedule - ok
17:57:56.0378 6076  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:57:56.0378 6076  SCPolicySvc - ok
17:57:56.0425 6076  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:57:56.0425 6076  SDRSVC - ok
17:57:56.0472 6076  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:57:56.0472 6076  secdrv - ok
17:57:56.0503 6076  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
17:57:56.0503 6076  seclogon - ok
17:57:56.0550 6076  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
17:57:56.0565 6076  SENS - ok
17:57:56.0597 6076  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:57:56.0597 6076  Serenum - ok
17:57:56.0659 6076  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
17:57:56.0659 6076  Serial - ok
17:57:56.0675 6076  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:57:56.0675 6076  sermouse - ok
17:57:56.0706 6076  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:57:56.0706 6076  SessionEnv - ok
17:57:56.0721 6076  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:57:56.0721 6076  sffdisk - ok
17:57:56.0737 6076  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:57:56.0737 6076  sffp_mmc - ok
17:57:56.0753 6076  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:57:56.0753 6076  sffp_sd - ok
17:57:56.0768 6076  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:57:56.0768 6076  sfloppy - ok
17:57:56.0799 6076  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:57:56.0799 6076  SharedAccess - ok
17:57:56.0831 6076  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:57:56.0846 6076  ShellHWDetection - ok
17:57:56.0862 6076  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:57:56.0862 6076  sisagp - ok
17:57:56.0893 6076  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:57:56.0893 6076  SiSRaid2 - ok
17:57:56.0909 6076  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:57:56.0909 6076  SiSRaid4 - ok
17:57:56.0955 6076  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:57:56.0971 6076  SkypeUpdate - ok
17:57:57.0080 6076  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
17:57:57.0143 6076  slsvc - ok
17:57:57.0174 6076  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:57:57.0174 6076  SLUINotify - ok
17:57:57.0221 6076  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:57:57.0221 6076  Smb - ok
17:57:57.0267 6076  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:57:57.0267 6076  SNMPTRAP - ok
17:57:57.0299 6076  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
17:57:57.0299 6076  spldr - ok
17:57:57.0361 6076  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
17:57:57.0361 6076  Spooler - ok
17:57:57.0439 6076  [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP           C:\Windows\System32\Drivers\N360\1402010.016\SRTSP.SYS
17:57:57.0455 6076  SRTSP - ok
17:57:57.0470 6076  [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX          C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.SYS
17:57:57.0470 6076  SRTSPX - ok
17:57:57.0517 6076  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:57:57.0533 6076  srv - ok
17:57:57.0579 6076  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:57:57.0579 6076  srv2 - ok
17:57:57.0611 6076  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:57:57.0611 6076  srvnet - ok
17:57:57.0642 6076  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:57:57.0642 6076  SSDPSRV - ok
17:57:57.0689 6076  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:57:57.0689 6076  SstpSvc - ok
17:57:57.0751 6076  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
17:57:57.0767 6076  stisvc - ok
17:57:57.0798 6076  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:57:57.0798 6076  swenum - ok
17:57:57.0845 6076  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
17:57:57.0860 6076  swprv - ok
17:57:57.0876 6076  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:57:57.0876 6076  Symc8xx - ok
17:57:57.0907 6076  [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS           C:\Windows\system32\drivers\N360\1402010.016\SYMDS.SYS
17:57:57.0923 6076  SymDS - ok
17:57:57.0969 6076  [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA          C:\Windows\system32\drivers\N360\1402010.016\SYMEFA.SYS
17:57:58.0001 6076  SymEFA - ok
17:57:58.0047 6076  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
17:57:58.0047 6076  SymEvent - ok
17:57:58.0063 6076  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\Windows\system32\drivers\N360\1402010.016\Ironx86.SYS
17:57:58.0079 6076  SymIRON - ok
17:57:58.0125 6076  [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] SYMTDIv         C:\Windows\System32\Drivers\N360\1402010.016\SYMTDIV.SYS
17:57:58.0125 6076  SYMTDIv - ok
17:57:58.0157 6076  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:57:58.0157 6076  Sym_hi - ok
17:57:58.0172 6076  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:57:58.0172 6076  Sym_u3 - ok
17:57:58.0235 6076  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
17:57:58.0250 6076  SysMain - ok
17:57:58.0281 6076  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:57:58.0281 6076  TabletInputService - ok
17:57:58.0328 6076  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:57:58.0328 6076  TapiSrv - ok
17:57:58.0344 6076  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
17:57:58.0344 6076  TBS - ok
17:57:58.0391 6076  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:57:58.0406 6076  Tcpip - ok
17:57:58.0422 6076  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:57:58.0437 6076  Tcpip6 - ok
17:57:58.0469 6076  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:57:58.0469 6076  tcpipreg - ok
17:57:58.0500 6076  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:57:58.0500 6076  TDPIPE - ok
17:57:58.0515 6076  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:57:58.0515 6076  TDTCP - ok
17:57:58.0547 6076  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:57:58.0547 6076  tdx - ok
17:57:58.0562 6076  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:57:58.0562 6076  TermDD - ok
17:57:58.0609 6076  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
17:57:58.0625 6076  TermService - ok
17:57:58.0640 6076  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
17:57:58.0656 6076  Themes - ok
17:57:58.0656 6076  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:57:58.0671 6076  THREADORDER - ok
17:57:58.0718 6076  [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:57:58.0718 6076  TomTomHOMEService - ok
17:57:58.0749 6076  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
17:57:58.0749 6076  TrkWks - ok
17:57:58.0796 6076  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:57:58.0796 6076  TrustedInstaller - ok
17:57:58.0812 6076  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:57:58.0827 6076  tssecsrv - ok
17:57:58.0843 6076  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:57:58.0843 6076  tunmp - ok
17:57:58.0874 6076  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:57:58.0874 6076  tunnel - ok
17:57:58.0890 6076  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:57:58.0890 6076  uagp35 - ok
17:57:58.0905 6076  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:57:58.0905 6076  udfs - ok
17:57:58.0921 6076  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:57:58.0937 6076  UI0Detect - ok
17:57:58.0937 6076  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:57:58.0952 6076  uliagpkx - ok
17:57:58.0968 6076  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
17:57:58.0968 6076  uliahci - ok
17:57:58.0983 6076  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
17:57:58.0983 6076  UlSata - ok
17:57:58.0999 6076  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
17:57:58.0999 6076  ulsata2 - ok
17:57:59.0030 6076  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:57:59.0030 6076  umbus - ok
17:57:59.0061 6076  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
17:57:59.0061 6076  upnphost - ok
17:57:59.0093 6076  [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
17:57:59.0108 6076  USBAAPL - ok
17:57:59.0139 6076  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:57:59.0139 6076  usbaudio - ok
17:57:59.0155 6076  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:57:59.0155 6076  usbccgp - ok
17:57:59.0171 6076  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:57:59.0186 6076  usbcir - ok
17:57:59.0202 6076  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:57:59.0202 6076  usbehci - ok
17:57:59.0217 6076  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:57:59.0233 6076  usbhub - ok
17:57:59.0249 6076  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:57:59.0249 6076  usbohci - ok
17:57:59.0280 6076  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:57:59.0280 6076  usbprint - ok
17:57:59.0295 6076  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:57:59.0295 6076  usbscan - ok
17:57:59.0327 6076  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:57:59.0327 6076  USBSTOR - ok
17:57:59.0358 6076  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:57:59.0358 6076  usbuhci - ok
17:57:59.0389 6076  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:57:59.0389 6076  usbvideo - ok
17:57:59.0420 6076  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
17:57:59.0436 6076  UxSms - ok
17:57:59.0483 6076  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
17:57:59.0498 6076  vds - ok
17:57:59.0514 6076  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:57:59.0514 6076  vga - ok
17:57:59.0529 6076  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:57:59.0529 6076  VgaSave - ok
17:57:59.0529 6076  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:57:59.0545 6076  viaagp - ok
17:57:59.0561 6076  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:57:59.0561 6076  ViaC7 - ok
17:57:59.0576 6076  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
17:57:59.0576 6076  viaide - ok
17:57:59.0623 6076  [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
17:57:59.0623 6076  Viewpoint Manager Service - ok
17:57:59.0639 6076  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:57:59.0654 6076  volmgr - ok
17:57:59.0685 6076  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:57:59.0685 6076  volmgrx - ok
17:57:59.0732 6076  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:57:59.0732 6076  volsnap - ok
17:57:59.0748 6076  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:57:59.0748 6076  vsmraid - ok
17:57:59.0795 6076  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
17:57:59.0810 6076  VSS - ok
17:57:59.0826 6076  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
17:57:59.0841 6076  W32Time - ok
17:57:59.0857 6076  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:57:59.0857 6076  WacomPen - ok
17:57:59.0873 6076  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
17:57:59.0873 6076  Wanarp - ok
17:57:59.0888 6076  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:57:59.0888 6076  Wanarpv6 - ok
17:57:59.0919 6076  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:57:59.0935 6076  wcncsvc - ok
17:57:59.0951 6076  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:57:59.0951 6076  WcsPlugInService - ok
17:57:59.0966 6076  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
17:57:59.0966 6076  Wd - ok
17:57:59.0997 6076  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:58:00.0013 6076  Wdf01000 - ok
17:58:00.0029 6076  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:58:00.0029 6076  WdiServiceHost - ok
17:58:00.0029 6076  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:58:00.0029 6076  WdiSystemHost - ok
17:58:00.0060 6076  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
17:58:00.0075 6076  WebClient - ok
17:58:00.0107 6076  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:58:00.0107 6076  Wecsvc - ok
17:58:00.0122 6076  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:58:00.0122 6076  wercplsupport - ok
17:58:00.0153 6076  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:58:00.0153 6076  WerSvc - ok
17:58:00.0185 6076  [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:58:00.0185 6076  winachsf - ok
17:58:00.0231 6076  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:58:00.0231 6076  WinDefend - ok
17:58:00.0231 6076  WinHttpAutoProxySvc - ok
17:58:00.0294 6076  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:58:00.0294 6076  Winmgmt - ok
17:58:00.0341 6076  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:58:00.0372 6076  WinRM - ok
17:58:00.0403 6076  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:58:00.0419 6076  Wlansvc - ok
17:58:00.0512 6076  [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:58:00.0528 6076  wlidsvc - ok
17:58:00.0543 6076  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:58:00.0543 6076  WmiAcpi - ok
17:58:00.0575 6076  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:58:00.0590 6076  wmiApSrv - ok
17:58:00.0637 6076  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:58:00.0653 6076  WMPNetworkSvc - ok
17:58:00.0653 6076  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:58:00.0668 6076  WPCSvc - ok
17:58:00.0699 6076  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:58:00.0699 6076  WPDBusEnum - ok
17:58:00.0746 6076  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
17:58:00.0746 6076  WpdUsb - ok
17:58:00.0840 6076  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:58:00.0855 6076  WPFFontCache_v0400 - ok
17:58:00.0871 6076  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:58:00.0871 6076  ws2ifsl - ok
17:58:00.0902 6076  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
17:58:00.0902 6076  wscsvc - ok
17:58:00.0918 6076  WSearch - ok
17:58:00.0965 6076  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:58:00.0980 6076  wuauserv - ok
17:58:01.0027 6076  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:58:01.0027 6076  WudfPf - ok
17:58:01.0043 6076  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:58:01.0043 6076  WUDFRd - ok
17:58:01.0074 6076  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:58:01.0074 6076  wudfsvc - ok
17:58:01.0105 6076  [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
17:58:01.0105 6076  XAudio - ok
17:58:01.0121 6076  [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
17:58:01.0121 6076  XAudioService - ok
17:58:01.0136 6076  ================ Scan global ===============================
17:58:01.0167 6076  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:58:01.0214 6076  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:58:01.0230 6076  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:58:01.0261 6076  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
17:58:01.0261 6076  [Global] - ok
17:58:01.0261 6076  ================ Scan MBR ==================================
17:58:01.0277 6076  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
17:58:01.0495 6076  \Device\Harddisk0\DR0 - ok
17:58:01.0495 6076  ================ Scan VBR ==================================
17:58:01.0495 6076  [ 5742C4566329202BBAC612FBC2BE2469 ] \Device\Harddisk0\DR0\Partition1
17:58:01.0511 6076  \Device\Harddisk0\DR0\Partition1 - ok
17:58:01.0511 6076  [ 2E0010ABFCCB10B9BFC8CC87621AC071 ] \Device\Harddisk0\DR0\Partition2
17:58:01.0511 6076  \Device\Harddisk0\DR0\Partition2 - ok
17:58:01.0511 6076  ============================================================
17:58:01.0511 6076  Scan finished
17:58:01.0511 6076  ============================================================
17:58:01.0526 4992  Detected object count: 0
17:58:01.0526 4992  Actual detected object count: 0
18:06:27.0631 0928  Deinitialize success

 

The ESET showed no issues so no report.

 

The following is the Malwarebytes report:

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.17.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
NoelK :: NOEL-PC [administrator]

Protection: Enabled

2/20/2013 9:16:19 PM
mbam-log-2013-02-20 (21-16-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P

 

The following is the Norton report:

 


Scan Information:
  Virus Defs Version: 2013.02.20.016
  Virus Defs Seq ID: 141914

Scan Statistics:
  Scan Start:
   Local: 2/20/2013 9:28 PM
   UTC: 2/21/2013 2:28 AM
  Scan Time: 206 seconds
  Scan Targets: Commonly infected areas
  Counts:
   Total items scanned: 13,282
   - Files & Directories: 3,439
   - Registry Entries: 662
   - Processes & Start-up Items: 7,540
   - Network & Browser Items: 1,629
   - Other: 5
   - Trusted Files: 1,198
   - Skipped Files: 118

   Total security risks detected: 51
   Total items resolved: 51
   Total items that require attention: 0

Resolved Threats:
51 Tracking Cookies
 Type: Anomaly
 Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy) 
 Categories: Tracking Cookies
 Status: Fully Resolved
 -----------
 51 Tracking Cookies
Cookie:noelk@advertising.com/ - Deleted
Cookie:noelk@casalemedia.com/ - Deleted
Cookie:noelk@tribalfusion.com/ - Deleted
Cookie:noelk@ru4.com/ - Deleted
Cookie:noelk@fastclick.net/ - Deleted
Cookie:noelk@doubleclick.net/ - Deleted
Cookie:noelk@tap2-cdn.rubiconproject.com/ - Deleted
Cookie:noelk@serving-sys.com/ - Deleted
Cookie:noelk@quantserve.com/ - Deleted
Cookie:noelk@pixel.rubiconproject.com/ - Deleted
Cookie:noelk@rubiconproject.com/ - Deleted
Cookie:noelk@ad.yieldmanager.com/ - Deleted
Cookie:noelk@apmebf.com/ - Deleted
Cookie:noelk@advertising.com/ - Deleted
Cookie:noelk@questionmarket.com/ - Deleted
Cookie:noelk@estat.com/ - Deleted
Cookie:noelk@atwola.com/ - Deleted
Cookie:noelk@tribalfusion.com/ - Deleted
Cookie:noelk@ru4.com/ - Deleted
Cookie:noelk@at.atwola.com/ - Deleted
Cookie:noelk@mediaplex.com/ - Deleted
Cookie:noelk@usairways.112.2o7.net/ - Deleted
Cookie:noelk@kontera.com/ - Deleted
Cookie:noelk@fastclick.net/ - Deleted
Cookie:noelk@doubleclick.net/ - Deleted
Cookie:noelk@m.webtrends.com/ - Deleted
Cookie:noelk@intellitxt.com/ - Deleted
Cookie:noelk@pro-market.net/ - Deleted
Cookie:noelk@yieldmanager.net/ - Deleted
Cookie:noelk@boldchat.com/ - Deleted
Cookie:noelk@uac.advertising.com/ - Deleted
Cookie:noelk@atdmt.com/ - Deleted
Cookie:noelk@specificclick.net/ - Deleted
Cookie:noelk@zedo.com/ - Deleted
Cookie:noelk@xiti.com/ - Deleted
Cookie:noelk@serving-sys.com/ - Deleted
Cookie:noelk@tacoda.at.atwola.com/ - Deleted
Cookie:noelk@ar.atwola.com/ - Deleted
Cookie:noelk@quantserve.com/ - Deleted
Cookie:noelk@adtech.de/ - Deleted
Cookie:noelk@pixel.rubiconproject.com/ - Deleted
Cookie:noelk@dotomi.com/ - Deleted
Cookie:noelk@tacoda.net/ - Deleted
Cookie:noelk@rubiconproject.com/ - Deleted
Cookie:noelk@ad.yieldmanager.com/ - Deleted
Cookie:noelk@apmebf.com/ - Deleted
Cookie:noelk@casalemedia.com/ - Deleted
Cookie:noelk@bs.serving-sys.com/ - Deleted
Cookie:noelk@ads.pointroll.com/ - Deleted
Cookie:noelk@tap2-cdn.rubiconproject.com/ - Deleted
 - Deleted

 


Unresolved Threats:
No unresolved risks

 

Scan Information:
  Virus Defs Version: 2013.02.20.016
  Virus Defs Seq ID: 141914

Scan Statistics:
  Scan Start:
   Local: 2/20/2013 9:28 PM
   UTC: 2/21/2013 2:28 AM
  Scan Time: 206 seconds
  Scan Targets: Commonly infected areas
  Counts:
   Total items scanned: 13,282
   - Files & Directories: 3,439
   - Registry Entries: 662
   - Processes & Start-up Items: 7,540
   - Network & Browser Items: 1,629
   - Other: 5
   - Trusted Files: 1,198
   - Skipped Files: 118

   Total security risks detected: 51
   Total items resolved: 51
   Total items that require attention: 0

Resolved Threats:
51 Tracking Cookies
 Type: Anomaly
 Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy) 
 Categories: Tracking Cookies
 Status: Fully Resolved
 -----------
 51 Tracking Cookies
Cookie:noelk@advertising.com/ - Deleted
Cookie:noelk@casalemedia.com/ - Deleted
Cookie:noelk@tribalfusion.com/ - Deleted
Cookie:noelk@ru4.com/ - Deleted
Cookie:noelk@fastclick.net/ - Deleted
Cookie:noelk@doubleclick.net/ - Deleted
Cookie:noelk@tap2-cdn.rubiconproject.com/ - Deleted
Cookie:noelk@serving-sys.com/ - Deleted
Cookie:noelk@quantserve.com/ - Deleted
Cookie:noelk@pixel.rubiconproject.com/ - Deleted
Cookie:noelk@rubiconproject.com/ - Deleted
Cookie:noelk@ad.yieldmanager.com/ - Deleted
Cookie:noelk@apmebf.com/ - Deleted
Cookie:noelk@advertising.com/ - Deleted
Cookie:noelk@questionmarket.com/ - Deleted
Cookie:noelk@estat.com/ - Deleted
Cookie:noelk@atwola.com/ - Deleted
Cookie:noelk@tribalfusion.com/ - Deleted
Cookie:noelk@ru4.com/ - Deleted
Cookie:noelk@at.atwola.com/ - Deleted
Cookie:noelk@mediaplex.com/ - Deleted
Cookie:noelk@usairways.112.2o7.net/ - Deleted
Cookie:noelk@kontera.com/ - Deleted
Cookie:noelk@fastclick.net/ - Deleted
Cookie:noelk@doubleclick.net/ - Deleted
Cookie:noelk@m.webtrends.com/ - Deleted
Cookie:noelk@intellitxt.com/ - Deleted
Cookie:noelk@pro-market.net/ - Deleted
Cookie:noelk@yieldmanager.net/ - Deleted
Cookie:noelk@boldchat.com/ - Deleted
Cookie:noelk@uac.advertising.com/ - Deleted
Cookie:noelk@atdmt.com/ - Deleted
Cookie:noelk@specificclick.net/ - Deleted
Cookie:noelk@zedo.com/ - Deleted
Cookie:noelk@xiti.com/ - Deleted
Cookie:noelk@serving-sys.com/ - Deleted
Cookie:noelk@tacoda.at.atwola.com/ - Deleted
Cookie:noelk@ar.atwola.com/ - Deleted
Cookie:noelk@quantserve.com/ - Deleted
Cookie:noelk@adtech.de/ - Deleted
Cookie:noelk@pixel.rubiconproject.com/ - Deleted
Cookie:noelk@dotomi.com/ - Deleted
Cookie:noelk@tacoda.net/ - Deleted
Cookie:noelk@rubiconproject.com/ - Deleted
Cookie:noelk@ad.yieldmanager.com/ - Deleted
Cookie:noelk@apmebf.com/ - Deleted
Cookie:noelk@casalemedia.com/ - Deleted
Cookie:noelk@bs.serving-sys.com/ - Deleted
Cookie:noelk@ads.pointroll.com/ - Deleted
Cookie:noelk@tap2-cdn.rubiconproject.com/ - Deleted
 - Deleted

 


Unresolved Threats:
No unresolved risks

Objects scanned: 295130
Time elapsed: 7 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Thank you
 



#4 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:53 PM

Posted 21 February 2013 - 11:59 AM

So far I don't see anything wrong.  Please post the log for MBAM that had the detected threat in it.  Also, was there anything found in the last MBAM scan, it did not appear to be a complete log.


Edited by Jimbob85, 21 February 2013 - 12:01 PM.


#5 Hymanyclan

Hymanyclan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 21 February 2013 - 01:32 PM

I have attached the original MBAM log below that showed the 'trojan fake alert':

 

When I first start the computer it works fine, but it gradually worsens until I no longer can use and I have to re-boot.

For example I just brought up a normal regular website and the home page loaded fine but then I could not click on anything and could not even X out of the screen and had to re-boot. This happens to all sorts of sites and is not specific to any particular website.

I also have issues with clicking on items on my desktop. it works fine when I first restart but after a few minutes the issue happens again.

Other times I just get the 'cycling' issue and have to re-boot to continue.

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.16.01

Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
NoelK :: NOEL-PC [administrator]

Protection: Disabled

2/15/2013 8:39:50 PM
mbam-log-2013-02-15 (20-39-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 297204
Time elapsed: 4 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\opsmr9ibkfl (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|rqmerwup (Trojan.FakeAlert.Gen) -> Data: C:\Users\NoelK\AppData\Local\Temp\blarmbfsf\ecvxmoxyhsn.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

The following is the most recent log:

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.17.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
NoelK :: NOEL-PC [administrator]

Protection: Enabled

2/20/2013 9:16:19 PM
mbam-log-2013-02-20 (21-16-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 295130
Time elapsed: 7 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#6 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:53 PM

Posted 21 February 2013 - 02:26 PM

It looks like MBAM took care of the malware that you had and now the system apears "clean". 

    - Were you having any trouble before your system got infected?

    - I assume that this is a desktop, is that correct?



#7 Hymanyclan

Hymanyclan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 21 February 2013 - 02:47 PM

Yes it is a desktop.

The problem started around the same time, so I just assumed it was connected to the malware issue.



#8 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:53 PM

Posted 21 February 2013 - 02:59 PM

Can you further describe what you mean by.    "Other times I just get the 'cycling' issue and have to re-boot to continue."



#9 Hymanyclan

Hymanyclan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 21 February 2013 - 05:44 PM

I have noticed that all of todays issues are caused by one site.

It seems all my other issues have been resolved.

Site is Ancestry.com and do not know why I have an issue with this site.

Do I have to contact this site to resolve or is there anything I can do from here?



#10 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:53 PM

Posted 22 February 2013 - 08:54 AM

We could try to reset your web browser, but other than that I'm not sure there is going to be much you can do.  You could try the web site from another pc and see if you have the same results, if you do you could try to let that sites admin know what you are having trouble with and maybe they will be able to improve the site.

 

Let me know if you want help resetting your web browser.  I will need to know what browser you are using.

 

Glad to hear that things are better!



#11 Hymanyclan

Hymanyclan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 22 February 2013 - 05:20 PM

I am all set as I was able to use Firefox instead of IE to access. I will probably reset IE and I know how.

Thanks for all your assistance

Regards



#12 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:53 PM

Posted 22 February 2013 - 05:35 PM

Glad to hear you were able to find a temporary solution!  Let me know if you need anything else.  I will watch this thread for a few more days just incase.

 

You are most welcome.  thumbup2.gif






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users