Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects.. :(


  • Please log in to reply
5 replies to this topic

#1 Scyance1

Scyance1

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 12 September 2013 - 03:35 PM

i have a win7 laptop.. i usually use IE10.. but also have firefox and chrome installed for creating websites.. 

 

My problem.. >

 I use yahoo.. When I search for something.. and click on the link..  a new browser window pops up.. and I can see it redirecting me.. The browser window is small and it happens real fast.. but I can see a greenish? rectangle. and something about CLICK? REAL fast before it opens some OTHER page/website.. I just now had the thought of trying to screen capture it before it changes real quick.. but have not tried that yet.. The redirect doesn't happen all the time.. about every 3rd time? I guess.. And I can see right away.. something is about to redirect me. as Im used to watching the website link name.. and I can see its not going to where I want it to go.. 

 

on the computer Ive had Nortons installed..but something seems to have slipped by its protection. Ive since updated nortons.. and ran scans, on malwarebytes, superantispyware, eset online, and bit defender online.. The scans, had picked up a few things.. here and there.. and for a second I thought it was fixed as it was no longer redirecting searches in IE, then I tried Chrome.. and it happened again.. ?  :(

 

I was thinking of maybe trying some other tools like combofix? tdsskiller.. or adwcleaner.. BUT.. not sure what they all do..so..i figure I better get some REAL help. ;)   Any Suggestions.. ;)  

 

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 PM

Posted 12 September 2013 - 07:59 PM

Hello, lets do these next. Please do not run ComboFix unless asked. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Scyance1

Scyance1
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 14 September 2013 - 05:59 AM

Boopme..  I was finally able to complete fully.. the last eset scan... weird note.. ESET said IE10 was not ie? and I had to do the couple extra steps..?don't know if thats just because its new? but.. thought Id mention it..  So.. okay.. I did run the first couple steps./scans right away.. Eset took a lil more time. to finally scan completely.. as it took a while, I think I kept shutting it down before completion.. I see it did find a trojan, which Im sure is bad.. the couple others, like open candy.. I think was actually included as part of a program I used for creating music, fl studio made by image line..  not sure if thats important, just something I noticed.. Okay.. ;)  here are my logs....>

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Albert (administrator) on 12-09-2013 at 18:20:01
Running from "C:\Users\Albert\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : AlbertsComp
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 98-4B-E1-93-58-B7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 88-9F-FA-47-F9-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8082:4d6f:dc6d:b9f9%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.149(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, September 12, 2013 6:05:25 PM
   Lease Expires . . . . . . . . . . : Friday, September 13, 2013 6:05:25 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 193503226
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-8D-0E-77-88-9F-FA-47-F9-A8
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1474:1de7:9c42:5536(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1474:1de7:9c42:5536%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4005:800::1008
   74.125.239.135
   74.125.239.142
   74.125.239.128
   74.125.239.129
   74.125.239.131
   74.125.239.134
   74.125.239.137
   74.125.239.132
   74.125.239.136
   74.125.239.130
   74.125.239.133

Pinging google.com [74.125.239.134] with 32 bytes of data:
Reply from 74.125.239.134: bytes=32 time=26ms TTL=54
Reply from 74.125.239.134: bytes=32 time=25ms TTL=54

Ping statistics for 74.125.239.134:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 25ms, Maximum = 26ms, Average = 25ms
Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
   206.190.36.45
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=66ms TTL=50
Reply from 206.190.36.45: bytes=32 time=64ms TTL=50

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 64ms, Maximum = 66ms, Average = 65ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...98 4b e1 93 58 b7 ......Realtek PCIe FE Family Controller
 10...88 9f fa 47 f9 a8 ......Atheros AR9285 802.11b/g/n WiFi Adapter
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.149     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.149    281
    192.168.1.149  255.255.255.255         On-link     192.168.1.149    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.149    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.149    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.149    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fd:1474:1de7:9c42:5536/128
                                    On-link
 10    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::1474:1de7:9c42:5536/128
                                    On-link
 10    281 fe80::8082:4d6f:dc6d:b9f9/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2013 02:01:00 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/12/2013 10:32:11 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 11:34:49 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Failed to compile: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020

Error: (09/11/2013 08:31:39 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 07:19:28 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ba0

Start Time: 01ceaf5dffaa40df

Termination Time: 12

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/11/2013 03:25:57 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 02:02:25 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 00:58:20 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 08:39:05 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/10/2013 03:31:08 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

System errors:
=============
Error: (09/11/2013 11:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:56 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:55 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/11/2013 11:56:55 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/11/2013 11:56:53 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/11/2013 11:56:52 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (09/12/2013 02:01:00 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/12/2013 10:32:11 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 11:34:49 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Failed to compile: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020
System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Error: (09/11/2013 08:31:39 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 07:19:28 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164761ba001ceaf5dffaa40df12C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/11/2013 03:25:57 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 02:02:25 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 00:58:20 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/11/2013 08:39:05 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (09/10/2013 03:31:08 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
4Videosoft Blu-ray to MP4 Ripper 5.0.28
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 2.0.2.12610)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
ASIO4ALL
Atheros Driver Installation Program (Version: 9.0)
ATI Catalyst Install Manager (Version: 3.0.790.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 6.0.2282.0)
Bing Bar Platform (Version: 6.0.2282.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.0.5350)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Camel Audio CamelCrusher (Version: 1.01.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0929.2212.37971)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0929.2212.37971)
Catalyst Control Center InstallProxy (Version: 2010.0929.2212.37971)
Catalyst Control Center Localization All (Version: 2010.0929.2212.37971)
CCC Help Chinese Standard (Version: 2010.0929.2211.37971)
CCC Help Chinese Traditional (Version: 2010.0929.2211.37971)
CCC Help Czech (Version: 2010.0929.2211.37971)
CCC Help Danish (Version: 2010.0929.2211.37971)
CCC Help Dutch (Version: 2010.0929.2211.37971)
CCC Help English (Version: 2010.0929.2211.37971)
CCC Help Finnish (Version: 2010.0929.2211.37971)
CCC Help French (Version: 2010.0929.2211.37971)
CCC Help German (Version: 2010.0929.2211.37971)
CCC Help Greek (Version: 2010.0929.2211.37971)
CCC Help Hungarian (Version: 2010.0929.2211.37971)
CCC Help Italian (Version: 2010.0929.2211.37971)
CCC Help Japanese (Version: 2010.0929.2211.37971)
CCC Help Korean (Version: 2010.0929.2211.37971)
CCC Help Norwegian (Version: 2010.0929.2211.37971)
CCC Help Polish (Version: 2010.0929.2211.37971)
CCC Help Portuguese (Version: 2010.0929.2211.37971)
CCC Help Russian (Version: 2010.0929.2211.37971)
CCC Help Spanish (Version: 2010.0929.2211.37971)
CCC Help Swedish (Version: 2010.0929.2211.37971)
CCC Help Thai (Version: 2010.0929.2211.37971)
CCC Help Turkish (Version: 2010.0929.2211.37971)
ccc-core-static (Version: 2010.0929.2212.37971)
ccc-utility64 (Version: 2010.0929.2212.37971)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CyberLink DVD Suite (Version: 7.0.3320)
CyberLink MediaShow (Version: 5.0.1920)
CyberLink PowerDVD 9 (Version: 9.0.1.4604)
CyberLink YouCam (Version: 3.2.1.3922)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DivX Setup (Version: 2.6.0.34)
Dora's World Adventure (Version: 2.2.0.95)
Edirol HQ Orchestral v1.01
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
FileZilla Client 3.7.3 (Version: 3.7.3)
Final Drive Nitro (Version: 2.2.0.95)
FL Studio 10
FL Studio 9
GoldWave v5.58
Google Chrome (Version: 29.0.1547.66)
Google Update Helper (Version: 1.3.21.153)
Hardcore
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.4.0.0)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MovieStore (Version: 1.0.023)
HP MovieStore (Version: 2.0.2)
HP Photo Creations (Version: 1.0.0.4042)
HP Power Manager (Version: 1.1.2)
HP Quick Launch (Version: 2.2.7)
HP Setup (Version: 8.4.4400.3525)
HP Setup Manager (Version: 1.0.12844.3519)
HP Software Framework (Version: 4.0.70.1)
HP Support Assistant (Version: 5.1.8.12)
HP Wireless Assistant (Version: 4.0.10.0)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
IL Download Manager
Java 7 Update 40 (Version: 7.0.400)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.3220)
LightScribe System Software (Version: 1.18.18.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
M-Audio MIDISPORT 6.1.3 (x64) (Version: 6.1.3)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
Native Instruments Absynth 4
Native Instruments Alicias Keys (Version: 1.0.0.001)
Native Instruments Alicias Keys 1.1 (Version: 1.1.0.008)
Native Instruments Alicias Keys 1.2 (Version: 1.2.0.001)
Native Instruments Kontakt 4 (Version: 4.2.3.4914)
Native Instruments Massive (Version: 1.3.0.2050)
Native Instruments Service Center (Version: 2.2.6.676)
Norton Internet Security (Version: 21.0.1.3)
Norton Online Backup (Version: 2.1.17869)
Ohm Force - Ohmicide VST
PDF Settings CS5 (Version: 10.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
PictureMover (Version: 3.5.0.33)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
PoiZone
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4419)
PowerDirector (Version: 8.0.3320)
PSP VintageWarmer 2.0.0 (Version: 2.0.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30120)
Reason 5.0 (Version: 5.0)
Recovery Manager (Version: 5.5.3223)
reFX Nexus VSTi RTAS v2.2.0
RoxioNow Player (Version: 1.9.5.101)
RtVOsd (Version: 1.0.6)
SampleTank 2 (Version: 2.5.2)
Sawer
Sonigen Modular version
SUPERAntiSpyware (Version: 5.6.1032)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Times Reader (Version: 2.055)
Toxic Biohazard
T-RackS 3 Deluxe (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 1.1.9 (Version: 1.1.9)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 2810.9 MB
Available physical RAM: 1467.37 MB
Total Pagefile: 5619.99 MB
Available Pagefile: 3503.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.45 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:278.6 GB) (Free:78.82 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.19 GB) (Free:2.79 GB) NTFS

========================= Users: ========================================

User accounts for \\ALBERTSCOMP

Administrator            Albert                   Guest                   

**** End of log ****

 

TDSSKiller... didn't find anything?...> here is the log..>

 

18:32:22.0114 0x0b64  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
18:32:24.0235 0x0b64  ============================================================
18:32:24.0235 0x0b64  Current date / time: 2013/09/12 18:32:24.0235
18:32:24.0235 0x0b64  SystemInfo:
18:32:24.0235 0x0b64 
18:32:24.0235 0x0b64  OS Version: 6.1.7601 ServicePack: 1.0
18:32:24.0235 0x0b64  Product type: Workstation
18:32:24.0235 0x0b64  ComputerName: ALBERTSCOMP
18:32:24.0235 0x0b64  UserName: Albert
18:32:24.0235 0x0b64  Windows directory: C:\Windows
18:32:24.0235 0x0b64  System windows directory: C:\Windows
18:32:24.0235 0x0b64  Running under WOW64
18:32:24.0235 0x0b64  Processor architecture: Intel x64
18:32:24.0235 0x0b64  Number of processors: 2
18:32:24.0235 0x0b64  Page size: 0x1000
18:32:24.0235 0x0b64  Boot type: Normal boot
18:32:24.0235 0x0b64  ============================================================
18:32:39.0523 0x0b64  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:39.0539 0x0b64  ============================================================
18:32:39.0539 0x0b64  \Device\Harddisk0\DR0:
18:32:39.0710 0x0b64  MBR partitions:
18:32:39.0710 0x0b64  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:32:39.0710 0x0b64  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22D33800
18:32:39.0710 0x0b64  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22D97800, BlocksNum 0x2663000
18:32:39.0710 0x0b64  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
18:32:39.0710 0x0b64  ============================================================
18:32:40.0022 0x0b64  C: <-> \Device\Harddisk0\DR0\Partition2
18:32:40.0241 0x0b64  D: <-> \Device\Harddisk0\DR0\Partition3
18:32:40.0241 0x0b64  ============================================================
18:32:40.0241 0x0b64  Initialize success
18:32:40.0241 0x0b64  ============================================================
18:33:02.0393 0x0cbc  ============================================================
18:33:02.0393 0x0cbc  Scan started
18:33:02.0393 0x0cbc  Mode: Manual;
18:33:02.0393 0x0cbc  ============================================================
18:33:02.0642 0x0cbc  ================ Scan system memory ========================
18:33:02.0642 0x0cbc  System memory - ok
18:33:02.0642 0x0cbc  ================ Scan services =============================
18:33:02.0752 0x0cbc  [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:33:02.0783 0x0cbc  !SASCORE - ok
18:33:02.0954 0x0cbc  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:33:02.0954 0x0cbc  1394ohci - ok
18:33:03.0017 0x0cbc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:33:03.0017 0x0cbc  ACPI - ok
18:33:03.0048 0x0cbc  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:33:03.0048 0x0cbc  AcpiPmi - ok
18:33:03.0079 0x0cbc  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:03.0095 0x0cbc  adp94xx - ok
18:33:03.0157 0x0cbc  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:33:03.0173 0x0cbc  adpahci - ok
18:33:03.0235 0x0cbc  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:33:03.0235 0x0cbc  adpu320 - ok
18:33:03.0329 0x0cbc  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:33:03.0329 0x0cbc  AeLookupSvc - ok
18:33:03.0547 0x0cbc  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
18:33:03.0547 0x0cbc  AERTFilters - ok
18:33:03.0641 0x0cbc  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:33:03.0656 0x0cbc  AFD - ok
18:33:03.0703 0x0cbc  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:33:03.0719 0x0cbc  agp440 - ok
18:33:03.0766 0x0cbc  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:33:03.0766 0x0cbc  ALG - ok
18:33:03.0828 0x0cbc  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:33:03.0828 0x0cbc  aliide - ok
18:33:03.0875 0x0cbc  [ 09FCD2C758F1AD3DF931AB9D944FE348 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:33:03.0890 0x0cbc  AMD External Events Utility - ok
18:33:03.0937 0x0cbc  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:33:03.0937 0x0cbc  amdide - ok
18:33:03.0984 0x0cbc  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:33:03.0984 0x0cbc  AmdK8 - ok
18:33:04.0249 0x0cbc  [ 2E76D0A912AB09CA5586AB23E466A25F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:33:04.0452 0x0cbc  amdkmdag - ok
18:33:04.0561 0x0cbc  [ DD3C0C1B62DA0736482501C4BCDCD1F8 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:33:04.0577 0x0cbc  amdkmdap - ok
18:33:04.0639 0x0cbc  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:33:04.0639 0x0cbc  AmdPPM - ok
18:33:04.0686 0x0cbc  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:33:04.0686 0x0cbc  amdsata - ok
18:33:04.0764 0x0cbc  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:04.0795 0x0cbc  amdsbs - ok
18:33:04.0873 0x0cbc  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:33:04.0889 0x0cbc  amdxata - ok
18:33:04.0967 0x0cbc  [ 08E8A4172C57ABD7693A6915CF1E7A99 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
18:33:04.0967 0x0cbc  amd_sata - ok
18:33:04.0982 0x0cbc  [ 9866AF4E4AD7F16E810B6C0B8473F9CD ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
18:33:05.0014 0x0cbc  amd_xata - ok
18:33:05.0138 0x0cbc  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:33:05.0170 0x0cbc  AppID - ok
18:33:05.0248 0x0cbc  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:33:05.0263 0x0cbc  AppIDSvc - ok
18:33:05.0326 0x0cbc  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:33:05.0326 0x0cbc  Appinfo - ok
18:33:05.0404 0x0cbc  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:33:05.0404 0x0cbc  arc - ok
18:33:05.0435 0x0cbc  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:33:05.0450 0x0cbc  arcsas - ok
18:33:05.0528 0x0cbc  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:05.0528 0x0cbc  AsyncMac - ok
18:33:05.0575 0x0cbc  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:33:05.0575 0x0cbc  atapi - ok
18:33:05.0731 0x0cbc  [ 96ABF88241F90FF647E55C934C55C2F1 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:33:05.0809 0x0cbc  athr - ok
18:33:05.0887 0x0cbc  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:33:05.0918 0x0cbc  AtiHdmiService - ok
18:33:05.0965 0x0cbc  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
18:33:05.0965 0x0cbc  AtiPcie - ok
18:33:06.0043 0x0cbc  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:06.0059 0x0cbc  AudioEndpointBuilder - ok
18:33:06.0121 0x0cbc  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:33:06.0121 0x0cbc  AudioSrv - ok
18:33:06.0230 0x0cbc  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:33:06.0230 0x0cbc  AxInstSV - ok
18:33:06.0340 0x0cbc  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:33:06.0620 0x0cbc  b06bdrv - ok
18:33:06.0652 0x0cbc  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:06.0839 0x0cbc  b57nd60a - ok
18:33:06.0886 0x0cbc  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:33:06.0901 0x0cbc  BDESVC - ok
18:33:06.0932 0x0cbc  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:33:07.0010 0x0cbc  Beep - ok
18:33:07.0135 0x0cbc  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:33:07.0213 0x0cbc  BFE - ok
18:33:07.0697 0x0cbc  [ 4CFB458DDB8C7874C1544A7653200F00 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20130903.002\BHDrvx64.sys
18:33:07.0822 0x0cbc  BHDrvx64 - ok
18:33:07.0946 0x0cbc  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:33:08.0134 0x0cbc  BITS - ok
18:33:08.0196 0x0cbc  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:08.0305 0x0cbc  blbdrive - ok
18:33:08.0352 0x0cbc  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:33:08.0414 0x0cbc  bowser - ok
18:33:08.0446 0x0cbc  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:08.0461 0x0cbc  BrFiltLo - ok
18:33:08.0492 0x0cbc  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:08.0492 0x0cbc  BrFiltUp - ok
18:33:08.0570 0x0cbc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:33:08.0570 0x0cbc  Browser - ok
18:33:08.0648 0x0cbc  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:33:08.0680 0x0cbc  Brserid - ok
18:33:08.0711 0x0cbc  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:08.0726 0x0cbc  BrSerWdm - ok
18:33:08.0789 0x0cbc  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:08.0820 0x0cbc  BrUsbMdm - ok
18:33:08.0851 0x0cbc  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:08.0867 0x0cbc  BrUsbSer - ok
18:33:08.0898 0x0cbc  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:08.0914 0x0cbc  BTHMODEM - ok
18:33:08.0976 0x0cbc  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:33:08.0976 0x0cbc  bthserv - ok
18:33:09.0085 0x0cbc  [ A5C16A0BE89EE409732178BEB62F7EA7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1500010.003\ccSetx64.sys
18:33:09.0085 0x0cbc  ccSet_NIS - ok
18:33:09.0132 0x0cbc  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:33:09.0163 0x0cbc  cdfs - ok
18:33:09.0272 0x0cbc  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:33:09.0272 0x0cbc  cdrom - ok
18:33:09.0335 0x0cbc  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:33:09.0335 0x0cbc  CertPropSvc - ok
18:33:09.0366 0x0cbc  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:33:09.0382 0x0cbc  circlass - ok
18:33:09.0444 0x0cbc  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:33:09.0475 0x0cbc  CLFS - ok
18:33:09.0569 0x0cbc  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:09.0569 0x0cbc  clr_optimization_v2.0.50727_32 - ok
18:33:09.0616 0x0cbc  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:33:09.0616 0x0cbc  clr_optimization_v2.0.50727_64 - ok
18:33:09.0740 0x0cbc  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
18:33:09.0740 0x0cbc  clwvd - ok
18:33:09.0772 0x0cbc  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:09.0787 0x0cbc  CmBatt - ok
18:33:09.0834 0x0cbc  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:33:09.0850 0x0cbc  cmdide - ok
18:33:09.0928 0x0cbc  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:33:09.0943 0x0cbc  CNG - ok
18:33:10.0021 0x0cbc  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:33:10.0021 0x0cbc  Compbatt - ok
18:33:10.0068 0x0cbc  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:33:10.0068 0x0cbc  CompositeBus - ok
18:33:10.0084 0x0cbc  COMSysApp - ok
18:33:10.0099 0x0cbc  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:10.0115 0x0cbc  crcdisk - ok
18:33:10.0177 0x0cbc  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:33:10.0193 0x0cbc  CryptSvc - ok
18:33:10.0364 0x0cbc  [ 61A86809B62769643892BC0812B204AA ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:33:10.0364 0x0cbc  cvhsvc - ok
18:33:10.0442 0x0cbc  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:33:10.0442 0x0cbc  DcomLaunch - ok
18:33:10.0474 0x0cbc  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:33:10.0505 0x0cbc  defragsvc - ok
18:33:10.0583 0x0cbc  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:33:10.0598 0x0cbc  DfsC - ok
18:33:10.0708 0x0cbc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:33:10.0708 0x0cbc  Dhcp - ok
18:33:10.0754 0x0cbc  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:33:10.0754 0x0cbc  discache - ok
18:33:10.0801 0x0cbc  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:33:10.0801 0x0cbc  Disk - ok
18:33:10.0848 0x0cbc  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:33:10.0864 0x0cbc  Dnscache - ok
18:33:10.0957 0x0cbc  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:33:10.0973 0x0cbc  dot3svc - ok
18:33:11.0004 0x0cbc  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:33:11.0020 0x0cbc  DPS - ok
18:33:11.0051 0x0cbc  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:33:11.0051 0x0cbc  drmkaud - ok
18:33:11.0113 0x0cbc  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:33:11.0129 0x0cbc  DXGKrnl - ok
18:33:11.0191 0x0cbc  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:33:11.0222 0x0cbc  EapHost - ok
18:33:11.0332 0x0cbc  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:33:11.0378 0x0cbc  ebdrv - ok
18:33:11.0503 0x0cbc  [ A2DA3D8E0B336E13F7A155B5789B58CF ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:33:11.0519 0x0cbc  eeCtrl - ok
18:33:11.0581 0x0cbc  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:33:11.0581 0x0cbc  EFS - ok
18:33:11.0722 0x0cbc  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:33:11.0753 0x0cbc  ehRecvr - ok
18:33:11.0800 0x0cbc  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:33:11.0815 0x0cbc  ehSched - ok
18:33:11.0924 0x0cbc  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:33:11.0924 0x0cbc  elxstor - ok
18:33:12.0018 0x0cbc  [ 23C3061D2F7F8BCB6140A098447035B4 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:33:12.0049 0x0cbc  EraserUtilRebootDrv - ok
18:33:12.0096 0x0cbc  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:33:12.0096 0x0cbc  ErrDev - ok
18:33:12.0221 0x0cbc  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:33:12.0221 0x0cbc  EventSystem - ok
18:33:12.0283 0x0cbc  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:33:12.0283 0x0cbc  exfat - ok
18:33:12.0361 0x0cbc  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:33:12.0377 0x0cbc  fastfat - ok
18:33:12.0626 0x0cbc  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:33:12.0658 0x0cbc  Fax - ok
18:33:12.0720 0x0cbc  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:33:12.0751 0x0cbc  fdc - ok
18:33:12.0798 0x0cbc  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:33:12.0814 0x0cbc  fdPHost - ok
18:33:12.0845 0x0cbc  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:33:12.0845 0x0cbc  FDResPub - ok
18:33:12.0907 0x0cbc  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:33:12.0938 0x0cbc  FileInfo - ok
18:33:12.0970 0x0cbc  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:33:12.0970 0x0cbc  Filetrace - ok
18:33:13.0016 0x0cbc  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:13.0016 0x0cbc  flpydisk - ok
18:33:13.0079 0x0cbc  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:33:13.0079 0x0cbc  FltMgr - ok
18:33:13.0235 0x0cbc  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:33:13.0266 0x0cbc  FontCache - ok
18:33:13.0328 0x0cbc  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:33:13.0328 0x0cbc  FontCache3.0.0.0 - ok
18:33:13.0360 0x0cbc  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:33:13.0360 0x0cbc  FsDepends - ok
18:33:13.0391 0x0cbc  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:33:13.0391 0x0cbc  Fs_Rec - ok
18:33:13.0453 0x0cbc  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:33:13.0453 0x0cbc  fvevol - ok
18:33:13.0469 0x0cbc  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:33:13.0484 0x0cbc  gagp30kx - ok
18:33:13.0578 0x0cbc  [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
18:33:13.0594 0x0cbc  GameConsoleService - ok
18:33:13.0656 0x0cbc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:33:13.0687 0x0cbc  gpsvc - ok
18:33:13.0765 0x0cbc  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:33:13.0796 0x0cbc  gupdate - ok
18:33:13.0828 0x0cbc  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:33:13.0828 0x0cbc  gupdatem - ok
18:33:13.0859 0x0cbc  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:33:13.0874 0x0cbc  hcw85cir - ok
18:33:13.0968 0x0cbc  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:33:13.0968 0x0cbc  HdAudAddService - ok
18:33:13.0999 0x0cbc  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:33:13.0999 0x0cbc  HDAudBus - ok
18:33:14.0015 0x0cbc  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:33:14.0015 0x0cbc  HidBatt - ok
18:33:14.0030 0x0cbc  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:33:14.0030 0x0cbc  HidBth - ok
18:33:14.0062 0x0cbc  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:33:14.0062 0x0cbc  HidIr - ok
18:33:14.0093 0x0cbc  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:33:14.0093 0x0cbc  hidserv - ok
18:33:14.0155 0x0cbc  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:33:14.0155 0x0cbc  HidUsb - ok
18:33:14.0202 0x0cbc  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:33:14.0202 0x0cbc  hkmsvc - ok
18:33:14.0249 0x0cbc  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:33:14.0249 0x0cbc  HomeGroupListener - ok
18:33:14.0296 0x0cbc  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:33:14.0311 0x0cbc  HomeGroupProvider - ok
18:33:14.0374 0x0cbc  [ 37965381364B2E106E1DD7D74CDCAA43 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
18:33:14.0374 0x0cbc  HP Health Check Service - ok
18:33:14.0467 0x0cbc  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
18:33:14.0467 0x0cbc  HP Wireless Assistant Service - ok
18:33:14.0530 0x0cbc  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:33:14.0530 0x0cbc  HPClientSvc - ok
18:33:14.0576 0x0cbc  [ F323230C391771611BBE9363B88C3E3E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:33:14.0576 0x0cbc  HPDrvMntSvc.exe - ok
18:33:14.0608 0x0cbc  [ 5311386F0EC157D155BB07A1D420FB4D ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
18:33:14.0608 0x0cbc  hpqwmiex - ok
18:33:14.0701 0x0cbc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:33:14.0717 0x0cbc  HpSAMD - ok
18:33:14.0795 0x0cbc  [ 854197D1270D20193FE2D4B14784AADE ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:33:14.0795 0x0cbc  HPWMISVC - ok
18:33:14.0873 0x0cbc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:33:14.0888 0x0cbc  HTTP - ok
18:33:14.0951 0x0cbc  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:33:14.0951 0x0cbc  hwpolicy - ok
18:33:15.0029 0x0cbc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:33:15.0044 0x0cbc  i8042prt - ok
18:33:15.0169 0x0cbc  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:33:15.0185 0x0cbc  iaStorV - ok
18:33:15.0388 0x0cbc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:33:15.0419 0x0cbc  idsvc - ok
18:33:15.0575 0x0cbc  [ A1258065E8B16E23E2AFDE72FB5559BC ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20130912.001\IDSvia64.sys
18:33:15.0575 0x0cbc  IDSVia64 - ok
18:33:15.0965 0x0cbc  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:33:16.0121 0x0cbc  igfx - ok
18:33:16.0183 0x0cbc  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:33:16.0214 0x0cbc  iirsp - ok
18:33:16.0277 0x0cbc  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:33:16.0308 0x0cbc  IKEEXT - ok
18:33:16.0402 0x0cbc  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:33:16.0433 0x0cbc  IntcAzAudAddService - ok
18:33:16.0480 0x0cbc  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:33:16.0495 0x0cbc  intelide - ok
18:33:16.0589 0x0cbc  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:33:16.0604 0x0cbc  intelppm - ok
18:33:16.0714 0x0cbc  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:33:16.0745 0x0cbc  IPBusEnum - ok
18:33:16.0792 0x0cbc  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:33:16.0792 0x0cbc  IpFilterDriver - ok
18:33:16.0885 0x0cbc  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:33:16.0901 0x0cbc  iphlpsvc - ok
18:33:16.0979 0x0cbc  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:33:16.0979 0x0cbc  IPMIDRV - ok
18:33:17.0026 0x0cbc  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:33:17.0072 0x0cbc  IPNAT - ok
18:33:17.0135 0x0cbc  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:33:17.0135 0x0cbc  IRENUM - ok
18:33:17.0182 0x0cbc  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:33:17.0197 0x0cbc  isapnp - ok
18:33:17.0275 0x0cbc  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:33:17.0291 0x0cbc  iScsiPrt - ok
18:33:17.0338 0x0cbc  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:33:17.0353 0x0cbc  kbdclass - ok
18:33:17.0400 0x0cbc  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:33:17.0400 0x0cbc  kbdhid - ok
18:33:17.0416 0x0cbc  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:33:17.0416 0x0cbc  KeyIso - ok
18:33:17.0494 0x0cbc  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:33:17.0509 0x0cbc  KSecDD - ok
18:33:17.0572 0x0cbc  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:33:17.0572 0x0cbc  KSecPkg - ok
18:33:17.0618 0x0cbc  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:33:17.0634 0x0cbc  ksthunk - ok
18:33:17.0696 0x0cbc  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:33:17.0712 0x0cbc  KtmRm - ok
18:33:17.0837 0x0cbc  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:33:17.0868 0x0cbc  LanmanServer - ok
18:33:17.0915 0x0cbc  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:33:17.0930 0x0cbc  LanmanWorkstation - ok
18:33:18.0086 0x0cbc  [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:33:18.0102 0x0cbc  LightScribeService - ok
18:33:18.0180 0x0cbc  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:33:18.0180 0x0cbc  lltdio - ok
18:33:18.0274 0x0cbc  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:33:18.0274 0x0cbc  lltdsvc - ok
18:33:18.0289 0x0cbc  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:33:18.0289 0x0cbc  lmhosts - ok
18:33:18.0352 0x0cbc  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:18.0352 0x0cbc  LSI_FC - ok
18:33:18.0367 0x0cbc  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:18.0367 0x0cbc  LSI_SAS - ok
18:33:18.0383 0x0cbc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:18.0398 0x0cbc  LSI_SAS2 - ok
18:33:18.0414 0x0cbc  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:18.0430 0x0cbc  LSI_SCSI - ok
18:33:18.0461 0x0cbc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:33:18.0461 0x0cbc  luafv - ok
18:33:18.0617 0x0cbc  [ 9CD2F5F436D82331B387E00542B596A6 ] MADFUMIDISPORT2010 C:\Windows\system32\DRIVERS\MAudioMIDISPORT_DFU.sys
18:33:18.0617 0x0cbc  MADFUMIDISPORT2010 - ok
18:33:18.0726 0x0cbc  [ 265CCF3E1874B0FCAFE3D857FFB45034 ] MAUSBMIDISPORT  C:\Windows\system32\DRIVERS\MAudioMIDISPORT.sys
18:33:18.0726 0x0cbc  MAUSBMIDISPORT - ok
18:33:18.0788 0x0cbc  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:33:18.0820 0x0cbc  Mcx2Svc - ok
18:33:18.0851 0x0cbc  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:33:18.0851 0x0cbc  megasas - ok
18:33:18.0960 0x0cbc  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:18.0976 0x0cbc  MegaSR - ok
18:33:19.0288 0x0cbc  [ 2F92023E25C1D0CACFF32F67ADA90A28 ] MIDISPORTAudioDevMon C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe
18:33:19.0459 0x0cbc  MIDISPORTAudioDevMon - ok
18:33:19.0584 0x0cbc  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:33:19.0600 0x0cbc  MMCSS - ok
18:33:19.0631 0x0cbc  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:33:19.0646 0x0cbc  Modem - ok
18:33:19.0693 0x0cbc  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:33:19.0709 0x0cbc  monitor - ok
18:33:19.0724 0x0cbc  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:33:19.0740 0x0cbc  mouclass - ok
18:33:19.0771 0x0cbc  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:33:19.0787 0x0cbc  mouhid - ok
18:33:19.0880 0x0cbc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:33:19.0880 0x0cbc  mountmgr - ok
18:33:19.0974 0x0cbc  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:33:20.0005 0x0cbc  MozillaMaintenance - ok
18:33:20.0052 0x0cbc  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:33:20.0052 0x0cbc  mpio - ok
18:33:20.0130 0x0cbc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:33:20.0130 0x0cbc  mpsdrv - ok
18:33:20.0208 0x0cbc  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:33:20.0239 0x0cbc  MpsSvc - ok
18:33:20.0317 0x0cbc  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:33:20.0317 0x0cbc  MRxDAV - ok
18:33:20.0473 0x0cbc  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:20.0489 0x0cbc  mrxsmb - ok
18:33:20.0614 0x0cbc  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:20.0645 0x0cbc  mrxsmb10 - ok
18:33:20.0723 0x0cbc  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:20.0723 0x0cbc  mrxsmb20 - ok
18:33:20.0801 0x0cbc  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:33:20.0816 0x0cbc  msahci - ok
18:33:20.0848 0x0cbc  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:33:20.0863 0x0cbc  msdsm - ok
18:33:20.0894 0x0cbc  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:33:20.0894 0x0cbc  MSDTC - ok
18:33:20.0941 0x0cbc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:33:20.0941 0x0cbc  Msfs - ok
18:33:20.0972 0x0cbc  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:33:20.0972 0x0cbc  mshidkmdf - ok
18:33:21.0050 0x0cbc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:33:21.0050 0x0cbc  msisadrv - ok
18:33:21.0082 0x0cbc  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:33:21.0097 0x0cbc  MSiSCSI - ok
18:33:21.0097 0x0cbc  msiserver - ok
18:33:21.0175 0x0cbc  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:33:21.0175 0x0cbc  MSKSSRV - ok
18:33:21.0238 0x0cbc  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:21.0238 0x0cbc  MSPCLOCK - ok
18:33:21.0269 0x0cbc  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:33:21.0284 0x0cbc  MSPQM - ok
18:33:21.0378 0x0cbc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:33:21.0409 0x0cbc  MsRPC - ok
18:33:21.0472 0x0cbc  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:33:21.0487 0x0cbc  mssmbios - ok
18:33:21.0534 0x0cbc  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:33:21.0534 0x0cbc  MSTEE - ok
18:33:21.0565 0x0cbc  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:21.0565 0x0cbc  MTConfig - ok
18:33:21.0612 0x0cbc  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:33:21.0612 0x0cbc  Mup - ok
18:33:21.0690 0x0cbc  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:33:21.0690 0x0cbc  napagent - ok
18:33:21.0737 0x0cbc  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:33:21.0737 0x0cbc  NativeWifiP - ok
18:33:21.0846 0x0cbc  [ 702E07EC32F96ACDB873E9A5465D4401 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20130912.018\ENG64.SYS
18:33:21.0846 0x0cbc  NAVENG - ok
18:33:21.0909 0x0cbc  [ 302EA314A1AF0D7CEF0A3D0195F79561 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20130912.018\EX64.SYS
18:33:21.0940 0x0cbc  NAVEX15 - ok
18:33:22.0049 0x0cbc  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:33:22.0065 0x0cbc  NDIS - ok
18:33:22.0127 0x0cbc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:22.0143 0x0cbc  NdisCap - ok
18:33:22.0205 0x0cbc  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:22.0267 0x0cbc  NdisTapi - ok
18:33:22.0392 0x0cbc  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:22.0423 0x0cbc  Ndisuio - ok
18:33:22.0517 0x0cbc  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:22.0548 0x0cbc  NdisWan - ok
18:33:22.0642 0x0cbc  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:33:22.0673 0x0cbc  NDProxy - ok
18:33:22.0720 0x0cbc  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:33:22.0735 0x0cbc  NetBIOS - ok
18:33:22.0798 0x0cbc  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:33:22.0813 0x0cbc  NetBT - ok
18:33:22.0876 0x0cbc  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:33:22.0876 0x0cbc  Netlogon - ok
18:33:23.0063 0x0cbc  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:33:23.0063 0x0cbc  Netman - ok
18:33:23.0203 0x0cbc  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:33:23.0203 0x0cbc  netprofm - ok
18:33:23.0281 0x0cbc  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:33:23.0313 0x0cbc  NetTcpPortSharing - ok
18:33:23.0656 0x0cbc  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
18:33:23.0890 0x0cbc  netw5v64 - ok
18:33:23.0983 0x0cbc  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:24.0015 0x0cbc  nfrd960 - ok
18:33:24.0748 0x0cbc  [ 262FB554D67D17D843F81820111F0A80 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.0.1.3\NIS.exe
18:33:24.0748 0x0cbc  NIS - ok
18:33:24.0982 0x0cbc  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:33:24.0997 0x0cbc  NlaSvc - ok
18:33:25.0902 0x0cbc  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:33:26.0011 0x0cbc  NOBU - ok
18:33:26.0105 0x0cbc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:33:26.0121 0x0cbc  Npfs - ok
18:33:26.0230 0x0cbc  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:33:26.0230 0x0cbc  nsi - ok
18:33:26.0277 0x0cbc  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:33:26.0308 0x0cbc  nsiproxy - ok
18:33:26.0667 0x0cbc  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:33:26.0745 0x0cbc  Ntfs - ok
18:33:26.0776 0x0cbc  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:33:26.0776 0x0cbc  Null - ok
18:33:26.0854 0x0cbc  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:33:26.0901 0x0cbc  nvraid - ok
18:33:26.0932 0x0cbc  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:33:26.0979 0x0cbc  nvstor - ok
18:33:27.0072 0x0cbc  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:33:27.0103 0x0cbc  nv_agp - ok
18:33:27.0119 0x0cbc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:33:27.0135 0x0cbc  ohci1394 - ok
18:33:27.0213 0x0cbc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:33:27.0228 0x0cbc  ose - ok
18:33:27.0415 0x0cbc  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:33:27.0571 0x0cbc  osppsvc - ok
18:33:27.0618 0x0cbc  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:33:27.0634 0x0cbc  p2pimsvc - ok
18:33:27.0681 0x0cbc  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:33:27.0681 0x0cbc  p2psvc - ok
18:33:27.0712 0x0cbc  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:33:27.0712 0x0cbc  Parport - ok
18:33:27.0774 0x0cbc  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:33:27.0774 0x0cbc  partmgr - ok
18:33:27.0790 0x0cbc  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:33:27.0805 0x0cbc  PcaSvc - ok
18:33:27.0821 0x0cbc  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:33:27.0821 0x0cbc  pci - ok
18:33:27.0868 0x0cbc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:33:27.0868 0x0cbc  pciide - ok
18:33:27.0899 0x0cbc  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:27.0915 0x0cbc  pcmcia - ok
18:33:27.0946 0x0cbc  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:33:27.0946 0x0cbc  pcw - ok
18:33:27.0993 0x0cbc  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:33:28.0008 0x0cbc  PEAUTH - ok
18:33:28.0227 0x0cbc  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:33:28.0242 0x0cbc  PerfHost - ok
18:33:28.0336 0x0cbc  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:33:28.0367 0x0cbc  pla - ok
18:33:28.0414 0x0cbc  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:33:28.0429 0x0cbc  PlugPlay - ok
18:33:28.0461 0x0cbc  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:33:28.0461 0x0cbc  PNRPAutoReg - ok
18:33:28.0492 0x0cbc  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:33:28.0492 0x0cbc  PNRPsvc - ok
18:33:28.0570 0x0cbc  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:33:28.0585 0x0cbc  PolicyAgent - ok
18:33:28.0617 0x0cbc  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:33:28.0632 0x0cbc  Power - ok
18:33:28.0695 0x0cbc  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:33:28.0710 0x0cbc  PptpMiniport - ok
18:33:28.0741 0x0cbc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:33:28.0757 0x0cbc  Processor - ok
18:33:28.0819 0x0cbc  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:33:28.0819 0x0cbc  ProfSvc - ok
18:33:28.0851 0x0cbc  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:33:28.0851 0x0cbc  ProtectedStorage - ok
18:33:28.0913 0x0cbc  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:33:28.0913 0x0cbc  Psched - ok
18:33:28.0975 0x0cbc  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:33:29.0007 0x0cbc  ql2300 - ok
18:33:29.0069 0x0cbc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:29.0085 0x0cbc  ql40xx - ok
18:33:29.0116 0x0cbc  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:33:29.0131 0x0cbc  QWAVE - ok
18:33:29.0163 0x0cbc  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:33:29.0163 0x0cbc  QWAVEdrv - ok
18:33:29.0178 0x0cbc  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:33:29.0178 0x0cbc  RasAcd - ok
18:33:29.0225 0x0cbc  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:29.0225 0x0cbc  RasAgileVpn - ok
18:33:29.0241 0x0cbc  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:33:29.0256 0x0cbc  RasAuto - ok
18:33:29.0303 0x0cbc  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:29.0303 0x0cbc  Rasl2tp - ok
18:33:29.0350 0x0cbc  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:33:29.0365 0x0cbc  RasMan - ok
18:33:29.0381 0x0cbc  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:33:29.0397 0x0cbc  RasPppoe - ok
18:33:29.0412 0x0cbc  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:33:29.0412 0x0cbc  RasSstp - ok
18:33:29.0459 0x0cbc  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:33:29.0475 0x0cbc  rdbss - ok
18:33:29.0490 0x0cbc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:33:29.0506 0x0cbc  rdpbus - ok
18:33:29.0521 0x0cbc  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:29.0521 0x0cbc  RDPCDD - ok
18:33:29.0553 0x0cbc  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:33:29.0553 0x0cbc  RDPENCDD - ok
18:33:29.0568 0x0cbc  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:33:29.0568 0x0cbc  RDPREFMP - ok
18:33:29.0615 0x0cbc  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:33:29.0615 0x0cbc  RDPWD - ok
18:33:29.0693 0x0cbc  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:33:29.0693 0x0cbc  rdyboost - ok
18:33:29.0724 0x0cbc  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:33:29.0724 0x0cbc  RemoteAccess - ok
18:33:29.0771 0x0cbc  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:33:29.0771 0x0cbc  RemoteRegistry - ok
18:33:29.0849 0x0cbc  [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
18:33:29.0865 0x0cbc  RoxioNow Service - ok
18:33:29.0943 0x0cbc  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:33:29.0958 0x0cbc  RpcEptMapper - ok
18:33:30.0005 0x0cbc  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:33:30.0005 0x0cbc  RpcLocator - ok
18:33:30.0067 0x0cbc  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:33:30.0067 0x0cbc  RpcSs - ok
18:33:30.0192 0x0cbc  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:33:30.0255 0x0cbc  rspndr - ok
18:33:30.0348 0x0cbc  [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:33:30.0364 0x0cbc  RSUSBSTOR - ok
18:33:30.0411 0x0cbc  [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:33:30.0426 0x0cbc  RTL8167 - ok
18:33:30.0473 0x0cbc  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
18:33:30.0489 0x0cbc  RtVOsdService - ok
18:33:30.0489 0x0cbc  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:33:30.0504 0x0cbc  SamSs - ok
18:33:30.0551 0x0cbc  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:33:30.0551 0x0cbc  SASDIFSV - ok
18:33:30.0629 0x0cbc  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:33:30.0629 0x0cbc  SASKUTIL - ok
18:33:30.0676 0x0cbc  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:33:30.0676 0x0cbc  sbp2port - ok
18:33:30.0707 0x0cbc  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:33:30.0707 0x0cbc  SCardSvr - ok
18:33:30.0769 0x0cbc  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:33:30.0769 0x0cbc  scfilter - ok
18:33:30.0847 0x0cbc  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:33:30.0879 0x0cbc  Schedule - ok
18:33:30.0941 0x0cbc  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:33:30.0941 0x0cbc  SCPolicySvc - ok
18:33:31.0003 0x0cbc  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:33:31.0003 0x0cbc  sdbus - ok
18:33:31.0035 0x0cbc  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:33:31.0035 0x0cbc  SDRSVC - ok
18:33:31.0097 0x0cbc  [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:33:31.0113 0x0cbc  SeaPort - ok
18:33:31.0144 0x0cbc  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:33:31.0159 0x0cbc  secdrv - ok
18:33:31.0206 0x0cbc  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:33:31.0206 0x0cbc  seclogon - ok
18:33:31.0222 0x0cbc  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:33:31.0237 0x0cbc  SENS - ok
18:33:31.0269 0x0cbc  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:33:31.0269 0x0cbc  SensrSvc - ok
18:33:31.0284 0x0cbc  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:33:31.0300 0x0cbc  Serenum - ok
18:33:31.0315 0x0cbc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:33:31.0331 0x0cbc  Serial - ok
18:33:31.0378 0x0cbc  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:33:31.0378 0x0cbc  sermouse - ok
18:33:31.0440 0x0cbc  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:33:31.0440 0x0cbc  SessionEnv - ok
18:33:31.0487 0x0cbc  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:33:31.0487 0x0cbc  sffdisk - ok
18:33:31.0503 0x0cbc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:33:31.0503 0x0cbc  sffp_mmc - ok
18:33:31.0518 0x0cbc  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:33:31.0518 0x0cbc  sffp_sd - ok
18:33:31.0549 0x0cbc  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:33:31.0549 0x0cbc  sfloppy - ok
18:33:31.0627 0x0cbc  [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
18:33:31.0643 0x0cbc  Sftfs - ok
18:33:31.0752 0x0cbc  [ BFDB58616FF5EA540A5F58301D50641E ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:33:31.0768 0x0cbc  sftlist - ok
18:33:31.0799 0x0cbc  [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:33:31.0815 0x0cbc  Sftplay - ok
18:33:31.0830 0x0cbc  [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:33:31.0830 0x0cbc  Sftredir - ok
18:33:31.0861 0x0cbc  [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
18:33:31.0861 0x0cbc  Sftvol - ok
18:33:31.0908 0x0cbc  [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:33:31.0908 0x0cbc  sftvsa - ok
18:33:31.0955 0x0cbc  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:33:31.0955 0x0cbc  SharedAccess - ok
18:33:32.0017 0x0cbc  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:33:32.0033 0x0cbc  ShellHWDetection - ok
18:33:32.0064 0x0cbc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:33:32.0080 0x0cbc  SiSRaid2 - ok
18:33:32.0095 0x0cbc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:33:32.0095 0x0cbc  SiSRaid4 - ok
18:33:32.0142 0x0cbc  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:33:32.0142 0x0cbc  Smb - ok
18:33:32.0189 0x0cbc  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:33:32.0189 0x0cbc  SNMPTRAP - ok
18:33:32.0205 0x0cbc  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:33:32.0205 0x0cbc  spldr - ok
18:33:32.0283 0x0cbc  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
18:33:32.0283 0x0cbc  Spooler - ok
18:33:32.0423 0x0cbc  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:33:32.0485 0x0cbc  sppsvc - ok
18:33:32.0501 0x0cbc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:33:32.0517 0x0cbc  sppuinotify - ok
18:33:32.0673 0x0cbc  [ 5BFBC7278A8CD8F4E0A28D5C862197E1 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1500010.003\SRTSP64.SYS
18:33:32.0688 0x0cbc  SRTSP - ok
18:33:32.0719 0x0cbc  [ B18CE01B9C09C59422BA7C7064248B35 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1500010.003\SRTSPX64.SYS
18:33:32.0719 0x0cbc  SRTSPX - ok
18:33:32.0797 0x0cbc  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:33:32.0813 0x0cbc  srv - ok
18:33:32.0860 0x0cbc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:33:32.0860 0x0cbc  srv2 - ok
18:33:32.0907 0x0cbc  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:33:32.0922 0x0cbc  SrvHsfHDA - ok
18:33:32.0985 0x0cbc  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:33:33.0016 0x0cbc  SrvHsfV92 - ok
18:33:33.0047 0x0cbc  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:33:33.0063 0x0cbc  SrvHsfWinac - ok
18:33:33.0125 0x0cbc  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:33:33.0125 0x0cbc  srvnet - ok
18:33:33.0172 0x0cbc  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:33:33.0172 0x0cbc  SSDPSRV - ok
18:33:33.0187 0x0cbc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:33:33.0187 0x0cbc  SstpSvc - ok
18:33:33.0234 0x0cbc  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:33:33.0234 0x0cbc  stexstor - ok
18:33:33.0297 0x0cbc  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:33:33.0312 0x0cbc  stisvc - ok
18:33:33.0359 0x0cbc  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:33:33.0359 0x0cbc  swenum - ok
18:33:33.0468 0x0cbc  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:33:33.0468 0x0cbc  SwitchBoard - ok
18:33:33.0515 0x0cbc  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:33:33.0531 0x0cbc  swprv - ok
18:33:33.0655 0x0cbc  [ 5C9EE2303CA7F267665D75237862B39C ] SymDS           C:\Windows\system32\drivers\NISx64\1500010.003\SYMDS64.SYS
18:33:33.0655 0x0cbc  SymDS - ok
18:33:33.0796 0x0cbc  [ B12034EFC73DE70042A110B314802740 ] SymEFA          C:\Windows\system32\drivers\NISx64\1500010.003\SYMEFA64.SYS
18:33:33.0827 0x0cbc  SymEFA - ok
18:33:33.0905 0x0cbc  [ 97E11C50CE52277B377396EA8838E539 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:33:33.0905 0x0cbc  SymEvent - ok
18:33:33.0983 0x0cbc  [ 48C2934683CBD06F662B088EEF49EF6A ] SymIRON         C:\Windows\system32\drivers\NISx64\1500010.003\Ironx64.SYS
18:33:33.0983 0x0cbc  SymIRON - ok
18:33:34.0077 0x0cbc  [ FF06138CA54AA969F886D5590F4ECD6D ] SymNetS         C:\Windows\System32\Drivers\NISx64\1500010.003\SYMNETS.SYS
18:33:34.0092 0x0cbc  SymNetS - ok
18:33:34.0201 0x0cbc  [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:33:34.0233 0x0cbc  SynTP - ok
18:33:34.0326 0x0cbc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:33:34.0357 0x0cbc  SysMain - ok
18:33:34.0404 0x0cbc  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:33:34.0420 0x0cbc  TabletInputService - ok
18:33:34.0435 0x0cbc  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:33:34.0451 0x0cbc  TapiSrv - ok
18:33:34.0482 0x0cbc  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:33:34.0482 0x0cbc  TBS - ok
18:33:34.0576 0x0cbc  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:33:34.0654 0x0cbc  Tcpip - ok
18:33:34.0732 0x0cbc  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:33:34.0763 0x0cbc  TCPIP6 - ok
18:33:34.0810 0x0cbc  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:33:34.0810 0x0cbc  tcpipreg - ok
18:33:34.0857 0x0cbc  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:33:34.0872 0x0cbc  TDPIPE - ok
18:33:34.0919 0x0cbc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:33:34.0919 0x0cbc  TDTCP - ok
18:33:34.0981 0x0cbc  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:33:34.0981 0x0cbc  tdx - ok
18:33:35.0028 0x0cbc  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:33:35.0028 0x0cbc  TermDD - ok
18:33:35.0075 0x0cbc  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:33:35.0091 0x0cbc  TermService - ok
18:33:35.0122 0x0cbc  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:33:35.0137 0x0cbc  Themes - ok
18:33:35.0169 0x0cbc  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:33:35.0169 0x0cbc  THREADORDER - ok
18:33:35.0200 0x0cbc  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:33:35.0215 0x0cbc  TrkWks - ok
18:33:35.0278 0x0cbc  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:33:35.0278 0x0cbc  TrustedInstaller - ok
18:33:35.0325 0x0cbc  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:33:35.0325 0x0cbc  tssecsrv - ok
18:33:35.0403 0x0cbc  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:33:35.0403 0x0cbc  TsUsbFlt - ok
18:33:35.0465 0x0cbc  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:33:35.0481 0x0cbc  tunnel - ok
18:33:35.0496 0x0cbc  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:33:35.0512 0x0cbc  uagp35 - ok
18:33:35.0559 0x0cbc  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:33:35.0574 0x0cbc  udfs - ok
18:33:35.0621 0x0cbc  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:33:35.0621 0x0cbc  UI0Detect - ok
18:33:35.0652 0x0cbc  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:33:35.0652 0x0cbc  uliagpkx - ok
18:33:35.0715 0x0cbc  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:33:35.0715 0x0cbc  umbus - ok
18:33:35.0746 0x0cbc  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:33:35.0746 0x0cbc  UmPass - ok
18:33:35.0808 0x0cbc  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:33:35.0824 0x0cbc  upnphost - ok
18:33:35.0855 0x0cbc  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:33:35.0871 0x0cbc  usbaudio - ok
18:33:35.0902 0x0cbc  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:33:35.0917 0x0cbc  usbccgp - ok
18:33:35.0980 0x0cbc  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:33:35.0980 0x0cbc  usbcir - ok
18:33:36.0011 0x0cbc  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:33:36.0042 0x0cbc  usbehci - ok
18:33:36.0073 0x0cbc  [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
18:33:36.0089 0x0cbc  usbfilter - ok
18:33:36.0120 0x0cbc  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
18:33:36.0136 0x0cbc  usbhub - ok
18:33:36.0151 0x0cbc  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:33:36.0151 0x0cbc  usbohci - ok
18:33:36.0183 0x0cbc  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:33:36.0198 0x0cbc  usbprint - ok
18:33:36.0245 0x0cbc  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:33:36.0261 0x0cbc  usbscan - ok
18:33:36.0307 0x0cbc  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:33:36.0323 0x0cbc  USBSTOR - ok
18:33:36.0339 0x0cbc  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:33:36.0339 0x0cbc  usbuhci - ok
18:33:36.0370 0x0cbc  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:33:36.0385 0x0cbc  usbvideo - ok
18:33:36.0417 0x0cbc  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:33:36.0417 0x0cbc  UxSms - ok
18:33:36.0432 0x0cbc  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:33:36.0432 0x0cbc  VaultSvc - ok
18:33:36.0463 0x0cbc  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:33:36.0463 0x0cbc  vdrvroot - ok
18:33:36.0526 0x0cbc  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:33:36.0541 0x0cbc  vds - ok
18:33:36.0573 0x0cbc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:33:36.0573 0x0cbc  vga - ok
18:33:36.0604 0x0cbc  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:33:36.0604 0x0cbc  VgaSave - ok
18:33:36.0682 0x0cbc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:33:36.0682 0x0cbc  vhdmp - ok
18:33:36.0729 0x0cbc  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:33:36.0729 0x0cbc  viaide - ok
18:33:36.0775 0x0cbc  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:33:36.0775 0x0cbc  volmgr - ok
18:33:36.0822 0x0cbc  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:33:36.0838 0x0cbc  volmgrx - ok
18:33:36.0869 0x0cbc  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:33:36.0869 0x0cbc  volsnap - ok
18:33:36.0916 0x0cbc  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:33:36.0916 0x0cbc  vsmraid - ok
18:33:37.0009 0x0cbc  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:33:37.0041 0x0cbc  VSS - ok
18:33:37.0134 0x0cbc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:33:37.0134 0x0cbc  vwifibus - ok
18:33:37.0181 0x0cbc  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:33:37.0197 0x0cbc  vwififlt - ok
18:33:37.0243 0x0cbc  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:33:37.0259 0x0cbc  W32Time - ok
18:33:37.0290 0x0cbc  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:33:37.0306 0x0cbc  WacomPen - ok
18:33:37.0353 0x0cbc  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:33:37.0368 0x0cbc  WANARP - ok
18:33:37.0368 0x0cbc  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:33:37.0368 0x0cbc  Wanarpv6 - ok
18:33:37.0524 0x0cbc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:33:37.0555 0x0cbc  WatAdminSvc - ok
18:33:37.0945 0x0cbc  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:33:38.0008 0x0cbc  wbengine - ok
18:33:38.0039 0x0cbc  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:33:38.0039 0x0cbc  WbioSrvc - ok
18:33:38.0086 0x0cbc  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:33:38.0101 0x0cbc  wcncsvc - ok
18:33:38.0133 0x0cbc  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:33:38.0133 0x0cbc  WcsPlugInService - ok
18:33:38.0164 0x0cbc  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:33:38.0179 0x0cbc  Wd - ok
18:33:38.0211 0x0cbc  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:33:38.0226 0x0cbc  Wdf01000 - ok
18:33:38.0242 0x0cbc  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:33:38.0242 0x0cbc  WdiServiceHost - ok
18:33:38.0257 0x0cbc  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:33:38.0257 0x0cbc  WdiSystemHost - ok
18:33:38.0304 0x0cbc  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:33:38.0320 0x0cbc  WebClient - ok
18:33:38.0351 0x0cbc  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:33:38.0351 0x0cbc  Wecsvc - ok
18:33:38.0382 0x0cbc  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:33:38.0382 0x0cbc  wercplsupport - ok
18:33:38.0413 0x0cbc  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:33:38.0413 0x0cbc  WerSvc - ok
18:33:38.0445 0x0cbc  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:33:38.0445 0x0cbc  WfpLwf - ok
18:33:38.0476 0x0cbc  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:33:38.0476 0x0cbc  WIMMount - ok
18:33:38.0507 0x0cbc  WinDefend - ok
18:33:38.0554 0x0cbc  WinHttpAutoProxySvc - ok
18:33:38.0647 0x0cbc  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:33:38.0647 0x0cbc  Winmgmt - ok
18:33:38.0757 0x0cbc  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:33:38.0772 0x0cbc  WinRM - ok
18:33:38.0881 0x0cbc  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:33:38.0881 0x0cbc  WinUsb - ok
18:33:38.0959 0x0cbc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:33:38.0975 0x0cbc  Wlansvc - ok
18:33:39.0178 0x0cbc  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:33:39.0209 0x0cbc  wlidsvc - ok
18:33:39.0256 0x0cbc  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:33:39.0256 0x0cbc  WmiAcpi - ok
18:33:39.0318 0x0cbc  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:33:39.0318 0x0cbc  wmiApSrv - ok
18:33:39.0349 0x0cbc  WMPNetworkSvc - ok
18:33:39.0381 0x0cbc  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:33:39.0396 0x0cbc  WPCSvc - ok
18:33:39.0427 0x0cbc  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:33:39.0427 0x0cbc  WPDBusEnum - ok
18:33:39.0459 0x0cbc  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:33:39.0459 0x0cbc  ws2ifsl - ok
18:33:39.0490 0x0cbc  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:33:39.0490 0x0cbc  wscsvc - ok
18:33:39.0505 0x0cbc  WSearch - ok
18:33:39.0615 0x0cbc  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:33:39.0661 0x0cbc  wuauserv - ok
18:33:39.0677 0x0cbc  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:33:39.0693 0x0cbc  WudfPf - ok
18:33:39.0755 0x0cbc  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:33:39.0755 0x0cbc  WUDFRd - ok
18:33:39.0786 0x0cbc  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:33:39.0786 0x0cbc  wudfsvc - ok
18:33:39.0833 0x0cbc  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:33:39.0849 0x0cbc  WwanSvc - ok
18:33:39.0895 0x0cbc  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:33:39.0911 0x0cbc  yukonw7 - ok
18:33:39.0927 0x0cbc  ================ Scan global ===============================
18:33:39.0958 0x0cbc  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:33:40.0005 0x0cbc  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:33:40.0036 0x0cbc  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:33:40.0098 0x0cbc  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:33:40.0192 0x0cbc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:33:40.0192 0x0cbc  [Global] - ok
18:33:40.0192 0x0cbc  ================ Scan MBR ==================================
18:33:40.0207 0x0cbc  [ 1C5D5C93E583F3B27EAAD604DA60EEEF ] \Device\Harddisk0\DR0
18:33:40.0613 0x0cbc  \Device\Harddisk0\DR0 - ok
18:33:40.0613 0x0cbc  ================ Scan VBR ==================================
18:33:40.0629 0x0cbc  [ AFE845B823FE6BF78B15C3930A17FF9A ] \Device\Harddisk0\DR0\Partition1
18:33:40.0629 0x0cbc  \Device\Harddisk0\DR0\Partition1 - ok
18:33:40.0660 0x0cbc  [ 7766646C1BECFDF35243CDEB4387485F ] \Device\Harddisk0\DR0\Partition2
18:33:40.0660 0x0cbc  \Device\Harddisk0\DR0\Partition2 - ok
18:33:40.0691 0x0cbc  [ 1B767550E16E68E137515762A39E2C1D ] \Device\Harddisk0\DR0\Partition3
18:33:40.0707 0x0cbc  \Device\Harddisk0\DR0\Partition3 - ok
18:33:40.0722 0x0cbc  [ 26534E99EAE86048F0AAFAEF6D459C37 ] \Device\Harddisk0\DR0\Partition4
18:33:40.0722 0x0cbc  \Device\Harddisk0\DR0\Partition4 - ok
18:33:40.0738 0x0cbc  ============================================================
18:33:40.0738 0x0cbc  Scan finished
18:33:40.0738 0x0cbc  ============================================================
18:33:40.0769 0x0dcc  Detected object count: 0
18:33:40.0769 0x0dcc  Actual detected object count: 0

///////////////////////////////

AdwCleaner..

I thought it was supposed to still do something.. it said.. pending.. please uncheck something something?
but after a long while waiting. ha.. I figured it WAS done.. so I hit the report.. this is correct right?.. HEres the report..>

# AdwCleaner v3.003 - Report created 12/09/2013 at 18:57:08
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Albert - ALBERTSCOMP
# Running from : C:\Users\Albert\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Found C:\Users\Albert\AppData\Local\Temp\OpenCandy
Folder Found C:\Users\Albert\AppData\LocalLow\boost_interprocess

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\2j3wuj19.default\prefs.js ]

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2723 octets] - [12/09/2013 18:40:18]
AdwCleaner[R1].txt - [2615 octets] - [12/09/2013 18:57:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2675 octets] ##########

 

 

 

ESET scan results...>

 

C:\MySamples\zipSandRARs\FLStudio9 XXL.zip Win32/OpenCandy application deleted - quarantined

 

C:\MySamples\zipSandRARs\FLStudio9 XXL\FL Studio 9 - XXL_[fl-underground.com]\flstudio_9.0.exe Win32/OpenCandy application cleaned by deleting - quarantined

 

C:\Users\Albert\AppData\Local\Temp\OpenCandy\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined

 

C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\2j3wuj19.default\extensions\qveigkyrzr@qveigkyrzr.org.xpi Win32/TrojanDownloader.Tracur.V trojan deleted - quarantined

 

C:\Users\Albert\Downloads\OhmForce Ohmicide Pro 1.10 VST\OhmForce Ohmicide Pro 1.10 (Keygen).exe a variant of Win32/Keygen.AD application cleaned by deleting - quarantined

............

//////////////////

 

Alrighty boopme... See anything interesting?.. :)  let me know what I need to do next..  :)  thanks..



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 PM

Posted 15 September 2013 - 07:53 PM

Hello, the use of Keygens and/or some torrent downloads probably allowed the Tracur.V Trojan in. This downloader identifies a malicious DLL file that installs a malicious plug-in for the Internet Explorer and/or Mozilla Firefox web browsers in order to redirect searches to an unsolicited website.
This file is probably dropped by a separate dropper program.
 
Remove what ADWCleaner found.
 
Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Let me know how it is after running these.

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Scyance1

Scyance1
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 15 September 2013 - 09:11 PM

Here are the 2 logs..>

 

AdwCleaner..>

 

# Username : Albert - ALBERTSCOMP
# Running from : C:\Users\Albert\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Albert\AppData\Local\Temp\OpenCandy
Folder Deleted : C:\Users\Albert\AppData\LocalLow\boost_interprocess
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\2j3wuj19.default\prefs.js ]

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2723 octets] - [12/09/2013 18:40:18]
AdwCleaner[R1].txt - [2783 octets] - [12/09/2013 18:57:08]
AdwCleaner[R2].txt - [2843 octets] - [15/09/2013 18:18:04]
AdwCleaner[S0].txt - [2254 octets] - [15/09/2013 18:20:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2314 octets] ##########

 

JRT..>

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Albert on Sun 09/15/2013 at 18:40:03.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Emptied folder: C:\Users\Albert\AppData\Roaming\mozilla\firefox\profiles\2j3wuj19.default\minidumps [7 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/15/2013 at 18:50:17.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

I have been reluctant to do much browsing,, but Im going to give it a go.. Im curious about the 2j3wuj19 file in Firefox. seems like the kinda of weird naming scheme those damn virus's use.. This is a default file in firefox? I fell like uninstalling and reinstalling.. would that do any harm?  Also.. Should I do something with all these files/scans I used to find these virus's..  tdskiller, adwclearner , jrt, minitoolbox? or just keep them around in a folder?



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 PM

Posted 15 September 2013 - 09:50 PM

First se if the redirects are stopped.
That file is explained here
http://kb.mozillazine.org/Profile_folder_-_Firefox
You would need to ask in Web Browsers for more info on it as I do not use Firefox.

It does appeared cleaned.

Keep all the downloads bookmarked as to run again you will need a new copy.

Double click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users