Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google links redirecting

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google links redirecting

Unread postby jeffhma » April 28th, 2013, 10:29 am

Helping a non tech savy friend.
Complaint is Google links get redirected to unwanted sites and computer seems to run slow. So far I have tried:
Malware Bytes - nothing found
Kaspersky TDSS Killer - rootkit.win32.backboot.gen found and removed
SuperAntiSpyware - only tracking cookies found, no action taken
Spybot - 47 items detected and removed
ClamWin Antivirus - found and quarantined 1 infected file
BitDefender rootkit scan - nothing found
Sophos rootkit scan - found hidden Temp internet files, deleted temp files redirect fixed bur returned after reboot
Combo fix run and reboot - redirect seems to be fixed. Log is available.


Am I done or are there more problems to fix.

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476
Run by Owner at 9:51:29 on 2013-04-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2285 [GMT -4:00]
.
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: <No Name>: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Assistant BHO: {2d948797-8fe3-4508-9b6f-4bf349a9ea34} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Toolbar BHO: {f149b372-5830-4d88-b8f6-2853d12c1af5} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coieplg.dll
TB: ReadingFanatic: {B36151D1-7770-4480-87E4-F89FB54E173D} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: ReadingFanatic: {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [ReadingFanatic Search Scope Monitor] "C:\PROGRA~2\READIN~2\bar\1.bin\6xsrchmn.exe" /m=2 /w /h
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1 208.67.222.222
TCP: Interfaces\{D983F2BD-5EC1-46DD-AE9A-C341598A162F} : DHCPNameServer = 192.168.1.1 208.67.222.222
TCP: Interfaces\{D983F2BD-5EC1-46DD-AE9A-C341598A162F}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 68.87.71.230 68.87.73.246
TCP: Interfaces\{D983F2BD-5EC1-46DD-AE9A-C341598A162F}\44E646B41697 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D983F2BD-5EC1-46DD-AE9A-C341598A162F}\B6963737769627C6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D983F2BD-5EC1-46DD-AE9A-C341598A162F}\C696E6B6379737F5355435F55353939373 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0604010.00E\symds64.sys [2013-2-6 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0604010.00E\symefa64.sys [2013-2-6 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-4-12 1390680]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\0604010.00E\ccsetx64.sys [2013-2-6 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20130426.001\IDSviA64.sys [2013-4-27 513184]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0604010.00E\ironx64.sys [2013-2-6 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0604010.00E\symnets.sys [2013-2-6 405624]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2011-11-24 78208]
R2 hasplms;HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe [2013-2-6 138272]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-8 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-24 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-2-20 344616]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-20 39464]
S3 MEMSWEEP2;MEMSWEEP2;C:\Windows\System32\E263.tmp [2013-4-28 6144]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-2-20 329832]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-8 59392]
S3 VsmRWDriver;VSM Reader/Writer Type A USB Driver service;C:\Windows\System32\drivers\VsmRWDriver.sys [2007-1-8 15104]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-31 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
S4 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-20 13336]
S4 ReadingFanatic_6xService;ReadingFanaticService;C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe [2013-2-7 42504]
S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
S4 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-20 2320920]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-04-28 13:44:19 -------- d-sh--w- C:\$RECYCLE.BIN
2013-04-28 13:18:30 98816 ----a-w- C:\Windows\sed.exe
2013-04-28 13:18:30 256000 ----a-w- C:\Windows\PEV.exe
2013-04-28 13:18:30 208896 ----a-w- C:\Windows\MBR.exe
2013-04-28 12:20:16 18816 ------w- C:\Windows\SysWow64\SAVRKBootTasks.sys
2013-04-28 11:14:47 6144 ------w- C:\Windows\System32\E263.tmp
2013-04-28 11:09:04 6144 ------w- C:\Windows\System32\A6AA.tmp
2013-04-28 11:08:18 -------- d-----w- C:\Program Files (x86)\Sophos
2013-04-27 17:08:22 -------- d-----w- C:\ClamWinPortable
2013-04-27 00:13:50 -------- d-----w- C:\TDSSKiller_Quarantine
2013-04-26 21:44:06 -------- d-----w- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-04-26 21:43:37 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-04-26 21:43:37 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-04-26 21:33:19 -------- d-----w- C:\Users\Owner\AppData\Local\Programs
2013-04-26 21:25:44 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2013-04-26 21:25:24 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-26 21:25:23 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-26 21:25:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-24 14:22:50 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 15:34:12 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-03-31 10:30:08 -------- d-----w- C:\Users\Owner\AppData\Local\{B307AC4E-1428-4E31-A72D-B03E0DEB0352}
.
==================== Find3M ====================
.
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-15 06:08:40 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-02-15 06:02:26 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-02-15 04:37:10 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-02-15 04:34:10 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-02-15 03:25:51 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
============= FINISH: 9:51:50.20 ===============



Attach.txt :

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/30/2011 2:41:08 PM
System Uptime: 4/28/2013 9:43:38 AM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 166A
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz | CPU | 2533/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 392.181 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 1.818 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Broadcom 2070 Bluetooth
Device ID: USB\VID_0A5C&PID_21B4\E02A82D21365
Manufacturer: Broadcom
Name: Broadcom 2070 Bluetooth
PNP Device ID: USB\VID_0A5C&PID_21B4\E02A82D21365
Service: BTHUSB
.
==== System Restore Points ===================
.
RP196: 4/4/2013 7:33:06 PM - Scheduled Checkpoint
RP197: 4/10/2013 11:36:53 AM - Windows Update
RP198: 4/18/2013 2:03:06 PM - Scheduled Checkpoint
RP202: 4/26/2013 8:50:53 PM - Windows Update
RP203: 4/27/2013 9:56:12 AM - C
RP204: 4/28/2013 8:40:14 AM - Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
4D Embroidery System 8.1
4D File Assistant 8.0
5D Embroidery Machine Communication
64-bit VSM Device Drivers
Adobe Acrobat 4.0
Adobe AIR
Adobe Flash Player 11 ActiveX 64-bit
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
Agatha Christie - Peril at End House
Bejeweled 2 Deluxe
Bing Bar
Bing Rewards Client Installer
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Broadcom 2070 Bluetooth 3.0
Broadcom 802.11 Wireless LAN Adapter
Build-a-lot 2
Cake Mania
Care Medical History Bracelet e-Manager
Chuzzle Deluxe
CyberLink DVD Suite
CyberLink YouCam
D3DX10
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
Energy Star Digital Logo
Escape Rosecliff Island
ESU for Microsoft Windows 7
Farm Frenzy
FATE
Final Drive Nitro
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hallmark Card Studio 2012 Deluxe
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Client Services
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP Game Console
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
HP Wireless Assistant
IDT Audio
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 22 (64-bit)
Java(TM) 6 Update 24
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
Labels and frames
LEGO Universe
LightScribe System Software
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Web Publishing Wizard 1.52
Microsoft WSE 3.0 Runtime
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - The London Caper
Norton 360
Penguins!
Pfaff 4D Bonus Designs
PictureMover
Plants vs. Zombies
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
ReadingFanatic Toolbar
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Recovery Manager
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shockwave
Sophos Anti-Rootkit 1.5.20
SUPERAntiSpyware
Synaptics TouchPad Driver
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Virtual Families
Virtual Villagers 4 - The Tree of Life
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
4/28/2013 9:44:19 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SAVRKBootTasks
4/28/2013 9:25:55 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
4/28/2013 9:25:17 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
4/28/2013 7:55:59 AM, Error: Service Control Manager [7000] - The MEMSWEEP2 service failed to start due to the following error: This driver has been blocked from loading
4/28/2013 7:55:59 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\E263.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
4/28/2013 7:09:29 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\A6AA.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
4/27/2013 1:05:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000006 (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042713-35303-01.
4/26/2013 9:58:19 AM, Error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 9:57:14 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 9:57:01 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 8:03:39 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 4 time(s).
4/26/2013 8:03:39 PM, Error: Service Control Manager [7034] - The Application Experience service terminated unexpectedly. It has done this 4 time(s).
4/26/2013 8:02:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
4/26/2013 8:02:19 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/26/2013 7:32:57 PM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 5 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The System Event Notification Service service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 4 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The IP Helper service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 4 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7034] - The Group Policy Client service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:23:41 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: The pipe has been ended.
4/26/2013 7:19:03 PM, Error: Service Control Manager [7034] - The Themes service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:19:03 PM, Error: Service Control Manager [7034] - The Task Scheduler service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:19:03 PM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:19:03 PM, Error: Service Control Manager [7034] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:19:03 PM, Error: Service Control Manager [7034] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:19:03 PM, Error: Service Control Manager [7034] - The Application Experience service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 7:19:03 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:17:05 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7034] - The Windows Update service terminated unexpectedly. It has done this 2 time(s).
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:15:05 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:06:54 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
4/26/2013 7:06:54 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 7:04:54 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 6:31:07 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The pipe has been ended.
4/26/2013 6:28:13 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Application Experience service, but this action failed with the following error: An instance of the service is already running.
4/26/2013 6:26:29 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80070be3ef, 0x0000000000000000, 0x000007fffffa003c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042613-46425-01.
4/26/2013 5:52:01 PM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 5 time(s).
4/26/2013 5:52:01 PM, Error: Service Control Manager [7034] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 5 time(s).
4/26/2013 5:48:04 PM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 4 time(s).
4/26/2013 5:45:29 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
4/26/2013 5:44:34 PM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 5:40:29 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 12:00:55 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 8 time(s).
4/26/2013 11:38:58 AM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 7 time(s).
4/26/2013 11:15:38 AM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 6 time(s).
4/26/2013 10:34:15 AM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 5 time(s).
4/26/2013 10:20:36 AM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 6 time(s).
4/26/2013 10:20:36 AM, Error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 6 time(s).
4/26/2013 10:20:36 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The pipe has been ended.
4/26/2013 10:16:52 AM, Error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 5 time(s).
4/26/2013 10:16:52 AM, Error: Service Control Manager [7034] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 3 time(s).
4/26/2013 10:11:29 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/26/2013 10:10:12 AM, Error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 4 time(s).
4/26/2013 10:10:12 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/26/2013 10:02:14 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
4/25/2013 8:57:00 AM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 9 time(s).
4/25/2013 8:57:00 AM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 8 time(s).
4/25/2013 8:57:00 AM, Error: Service Control Manager [7034] - The Application Experience service terminated unexpectedly. It has done this 6 time(s).
4/25/2013 8:50:09 AM, Error: Service Control Manager [7034] - The Windows Update service terminated unexpectedly. It has done this 3 time(s).
4/25/2013 8:50:09 AM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 7 time(s).
4/25/2013 8:44:49 AM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 6 time(s).
4/25/2013 8:43:35 AM, Error: Service Control Manager [7034] - The Application Experience service terminated unexpectedly. It has done this 5 time(s).
4/25/2013 8:11:39 PM, Error: Service Control Manager [7000] - The User Profile Service service failed to start due to the following error: A system shutdown is in progress.
4/25/2013 8:11:39 PM, Error: Service Control Manager [7000] - The System Event Notification Service service failed to start due to the following error: A system shutdown is in progress.
4/25/2013 8:11:39 PM, Error: Service Control Manager [7000] - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error: A system shutdown is in progress.
4/25/2013 8:11:39 PM, Error: Service Control Manager [7000] - The Group Policy Client service failed to start due to the following error: A system shutdown is in progress.
4/25/2013 8:11:39 PM, Error: Service Control Manager [7000] - The Extensible Authentication Protocol service failed to start due to the following error: A system shutdown is in progress.
4/25/2013 8:09:39 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: The pipe has been ended.
4/25/2013 8:09:39 PM, Error: Service Control Manager [7000] - The IP Helper service failed to start due to the following error: The pipe has been ended.
4/25/2013 8:08:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SeaPort service to connect.
4/25/2013 8:08:59 PM, Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/25/2013 7:19:23 AM, Error: Service Control Manager [7034] - The Shell Hardware Detection service terminated unexpectedly. It has done this 3 time(s).
4/24/2013 5:35:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
4/24/2013 5:35:19 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/24/2013 5:30:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service.
4/24/2013 5:30:35 AM, Error: Service Control Manager [7000] - The Extensible Authentication Protocol service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/24/2013 5:30:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
4/24/2013 10:18:52 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
4/24/2013 10:18:52 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Server service to connect.
4/24/2013 10:18:52 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/24/2013 10:18:52 AM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/23/2013 6:34:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
4/23/2013 6:34:16 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
4/22/2013 4:29:45 PM, Error: Disk [11] - The driver detected a controller error on \...\DR1.
.
==== End Of File ===========================
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am
Advertisement
Register to Remove

Re: Google links redirecting

Unread postby wannabeageek » April 29th, 2013, 2:26 pm

Hello jeffhma, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.
I am a MRU Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher.
Because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Google links redirecting

Unread postby wannabeageek » April 30th, 2013, 3:02 pm

Greetings jeffhma,

Am I done or are there more problems to fix.
There are a few things we need to look at.

Please post the following logs from the scans you have run where malware was found and removed:
  • ComboFix log
  • ClamWin Antivirus
  • TDSSKiller log
You may need to make separate posts.

Please include in your next reply:
  1. Contents of ComboFix log
  2. Contents of ClamWin Antivirus
  3. Contents of TDSSKiller log
  4. Any problem locatuing log files?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Google links redirecting

Unread postby jeffhma » May 1st, 2013, 10:44 am

Multiple separate postings:
Two TDSS files follow, each shows different files found and dealt with. ComboFix log also follows. The ClamWin Antivirus log was not saved. Computer is still acting normally.

1st TDSS part 1:

20:10:41.0799 31408 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
20:10:43.0827 31408 ============================================================
20:10:43.0827 31408 Current date / time: 2013/04/26 20:10:43.0827
20:10:43.0827 31408 SystemInfo:
20:10:43.0827 31408
20:10:43.0827 31408 OS Version: 6.1.7601 ServicePack: 1.0
20:10:43.0827 31408 Product type: Workstation
20:10:43.0827 31408 ComputerName: OWNER-HP
20:10:43.0827 31408 UserName: Owner
20:10:43.0827 31408 Windows directory: C:\Windows
20:10:43.0827 31408 System windows directory: C:\Windows
20:10:43.0827 31408 Running under WOW64
20:10:43.0827 31408 Processor architecture: Intel x64
20:10:43.0827 31408 Number of processors: 4
20:10:43.0827 31408 Page size: 0x1000
20:10:43.0827 31408 Boot type: Normal boot
20:10:43.0827 31408 ============================================================
20:10:45.0418 31408 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:10:45.0434 31408 Drive \Device\Harddisk1\DR2 - Size: 0xEF300000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:10:45.0434 31408 ============================================================
20:10:45.0434 31408 \Device\Harddisk0\DR0:
20:10:45.0434 31408 MBR partitions:
20:10:45.0434 31408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:10:45.0434 31408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x385CF000
20:10:45.0434 31408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38633000, BlocksNum 0x1D1F000
20:10:45.0434 31408 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
20:10:45.0434 31408 \Device\Harddisk1\DR2:
20:10:45.0434 31408 MBR partitions:
20:10:45.0434 31408 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x7760E8
20:10:45.0434 31408 ============================================================
20:10:45.0481 31408 C: <-> \Device\Harddisk0\DR0\Partition1
20:10:45.0543 31408 D: <-> \Device\Harddisk0\DR0\Partition2
20:10:45.0559 31408 F: <-> \Device\Harddisk0\DR0\Partition3
20:10:45.0559 31408 ============================================================
20:10:45.0559 31408 Initialize success
20:10:45.0559 31408 ============================================================
20:12:04.0229 5916 ============================================================
20:12:04.0229 5916 Scan started
20:12:04.0229 5916 Mode: Manual;
20:12:04.0229 5916 ============================================================
20:12:07.0365 5916 !SASCORE (581d88b25c4d4121824fed2ca38e562f) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:12:07.0365 5916 !SASCORE - ok
20:12:07.0537 5916 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:12:07.0537 5916 1394ohci - ok
20:12:07.0568 5916 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:12:07.0583 5916 ACPI - ok
20:12:07.0615 5916 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:12:07.0615 5916 AcpiPmi - ok
20:12:07.0755 5916 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:12:07.0755 5916 AdobeARMservice - ok
20:12:07.0817 5916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:12:07.0833 5916 adp94xx - ok
20:12:07.0880 5916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:12:07.0895 5916 adpahci - ok
20:12:07.0927 5916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:12:07.0927 5916 adpu320 - ok
20:12:07.0973 5916 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:12:07.0973 5916 AeLookupSvc - ok
20:12:08.0067 5916 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:12:08.0083 5916 AFD - ok
20:12:08.0129 5916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:12:08.0129 5916 agp440 - ok
20:12:08.0161 5916 aksdf (44f360b65c37a42eb5b71c2e5179fdd5) C:\Windows\system32\drivers\aksdf.sys
20:12:08.0161 5916 aksdf - ok
20:12:08.0207 5916 aksfridge (43415af4f20e9867974623840a22fe98) C:\Windows\system32\DRIVERS\aksfridge.sys
20:12:08.0223 5916 aksfridge - ok
20:12:08.0254 5916 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
20:12:08.0254 5916 akshasp - ok
20:12:08.0285 5916 akshhl (bc0ee7f8d0be561793b80871f4f10627) C:\Windows\system32\DRIVERS\akshhl.sys
20:12:08.0285 5916 akshhl - ok
20:12:08.0317 5916 aksusb (27f2e2c89a1855b063fcac21eb7d6a73) C:\Windows\system32\DRIVERS\aksusb.sys
20:12:08.0317 5916 aksusb - ok
20:12:08.0348 5916 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:12:08.0348 5916 ALG - ok
20:12:08.0379 5916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:12:08.0379 5916 aliide - ok
20:12:08.0379 5916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:12:08.0395 5916 amdide - ok
20:12:08.0426 5916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:12:08.0426 5916 AmdK8 - ok
20:12:08.0457 5916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:12:08.0457 5916 AmdPPM - ok
20:12:08.0473 5916 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:12:08.0473 5916 amdsata - ok
20:12:08.0535 5916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:12:08.0535 5916 amdsbs - ok
20:12:08.0566 5916 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:12:08.0566 5916 amdxata - ok
20:12:08.0613 5916 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:12:08.0629 5916 AppID - ok
20:12:08.0644 5916 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:12:08.0644 5916 AppIDSvc - ok
20:12:08.0691 5916 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:12:08.0691 5916 Appinfo - ok
20:12:08.0738 5916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:12:08.0738 5916 arc - ok
20:12:08.0769 5916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:12:08.0769 5916 arcsas - ok
20:12:08.0800 5916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:12:08.0800 5916 AsyncMac - ok
20:12:08.0831 5916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:12:08.0847 5916 atapi - ok
20:12:08.0909 5916 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:12:08.0925 5916 AudioEndpointBuilder - ok
20:12:08.0925 5916 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:12:08.0941 5916 AudioSrv - ok
20:12:08.0987 5916 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:12:08.0987 5916 AxInstSV - ok
20:12:09.0034 5916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:12:09.0050 5916 b06bdrv - ok
20:12:09.0081 5916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:12:09.0081 5916 b57nd60a - ok
20:12:09.0159 5916 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:12:09.0175 5916 BBSvc - ok
20:12:09.0455 5916 BCM43XX (461e574d7967e895640109a371a912a5) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:12:09.0502 5916 BCM43XX - ok
20:12:09.0611 5916 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:12:09.0611 5916 BDESVC - ok
20:12:09.0658 5916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:12:09.0658 5916 Beep - ok
20:12:09.0752 5916 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:12:09.0752 5916 BFE - ok
20:12:09.0986 5916 BHDrvx64 (7b56a40eaaacf1867ff178501d3ea185) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20130412.001\BHDrvx64.sys
20:12:10.0001 5916 BHDrvx64 - ok
20:12:10.0126 5916 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:12:10.0142 5916 BITS - ok
20:12:10.0189 5916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:12:10.0189 5916 blbdrive - ok
20:12:10.0235 5916 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:12:10.0235 5916 bowser - ok
20:12:10.0267 5916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:12:10.0267 5916 BrFiltLo - ok
20:12:10.0282 5916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:12:10.0282 5916 BrFiltUp - ok
20:12:10.0313 5916 Browser (05f5a0d14a2ee1d8255c2aa0e9e8e694) C:\Windows\System32\browser.dll
20:12:10.0313 5916 Browser - ok
20:12:10.0360 5916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:12:10.0360 5916 Brserid - ok
20:12:10.0376 5916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:12:10.0376 5916 BrSerWdm - ok
20:12:10.0391 5916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:12:10.0407 5916 BrUsbMdm - ok
20:12:10.0407 5916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:12:10.0407 5916 BrUsbSer - ok
20:12:10.0469 5916 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:12:10.0469 5916 BthEnum - ok
20:12:10.0501 5916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:12:10.0501 5916 BTHMODEM - ok
20:12:10.0532 5916 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:12:10.0532 5916 BthPan - ok
20:12:10.0594 5916 BTHPORT (738d0e9272f59eb7a1449c3ec118e6c4) C:\Windows\System32\Drivers\BTHport.sys
20:12:10.0594 5916 BTHPORT - ok
20:12:10.0641 5916 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:12:10.0641 5916 bthserv - ok
20:12:10.0657 5916 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:12:10.0657 5916 BTHUSB - ok
20:12:10.0719 5916 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
20:12:10.0719 5916 btwampfl - ok
20:12:10.0735 5916 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
20:12:10.0750 5916 btwaudio - ok
20:12:10.0766 5916 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\DRIVERS\btwavdt.sys
20:12:10.0781 5916 btwavdt - ok
20:12:10.0891 5916 btwdins (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:12:10.0906 5916 btwdins - ok
20:12:10.0969 5916 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:12:10.0984 5916 btwl2cap - ok
20:12:10.0984 5916 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
20:12:10.0984 5916 btwrchid - ok
20:12:11.0062 5916 ccSet_N360 (2c6ffcca37b002aab3c7c31a6d780a76) C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys
20:12:11.0078 5916 ccSet_N360 - ok
20:12:11.0109 5916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:12:11.0125 5916 cdfs - ok
20:12:11.0171 5916 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:12:11.0171 5916 cdrom - ok
20:12:11.0218 5916 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:12:11.0218 5916 CertPropSvc - ok
20:12:11.0249 5916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:12:11.0249 5916 circlass - ok
20:12:11.0281 5916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:12:11.0296 5916 CLFS - ok
20:12:11.0359 5916 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:12:11.0374 5916 clr_optimization_v2.0.50727_32 - ok
20:12:11.0421 5916 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:12:11.0421 5916 clr_optimization_v2.0.50727_64 - ok
20:12:11.0499 5916 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:12:11.0515 5916 clr_optimization_v4.0.30319_32 - ok
20:12:11.0561 5916 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:12:11.0561 5916 clr_optimization_v4.0.30319_64 - ok
20:12:11.0608 5916 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
20:12:11.0608 5916 clwvd - ok
20:12:11.0639 5916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:12:11.0639 5916 CmBatt - ok
20:12:11.0671 5916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:12:11.0780 5916 cmdide - ok
20:12:11.0842 5916 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:12:11.0858 5916 CNG - ok
20:12:11.0905 5916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:12:11.0905 5916 Compbatt - ok
20:12:11.0936 5916 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:12:11.0951 5916 CompositeBus - ok
20:12:11.0983 5916 COMSysApp - ok
20:12:12.0014 5916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:12:12.0029 5916 crcdisk - ok
20:12:12.0076 5916 CryptSvc (9c01375be382e834cc26d1b7eaf2c4fe) C:\Windows\system32\cryptsvc.dll
20:12:12.0076 5916 CryptSvc - ok
20:12:12.0123 5916 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:12:12.0139 5916 DcomLaunch - ok
20:12:12.0185 5916 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:12:12.0185 5916 defragsvc - ok
20:12:12.0232 5916 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:12:12.0232 5916 DfsC - ok
20:12:12.0295 5916 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:12:12.0310 5916 Dhcp - ok
20:12:12.0341 5916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:12:12.0341 5916 discache - ok
20:12:12.0388 5916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:12:12.0388 5916 Disk - ok
20:12:12.0435 5916 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:12:12.0451 5916 Dnscache - ok
20:12:12.0513 5916 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:12:12.0529 5916 dot3svc - ok
20:12:12.0544 5916 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:12:12.0544 5916 DPS - ok
20:12:12.0575 5916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:12:12.0575 5916 drmkaud - ok
20:12:12.0653 5916 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:12:12.0669 5916 DXGKrnl - ok
20:12:12.0700 5916 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:12:12.0700 5916 EapHost - ok
20:12:12.0856 5916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:12:12.0903 5916 ebdrv - ok
20:12:13.0028 5916 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:12:13.0028 5916 eeCtrl - ok
20:12:13.0106 5916 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:12:13.0106 5916 EFS - ok
20:12:13.0199 5916 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:12:13.0199 5916 ehRecvr - ok
20:12:13.0231 5916 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:12:13.0231 5916 ehSched - ok
20:12:13.0309 5916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:12:13.0324 5916 elxstor - ok
20:12:13.0449 5916 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:12:13.0449 5916 EraserUtilRebootDrv - ok
20:12:13.0480 5916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:12:13.0480 5916 ErrDev - ok
20:12:13.0543 5916 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:12:13.0543 5916 EventSystem - ok
20:12:13.0574 5916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:12:13.0574 5916 exfat - ok
20:12:13.0605 5916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:12:13.0605 5916 fastfat - ok
20:12:13.0683 5916 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:12:13.0699 5916 Fax - ok
20:12:13.0730 5916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:12:13.0745 5916 fdc - ok
20:12:13.0777 5916 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:12:13.0777 5916 fdPHost - ok
20:12:13.0792 5916 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:12:13.0792 5916 FDResPub - ok
20:12:13.0823 5916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:12:13.0823 5916 FileInfo - ok
20:12:13.0855 5916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:12:13.0855 5916 Filetrace - ok
20:12:13.0870 5916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:12:13.0870 5916 flpydisk - ok
20:12:13.0948 5916 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:12:13.0948 5916 FltMgr - ok
20:12:14.0011 5916 FontCache (c4c183e6551084039ec862da1c945e3d) C:\Windows\system32\FntCache.dll
20:12:14.0042 5916 FontCache - ok
20:12:14.0089 5916 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:12:14.0089 5916 FontCache3.0.0.0 - ok
20:12:14.0151 5916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:12:14.0151 5916 FsDepends - ok
20:12:14.0167 5916 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:12:14.0182 5916 Fs_Rec - ok
20:12:14.0213 5916 fvevol (8f6322049018354f45f05a2fd2d4e5e0) C:\Windows\system32\DRIVERS\fvevol.sys
20:12:14.0229 5916 fvevol - ok
20:12:14.0245 5916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:12:14.0245 5916 gagp30kx - ok
20:12:14.0338 5916 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:12:14.0354 5916 GameConsoleService - ok
20:12:14.0401 5916 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:12:14.0416 5916 gpsvc - ok
20:12:14.0510 5916 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:12:14.0510 5916 gupdate - ok
20:12:14.0510 5916 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:12:14.0510 5916 gupdatem - ok
20:12:14.0557 5916 gusvc (5d4bc124faae6730ac002cdb67bf1a1c) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:12:14.0572 5916 gusvc - ok
20:12:14.0666 5916 hardlock (d619ba1712b83d14149850e758b835ad) C:\Windows\system32\drivers\hardlock.sys
20:12:14.0666 5916 hardlock - ok
20:12:14.0666 5916 hasplms - ok
20:12:14.0681 5916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:12:14.0681 5916 hcw85cir - ok
20:12:14.0744 5916 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:12:14.0744 5916 HdAudAddService - ok
20:12:14.0759 5916 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:12:14.0759 5916 HDAudBus - ok
20:12:14.0791 5916 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:12:14.0791 5916 HECIx64 - ok
20:12:14.0806 5916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:12:14.0806 5916 HidBatt - ok
20:12:14.0822 5916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:12:14.0822 5916 HidBth - ok
20:12:14.0837 5916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:12:14.0837 5916 HidIr - ok
20:12:14.0853 5916 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:12:14.0853 5916 hidserv - ok
20:12:14.0900 5916 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:12:14.0900 5916 HidUsb - ok
20:12:14.0931 5916 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:12:14.0931 5916 hkmsvc - ok
20:12:14.0978 5916 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:12:14.0978 5916 HomeGroupListener - ok
20:12:15.0025 5916 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:12:15.0025 5916 HomeGroupProvider - ok
20:12:15.0149 5916 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:12:15.0165 5916 HP Support Assistant Service - ok
20:12:15.0259 5916 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:12:15.0259 5916 HP Wireless Assistant Service - ok
20:12:15.0290 5916 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:12:15.0305 5916 HPClientSvc - ok
20:12:15.0430 5916 hpqwmiex (514455f6586473791c5c6b25ba4e1bab) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:12:15.0446 5916 hpqwmiex - ok
20:12:15.0617 5916 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:12:15.0617 5916 HpSAMD - ok
20:12:15.0836 5916 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:12:15.0867 5916 HTTP - ok
20:12:15.0914 5916 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:12:15.0914 5916 hwpolicy - ok
20:12:16.0023 5916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:12:16.0039 5916 i8042prt - ok
20:12:16.0148 5916 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
20:12:16.0148 5916 iaStor - ok
20:12:16.0319 5916 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:12:16.0335 5916 IAStorDataMgrSvc - ok
20:12:16.0491 5916 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:12:16.0491 5916 iaStorV - ok
20:12:16.0850 5916 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:12:16.0897 5916 idsvc - ok
20:12:17.0396 5916 IDSVia64 (a48928d4cca6f8b731989db08cf2c0ab) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20130425.001\IDSvia64.sys
20:12:17.0396 5916 IDSVia64 - ok
20:12:18.0316 5916 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:12:18.0535 5916 igfx - ok
20:12:18.0691 5916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:12:18.0691 5916 iirsp - ok
20:12:18.0753 5916 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:12:18.0769 5916 IKEEXT - ok
20:12:18.0800 5916 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
20:12:18.0800 5916 Impcd - ok
20:12:18.0878 5916 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:12:18.0878 5916 IntcDAud - ok
20:12:18.0925 5916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:12:18.0925 5916 intelide - ok
20:12:18.0987 5916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:12:18.0987 5916 intelppm - ok
20:12:19.0049 5916 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:12:19.0049 5916 IPBusEnum - ok
20:12:19.0081 5916 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:12:19.0081 5916 IpFilterDriver - ok
20:12:19.0143 5916 iphlpsvc (08c2957bb30058e663720c5606885653) C:\Windows\System32\iphlpsvc.dll
20:12:19.0143 5916 iphlpsvc - ok
20:12:19.0174 5916 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:12:19.0190 5916 IPMIDRV - ok
20:12:19.0205 5916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:12:19.0221 5916 IPNAT - ok
20:12:19.0237 5916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:12:19.0252 5916 IRENUM - ok
20:12:19.0268 5916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:12:19.0268 5916 isapnp - ok
20:12:19.0299 5916 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:12:19.0299 5916 iScsiPrt - ok
20:12:19.0315 5916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:12:19.0330 5916 kbdclass - ok
20:12:19.0377 5916 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:12:19.0377 5916 kbdhid - ok
20:12:19.0408 5916 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:12:19.0408 5916 KeyIso - ok
20:12:19.0486 5916 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:12:19.0486 5916 KSecDD - ok
20:12:19.0564 5916 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:12:19.0564 5916 KSecPkg - ok
20:12:19.0595 5916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:12:19.0595 5916 ksthunk - ok
20:12:19.0642 5916 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:12:19.0642 5916 KtmRm - ok
20:12:19.0720 5916 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:12:19.0736 5916 LanmanServer - ok
20:12:19.0767 5916 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:12:19.0783 5916 LanmanWorkstation - ok
20:12:19.0876 5916 LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:12:19.0892 5916 LightScribeService - ok
20:12:19.0939 5916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:12:19.0939 5916 lltdio - ok
20:12:20.0001 5916 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:12:20.0001 5916 lltdsvc - ok
20:12:20.0017 5916 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:12:20.0032 5916 lmhosts - ok
20:12:20.0095 5916 LMS (0405f4bcd1c7a7b309f620fe0b5de5e6) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:12:20.0110 5916 LMS - ok
20:12:20.0141 5916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:12:20.0157 5916 LSI_FC - ok
20:12:20.0173 5916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:12:20.0173 5916 LSI_SAS - ok
20:12:20.0188 5916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:12:20.0188 5916 LSI_SAS2 - ok
20:12:20.0219 5916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:12:20.0219 5916 LSI_SCSI - ok
20:12:20.0251 5916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:12:20.0251 5916 luafv - ok
20:12:20.0282 5916 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:12:20.0297 5916 Mcx2Svc - ok
20:12:20.0329 5916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:12:20.0329 5916 megasas - ok
20:12:20.0360 5916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:12:20.0360 5916 MegaSR - ok
20:12:20.0407 5916 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:12:20.0407 5916 MMCSS - ok
20:12:20.0438 5916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:12:20.0438 5916 Modem - ok
20:12:20.0453 5916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:12:20.0469 5916 monitor - ok
20:12:20.0516 5916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:12:20.0516 5916 mouclass - ok
20:12:20.0563 5916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:12:20.0563 5916 mouhid - ok
20:12:20.0609 5916 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:12:20.0609 5916 mountmgr - ok
20:12:20.0641 5916 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:12:20.0656 5916 mpio - ok
20:12:20.0672 5916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:12:20.0687 5916 mpsdrv - ok
20:12:20.0750 5916 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:12:20.0750 5916 MpsSvc - ok
20:12:20.0781 5916 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:12:20.0797 5916 MRxDAV - ok
20:12:20.0828 5916 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:12:20.0828 5916 mrxsmb - ok
20:12:20.0875 5916 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:12:20.0875 5916 mrxsmb10 - ok
20:12:20.0906 5916 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:12:20.0906 5916 mrxsmb20 - ok
20:12:20.0937 5916 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:12:20.0937 5916 msahci - ok
20:12:20.0968 5916 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:12:20.0968 5916 msdsm - ok
20:12:21.0015 5916 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:12:21.0015 5916 MSDTC - ok
20:12:21.0046 5916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:12:21.0046 5916 Msfs - ok
20:12:21.0062 5916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:12:21.0077 5916 mshidkmdf - ok
20:12:21.0093 5916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:12:21.0093 5916 msisadrv - ok
20:12:21.0109 5916 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:12:21.0124 5916 MSiSCSI - ok
20:12:21.0124 5916 msiserver - ok
20:12:21.0155 5916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:12:21.0155 5916 MSKSSRV - ok
20:12:21.0155 5916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:12:21.0171 5916 MSPCLOCK - ok
20:12:21.0171 5916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:12:21.0171 5916 MSPQM - ok
20:12:21.0218 5916 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:12:21.0233 5916 MsRPC - ok
20:12:21.0265 5916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:12:21.0265 5916 mssmbios - ok
20:12:21.0296 5916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:12:21.0296 5916 MSTEE - ok
20:12:21.0311 5916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:12:21.0311 5916 MTConfig - ok
20:12:21.0343 5916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:12:21.0343 5916 Mup - ok
20:12:21.0421 5916 N360 (f2840dbfe9322f35557219ae82cc4597) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
20:12:21.0421 5916 N360 - ok
20:12:21.0483 5916 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:12:21.0483 5916 napagent - ok
20:12:21.0530 5916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:12:21.0545 5916 NativeWifiP - ok
20:12:21.0733 5916 NAVENG (88a2f45ce66b904285978d6bb13afeb2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130426.017\ENG64.SYS
20:12:21.0748 5916 NAVENG - ok
20:12:22.0013 5916 NAVEX15 (d2a545da3a90bbfa40e020c23f1b7a48) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130426.017\EX64.SYS
20:12:22.0045 5916 NAVEX15 - ok
20:12:22.0263 5916 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys
20:12:22.0263 5916 NDIS - ok
20:12:22.0294 5916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:12:22.0294 5916 NdisCap - ok
20:12:22.0310 5916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:12:22.0310 5916 NdisTapi - ok
20:12:22.0357 5916 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:12:22.0357 5916 Ndisuio - ok
20:12:22.0403 5916 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:12:22.0419 5916 NdisWan - ok
20:12:22.0466 5916 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:12:22.0466 5916 NDProxy - ok
20:12:22.0481 5916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:12:22.0481 5916 NetBIOS - ok
20:12:22.0544 5916 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:12:22.0544 5916 NetBT - ok
20:12:22.0591 5916 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:12:22.0591 5916 Netlogon - ok
20:12:22.0637 5916 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:12:22.0653 5916 Netman - ok
20:12:22.0684 5916 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:12:22.0684 5916 netprofm - ok
20:12:22.0762 5916 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:12:22.0762 5916 NetTcpPortSharing - ok
20:12:23.0059 5916 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
20:12:23.0121 5916 netw5v64 - ok
20:12:23.0230 5916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:12:23.0230 5916 nfrd960 - ok
20:12:23.0293 5916 NlaSvc (8ad77806d336673f270db31645267293) C:\Windows\System32\nlasvc.dll
20:12:23.0308 5916 NlaSvc - ok
20:12:23.0324 5916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:12:23.0324 5916 Npfs - ok
20:12:23.0355 5916 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:12:23.0355 5916 nsi - ok
20:12:23.0371 5916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:12:23.0371 5916 nsiproxy - ok
20:12:23.0449 5916 Ntfs (b8965fb53551b5455630a4b804d0791f) C:\Windows\system32\drivers\Ntfs.sys
20:12:23.0464 5916 Ntfs - ok
20:12:23.0589 5916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:12:23.0589 5916 Null - ok
20:12:23.0620 5916 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:12:23.0620 5916 nvraid - ok
20:12:23.0636 5916 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:12:23.0636 5916 nvstor - ok
20:12:23.0667 5916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:12:23.0683 5916 nv_agp - ok
20:12:23.0776 5916 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:12:23.0792 5916 odserv - ok
20:12:23.0807 5916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:12:23.0823 5916 ohci1394 - ok
20:12:23.0870 5916 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:12:23.0870 5916 ose - ok
20:12:23.0917 5916 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:12:23.0917 5916 p2pimsvc - ok
20:12:23.0979 5916 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:12:23.0979 5916 p2psvc - ok
20:12:24.0026 5916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:12:24.0026 5916 Parport - ok
20:12:24.0057 5916 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:12:24.0057 5916 partmgr - ok
20:12:24.0088 5916 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:12:24.0088 5916 PcaSvc - ok
20:12:24.0135 5916 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:12:24.0135 5916 pci - ok
20:12:24.0151 5916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:12:24.0151 5916 pciide - ok
20:12:24.0182 5916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:12:24.0182 5916 pcmcia - ok
20:12:24.0213 5916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:12:24.0213 5916 pcw - ok
20:12:24.0244 5916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:12:24.0260 5916 PEAUTH - ok
20:12:24.0322 5916 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:12:24.0322 5916 PerfHost - ok
20:12:24.0416 5916 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:12:24.0431 5916 pla - ok
20:12:24.0494 5916 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:12:24.0509 5916 PlugPlay - ok
20:12:24.0525 5916 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:12:24.0541 5916 PNRPAutoReg - ok
20:12:24.0572 5916 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:12:24.0572 5916 PNRPsvc - ok
20:12:24.0634 5916 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:12:24.0650 5916 PolicyAgent - ok
20:12:24.0681 5916 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:12:24.0697 5916 Power - ok
20:12:24.0759 5916 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:12:24.0759 5916 PptpMiniport - ok
20:12:24.0775 5916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:12:24.0775 5916 Processor - ok
20:12:24.0821 5916 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:12:24.0821 5916 ProfSvc - ok
20:12:24.0853 5916 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:12:24.0853 5916 ProtectedStorage - ok
20:12:24.0899 5916 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:12:24.0915 5916 Psched - ok
20:12:24.0993 5916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:12:25.0009 5916 ql2300 - ok
20:12:25.0133 5916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:12:25.0133 5916 ql40xx - ok
20:12:25.0165 5916 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:12:25.0165 5916 QWAVE - ok
20:12:25.0196 5916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:12:25.0196 5916 QWAVEdrv - ok
20:12:25.0211 5916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:12:25.0211 5916 RasAcd - ok
20:12:25.0243 5916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:12:25.0243 5916 RasAgileVpn - ok
20:12:25.0258 5916 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:12:25.0274 5916 RasAuto - ok
20:12:25.0305 5916 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:12:25.0305 5916 Rasl2tp - ok
20:12:25.0352 5916 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:12:25.0367 5916 RasMan - ok
20:12:25.0383 5916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:12:25.0383 5916 RasPppoe - ok
20:12:25.0430 5916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:12:25.0430 5916 RasSstp - ok
20:12:25.0445 5916 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:12:25.0445 5916 rdbss - ok
20:12:25.0477 5916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:12:25.0477 5916 rdpbus - ok
20:12:25.0492 5916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:12:25.0492 5916 RDPCDD - ok
20:12:25.0523 5916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:12:25.0523 5916 RDPENCDD - ok
20:12:25.0539 5916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:12:25.0539 5916 RDPREFMP - ok
20:12:25.0586 5916 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:12:25.0586 5916 RDPWD - ok
20:12:25.0648 5916 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:12:25.0648 5916 rdyboost - ok
20:12:25.0742 5916 ReadingFanatic_6xService (622fcf264119f7df127be353f796b319) C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe
20:12:25.0742 5916 ReadingFanatic_6xService - ok
20:12:25.0773 5916 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:12:25.0773 5916 RemoteAccess - ok
20:12:25.0820 5916 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:12:25.0820 5916 RemoteRegistry - ok
20:12:25.0882 5916 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:12:25.0882 5916 RFCOMM - ok
20:12:25.0945 5916 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
20:12:25.0960 5916 RoxioNow Service - ok
20:12:25.0960 5916 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:12:25.0960 5916 RpcEptMapper - ok
20:12:25.0976 5916 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:12:25.0976 5916 RpcLocator - ok
20:12:26.0023 5916 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:12:26.0023 5916 RpcSs - ok
20:12:26.0085 5916 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
20:12:26.0085 5916 RSPCIESTOR - ok
20:12:26.0116 5916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:12:26.0132 5916 rspndr - ok
20:12:26.0179 5916 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:12:26.0194 5916 RTL8167 - ok
20:12:26.0226 5916 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:12:26.0226 5916 SamSs - ok
20:12:26.0304 5916 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:12:26.0319 5916 SASDIFSV - ok
20:12:26.0335 5916 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:12:26.0335 5916 SASKUTIL - ok
20:12:26.0366 5916 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:12:26.0366 5916 sbp2port - ok
20:12:26.0413 5916 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:12:26.0413 5916 SCardSvr - ok
20:12:26.0444 5916 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:12:26.0444 5916 scfilter - ok
20:12:26.0522 5916 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:12:26.0538 5916 Schedule - ok
20:12:26.0569 5916 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:12:26.0584 5916 SCPolicySvc - ok
20:12:26.0616 5916 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:12:26.0616 5916 sdbus - ok
20:12:26.0631 5916 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:12:26.0647 5916 SDRSVC - ok
20:12:26.0725 5916 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:12:26.0725 5916 SeaPort - ok
20:12:26.0772 5916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:12:26.0772 5916 secdrv - ok
20:12:26.0803 5916 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:12:26.0803 5916 seclogon - ok
20:12:26.0818 5916 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:12:26.0834 5916 SENS - ok
20:12:26.0850 5916 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:12:26.0850 5916 SensrSvc - ok
20:12:26.0865 5916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:12:26.0865 5916 Serenum - ok
20:12:26.0881 5916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:12:26.0881 5916 Serial - ok
20:12:26.0912 5916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:12:26.0912 5916 sermouse - ok
20:12:26.0974 5916 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:12:26.0974 5916 SessionEnv - ok
20:12:27.0006 5916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:12:27.0006 5916 sffdisk - ok
20:12:27.0021 5916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:12:27.0021 5916 sffp_mmc - ok
20:12:27.0037 5916 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:12:27.0037 5916 sffp_sd - ok
20:12:27.0068 5916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:12:27.0068 5916 sfloppy - ok
20:12:27.0115 5916 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:12:27.0115 5916 SharedAccess - ok
20:12:27.0162 5916 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:12:27.0162 5916 ShellHWDetection - ok
20:12:27.0208 5916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:12:27.0208 5916 SiSRaid2 - ok
20:12:27.0224 5916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:12:27.0224 5916 SiSRaid4 - ok
20:12:27.0255 5916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:12:27.0255 5916 Smb - ok
20:12:27.0302 5916 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:12:27.0302 5916 SNMPTRAP - ok
20:12:27.0318 5916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:12:27.0318 5916 spldr - ok
20:12:27.0364 5916 Spooler (85daa09a98c9286d4ea2ba8d0e644377) C:\Windows\System32\spoolsv.exe
20:12:27.0380 5916 Spooler - ok
20:12:27.0552 5916 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:12:27.0583 5916 sppsvc - ok
20:12:27.0708 5916 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:12:27.0708 5916 sppuinotify - ok
20:12:27.0879 5916 SRTSP (891793e00432fa055cf040605c260e49) C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS
20:12:27.0895 5916 SRTSP - ok
20:12:27.0926 5916 SRTSPX (1cb7bb3b0561fb5ecfe37f7731e8bf3e) C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS
20:12:27.0926 5916 SRTSPX - ok
20:12:27.0973 5916 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:12:27.0988 5916 srv - ok
20:12:28.0035 5916 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:12:28.0035 5916 srv2 - ok
20:12:28.0113 5916 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:12:28.0113 5916 SrvHsfHDA - ok
20:12:28.0238 5916 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:12:28.0254 5916 SrvHsfV92 - ok
20:12:28.0363 5916 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:12:28.0378 5916 SrvHsfWinac - ok
20:12:28.0425 5916 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:12:28.0425 5916 srvnet - ok
20:12:28.0456 5916 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:12:28.0456 5916 SSDPSRV - ok
20:12:28.0472 5916 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:12:28.0488 5916 SstpSvc - ok
20:12:28.0597 5916 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
20:12:28.0612 5916 STacSV - ok
20:12:28.0644 5916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:12:28.0644 5916 stexstor - ok
20:12:28.0690 5916 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
20:12:28.0706 5916 STHDA - ok
20:12:28.0768 5916 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:12:28.0768 5916 stisvc - ok
20:12:28.0800 5916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:12:28.0800 5916 swenum - ok
20:12:28.0862 5916 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:12:28.0878 5916 swprv - ok
20:12:28.0971 5916 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS
20:12:28.0971 5916 SymDS - ok
20:12:29.0034 5916 SymEFA (5cb7f2fd7e30a0f52f93574bfc3a8041) C:\Windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS
20:12:29.0049 5916 SymEFA - ok
20:12:29.0096 5916 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:12:29.0096 5916 SymEvent - ok
20:12:29.0143 5916 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS
20:12:29.0143 5916 SymIRON - ok
20:12:29.0190 5916 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS
20:12:29.0190 5916 SymNetS - ok
20:12:29.0314 5916 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys
20:12:29.0330 5916 SynTP - ok
20:12:29.0486 5916 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:12:29.0502 5916 SysMain - ok
20:12:29.0595 5916 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:12:29.0595 5916 TabletInputService - ok
20:12:29.0626 5916 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:12:29.0626 5916 TapiSrv - ok
20:12:29.0673 5916 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:12:29.0689 5916 TBS - ok
20:12:29.0876 5916 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys
20:12:29.0907 5916 Tcpip - ok
20:12:30.0141 5916 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys
20:12:30.0157 5916 TCPIP6 - ok
20:12:30.0266 5916 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys
20:12:30.0282 5916 tcpipreg - ok
20:12:30.0297 5916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:12:30.0297 5916 TDPIPE - ok
20:12:30.0328 5916 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:12:30.0344 5916 TDTCP - ok
20:12:30.0360 5916 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:12:30.0360 5916 tdx - ok
20:12:30.0391 5916 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:12:30.0391 5916 TermDD - ok
20:12:30.0469 5916 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:12:30.0484 5916 TermService - ok
20:12:30.0516 5916 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:12:30.0516 5916 Themes - ok
20:12:30.0547 5916 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:12:30.0547 5916 THREADORDER - ok
20:12:30.0578 5916 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:12:30.0578 5916 TrkWks - ok
20:12:30.0625 5916 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:12:30.0625 5916 TrustedInstaller - ok
20:12:30.0656 5916 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:12:30.0672 5916 tssecsrv - ok
20:12:30.0718 5916 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:12:30.0718 5916 TsUsbFlt - ok
20:12:30.0781 5916 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:12:30.0781 5916 tunnel - ok
20:12:30.0796 5916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:12:30.0796 5916 uagp35 - ok
20:12:30.0843 5916 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:12:30.0859 5916 udfs - ok
20:12:30.0890 5916 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:12:30.0906 5916 UI0Detect - ok
20:12:30.0921 5916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:12:30.0921 5916 uliagpkx - ok
20:12:30.0952 5916 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:12:30.0952 5916 umbus - ok
20:12:30.0984 5916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:12:30.0984 5916 UmPass - ok
20:12:31.0202 5916 UNS (6f895ca96552069b3d3ef5b4f6e90d3e) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:12:31.0218 5916 UNS - ok
20:12:31.0327 5916 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:12:31.0342 5916 upnphost - ok
20:12:31.0374 5916 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:12:31.0374 5916 usbccgp - ok
20:12:31.0389 5916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:12:31.0405 5916 usbcir - ok
20:12:31.0420 5916 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:12:31.0420 5916 usbehci - ok
20:12:31.0452 5916 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:12:31.0452 5916 usbhub - ok
20:12:31.0467 5916 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:12:31.0483 5916 usbohci - ok
20:12:31.0498 5916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:12:31.0514 5916 usbprint - ok
20:12:31.0545 5916 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:12:31.0545 5916 usbscan - ok
20:12:31.0592 5916 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:12:31.0592 5916 USBSTOR - ok
20:12:31.0608 5916 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:12:31.0608 5916 usbuhci - ok
20:12:31.0639 5916 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:12:31.0639 5916 usbvideo - ok
20:12:31.0670 5916 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:12:31.0686 5916 UxSms - ok
20:12:31.0717 5916 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:12:31.0717 5916 VaultSvc - ok
20:12:31.0764 5916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:12:31.0764 5916 vdrvroot - ok
20:12:31.0842 5916 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:12:31.0857 5916 vds - ok
20:12:31.0888 5916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:12:31.0888 5916 vga - ok
20:12:31.0904 5916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:12:31.0920 5916 VgaSave - ok
20:12:31.0951 5916 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:12:31.0966 5916 vhdmp - ok
20:12:31.0982 5916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:12:31.0982 5916 viaide - ok
20:12:31.0998 5916 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:12:32.0013 5916 volmgr - ok
20:12:32.0060 5916 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:12:32.0060 5916 volmgrx - ok
20:12:32.0107 5916 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:12:32.0107 5916 volsnap - ok
20:12:32.0154 5916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:12:32.0154 5916 vsmraid - ok
20:12:32.0216 5916 VsmRWDriver (0b4832b848d016622e0f2f136e4715fd) C:\Windows\system32\DRIVERS\VsmRWDriver.sys
20:12:32.0232 5916 VsmRWDriver - ok
20:12:32.0403 5916 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:12:32.0450 5916 VSS - ok
20:12:32.0575 5916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:12:32.0575 5916 vwifibus - ok
20:12:32.0606 5916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:12:32.0606 5916 vwififlt - ok
20:12:32.0637 5916 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:12:32.0637 5916 W32Time - ok
20:12:32.0668 5916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:12:32.0668 5916 WacomPen - ok
20:12:32.0715 5916 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:12:32.0715 5916 WANARP - ok
20:12:32.0715 5916 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:12:32.0715 5916 Wanarpv6 - ok
20:12:32.0824 5916 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:12:32.0840 5916 WatAdminSvc - ok
20:12:32.0918 5916 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:12:32.0934 5916 wbengine - ok
20:12:33.0043 5916 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:12:33.0043 5916 WbioSrvc - ok
20:12:33.0090 5916 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:12:33.0090 5916 wcncsvc - ok
20:12:33.0105 5916 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:12:33.0121 5916 WcsPlugInService - ok
20:12:33.0136 5916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:12:33.0136 5916 Wd - ok
20:12:33.0214 5916 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys
20:12:33.0230 5916 Wdf01000 - ok
20:12:33.0246 5916 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:12:33.0261 5916 WdiServiceHost - ok
20:12:33.0261 5916 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:12:33.0261 5916 WdiSystemHost - ok
20:12:33.0308 5916 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:12:33.0308 5916 WebClient - ok
20:12:33.0339 5916 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:12:33.0339 5916 Wecsvc - ok
20:12:33.0355 5916 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:12:33.0355 5916 wercplsupport - ok
20:12:33.0386 5916 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:12:33.0386 5916 WerSvc - ok
20:12:33.0448 5916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:12:33.0448 5916 WfpLwf - ok
20:12:33.0464 5916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:12:33.0464 5916 WIMMount - ok
20:12:33.0495 5916 WinDefend - ok
20:12:33.0511 5916 WinHttpAutoProxySvc - ok
20:12:33.0558 5916 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:12:33.0558 5916 Winmgmt - ok
20:12:33.0698 5916 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:12:33.0729 5916 WinRM - ok
20:12:34.0026 5916 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:12:34.0026 5916 Wlansvc - ok
20:12:34.0119 5916 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:12:34.0119 5916 wlcrasvc - ok
20:12:34.0291 5916 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:12:34.0322 5916 wlidsvc - ok
20:12:34.0431 5916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:12:34.0431 5916 WmiAcpi - ok
20:12:34.0478 5916 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:12:34.0494 5916 wmiApSrv - ok
20:12:34.0540 5916 WMPNetworkSvc - ok
20:12:34.0572 5916 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:12:34.0572 5916 WPCSvc - ok
20:12:34.0603 5916 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:12:34.0603 5916 WPDBusEnum - ok
20:12:34.0634 5916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:12:34.0634 5916 ws2ifsl - ok
20:12:34.0650 5916 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:12:34.0650 5916 wscsvc - ok
20:12:34.0665 5916 WSearch - ok
20:12:34.0821 5916 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:12:34.0852 5916 wuauserv - ok
20:12:34.0962 5916 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys
20:12:34.0962 5916 WudfPf - ok
20:12:34.0977 5916 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:12:34.0977 5916 WUDFRd - ok
20:12:35.0008 5916 wudfsvc (b20f051b03a966392364c83f009f7d17) C:\Windows\System32\WUDFSvc.dll
20:12:35.0008 5916 wudfsvc - ok
20:12:35.0040 5916 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:12:35.0055 5916 WwanSvc - ok
20:12:35.0102 5916 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
20:12:35.0102 5916 yukonw7 - ok
20:12:35.0133 5916 MBR (0x1B8) (c3c93f1ca51bbacbabea804d2cc62ca1) \Device\Harddisk0\DR0
20:12:35.0492 5916 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
20:12:35.0492 5916 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
20:12:35.0508 5916 MBR (0x1B8) (23b571400a29918f5392f6e85eeb756e) \Device\Harddisk1\DR2
20:12:35.0523 5916 \Device\Harddisk1\DR2 - ok
20:12:35.0523 5916 Boot (0x1200) (c87fdda5352009ddd90e82c6a0d7744a) \Device\Harddisk0\DR0\Partition0
20:12:35.0523 5916 \Device\Harddisk0\DR0\Partition0 - ok
20:12:35.0554 5916 Boot (0x1200) (4baec38957c0939dcd1020ab92a4ad5c) \Device\Harddisk0\DR0\Partition1
20:12:35.0554 5916 \Device\Harddisk0\DR0\Partition1 - ok
20:12:35.0586 5916 Boot (0x1200) (1287f65d1017f1ec414f8e13d7c586cb) \Device\Harddisk0\DR0\Partition2
20:12:35.0586 5916 \Device\Harddisk0\DR0\Partition2 - ok
20:12:35.0601 5916 Boot (0x1200) (ae0e4de109a5ac559a99fc5a9c8fe6dd) \Device\Harddisk0\DR0\Partition3
20:12:35.0617 5916 \Device\Harddisk0\DR0\Partition3 - ok
20:12:35.0617 5916 Boot (0x1200) (eacaec74de639cd4aff2e647d0324fe5) \Device\Harddisk1\DR2\Partition0
20:12:35.0617 5916 \Device\Harddisk1\DR2\Partition0 - ok
20:12:35.0617 5916 ============================================================
20:12:35.0617 5916 Scan finished
20:12:35.0617 5916 ============================================================
20:12:36.0132 20492 Detected object count: 1
20:12:36.0132 20492 Actual detected object count: 1
20:13:51.0500 20492 \Device\Harddisk0\DR0\# - copied to quarantine
20:13:51.0501 20492 \Device\Harddisk0\DR0 - copied to quarantine
20:13:51.0501 20492 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine
20:14:51.0421 7044 ============================================================
20:14:51.0421 7044 Scan started
20:14:51.0421 7044 Mode: Manual;
20:14:51.0421 7044 ============================================================
20:14:53.0953 7044 !SASCORE (581d88b25c4d4121824fed2ca38e562f) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:14:53.0954 7044 !SASCORE - ok
20:14:54.0019 7044 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:14:54.0021 7044 1394ohci - ok
20:14:54.0058 7044 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:14:54.0060 7044 ACPI - ok
20:14:54.0084 7044 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:14:54.0085 7044 AcpiPmi - ok
20:14:54.0217 7044 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:14:54.0218 7044 AdobeARMservice - ok
20:14:54.0259 7044 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:14:54.0262 7044 adp94xx - ok
20:14:54.0297 7044 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:14:54.0300 7044 adpahci - ok
20:14:54.0330 7044 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:14:54.0332 7044 adpu320 - ok
20:14:54.0363 7044 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:14:54.0364 7044 AeLookupSvc - ok
20:14:54.0424 7044 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:14:54.0427 7044 AFD - ok
20:14:54.0470 7044 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:14:54.0471 7044 agp440 - ok
20:14:54.0510 7044 aksdf (44f360b65c37a42eb5b71c2e5179fdd5) C:\Windows\system32\drivers\aksdf.sys
20:14:54.0511 7044 aksdf - ok
20:14:54.0539 7044 aksfridge (43415af4f20e9867974623840a22fe98) C:\Windows\system32\DRIVERS\aksfridge.sys
20:14:54.0540 7044 aksfridge - ok
20:14:54.0585 7044 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
20:14:54.0586 7044 akshasp - ok
20:14:54.0603 7044 akshhl (bc0ee7f8d0be561793b80871f4f10627) C:\Windows\system32\DRIVERS\akshhl.sys
20:14:54.0604 7044 akshhl - ok
20:14:54.0612 7044 aksusb (27f2e2c89a1855b063fcac21eb7d6a73) C:\Windows\system32\DRIVERS\aksusb.sys
20:14:54.0613 7044 aksusb - ok
20:14:54.0634 7044 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:14:54.0635 7044 ALG - ok
20:14:54.0662 7044 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:14:54.0662 7044 aliide - ok
20:14:54.0669 7044 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:14:54.0670 7044 amdide - ok
20:14:54.0704 7044 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:14:54.0705 7044 AmdK8 - ok
20:14:54.0721 7044 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:14:54.0721 7044 AmdPPM - ok
20:14:54.0735 7044 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:14:54.0736 7044 amdsata - ok
20:14:54.0764 7044 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:14:54.0766 7044 amdsbs - ok
20:14:54.0781 7044 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:14:54.0782 7044 amdxata - ok
20:14:54.0821 7044 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:14:54.0822 7044 AppID - ok
20:14:54.0845 7044 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:14:54.0846 7044 AppIDSvc - ok
20:14:54.0875 7044 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:14:54.0876 7044 Appinfo - ok
20:14:54.0899 7044 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:14:54.0900 7044 arc - ok
20:14:54.0926 7044 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:14:54.0927 7044 arcsas - ok
20:14:54.0943 7044 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:14:54.0944 7044 AsyncMac - ok
20:14:54.0974 7044 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:14:54.0975 7044 atapi - ok
20:14:55.0040 7044 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:14:55.0045 7044 AudioEndpointBuilder - ok
20:14:55.0052 7044 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:14:55.0057 7044 AudioSrv - ok
20:14:55.0097 7044 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:14:55.0098 7044 AxInstSV - ok
20:14:55.0131 7044 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:14:55.0134 7044 b06bdrv - ok
20:14:55.0163 7044 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:14:55.0165 7044 b57nd60a - ok
20:14:55.0232 7044 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:14:55.0234 7044 BBSvc - ok
20:14:55.0492 7044 BCM43XX (461e574d7967e895640109a371a912a5) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:14:55.0520 7044 BCM43XX - ok
20:14:55.0628 7044 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:14:55.0629 7044 BDESVC - ok
20:14:55.0672 7044 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:14:55.0673 7044 Beep - ok
20:14:55.0741 7044 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:14:55.0745 7044 BFE - ok
20:14:55.0949 7044 BHDrvx64 (7b56a40eaaacf1867ff178501d3ea185) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20130412.001\BHDrvx64.sys
20:14:55.0957 7044 BHDrvx64 - ok
20:14:56.0086 7044 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:14:56.0093 7044 BITS - ok
20:14:56.0129 7044 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:14:56.0130 7044 blbdrive - ok
20:14:56.0158 7044 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:14:56.0159 7044 bowser - ok
20:14:56.0174 7044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:14:56.0175 7044 BrFiltLo - ok
20:14:56.0190 7044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:14:56.0190 7044 BrFiltUp - ok
20:14:56.0261 7044 Browser (05f5a0d14a2ee1d8255c2aa0e9e8e694) C:\Windows\System32\browser.dll
20:14:56.0263 7044 Browser - ok
20:14:56.0298 7044 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:14:56.0300 7044 Brserid - ok
20:14:56.0311 7044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:14:56.0312 7044 BrSerWdm - ok
20:14:56.0335 7044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:14:56.0335 7044 BrUsbMdm - ok
20:14:56.0346 7044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:14:56.0347 7044 BrUsbSer - ok
20:14:56.0382 7044 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:14:56.0383 7044 BthEnum - ok
20:14:56.0395 7044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:14:56.0396 7044 BTHMODEM - ok
20:14:56.0422 7044 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:14:56.0423 7044 BthPan - ok
20:14:56.0465 7044 BTHPORT (738d0e9272f59eb7a1449c3ec118e6c4) C:\Windows\System32\Drivers\BTHport.sys
20:14:56.0469 7044 BTHPORT - ok
20:14:56.0494 7044 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:14:56.0495 7044 bthserv - ok
20:14:56.0518 7044 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:14:56.0519 7044 BTHUSB - ok
20:14:56.0554 7044 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
20:14:56.0557 7044 btwampfl - ok
20:14:56.0576 7044 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
20:14:56.0577 7044 btwaudio - ok
20:14:56.0595 7044 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\DRIVERS\btwavdt.sys
20:14:56.0597 7044 btwavdt - ok
20:14:56.0707 7044 btwdins (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:14:56.0713 7044 btwdins - ok
20:14:56.0744 7044 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:14:56.0745 7044 btwl2cap - ok
20:14:56.0758 7044 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
20:14:56.0759 7044 btwrchid - ok
20:14:56.0851 7044 ccSet_N360 (2c6ffcca37b002aab3c7c31a6d780a76) C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys
20:14:56.0853 7044 ccSet_N360 - ok
20:14:56.0882 7044 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:14:56.0883 7044 cdfs - ok
20:14:56.0921 7044 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:14:56.0922 7044 cdrom - ok
20:14:56.0954 7044 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:14:56.0956 7044 CertPropSvc - ok
20:14:56.0970 7044 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:14:56.0971 7044 circlass - ok
20:14:57.0007 7044 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:14:57.0009 7044 CLFS - ok
20:14:57.0078 7044 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:14:57.0079 7044 clr_optimization_v2.0.50727_32 - ok
20:14:57.0167 7044 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:14:57.0168 7044 clr_optimization_v2.0.50727_64 - ok
20:14:57.0252 7044 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:14:57.0254 7044 clr_optimization_v4.0.30319_32 - ok
20:14:57.0304 7044 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:14:57.0306 7044 clr_optimization_v4.0.30319_64 - ok
20:14:57.0333 7044 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
20:14:57.0334 7044 clwvd - ok
20:14:57.0353 7044 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:14:57.0354 7044 CmBatt - ok
20:14:57.0387 7044 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:14:57.0389 7044 cmdide - ok
20:14:57.0440 7044 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:14:57.0446 7044 CNG - ok
20:14:57.0474 7044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am

Re: Google links redirecting

Unread postby jeffhma » May 1st, 2013, 10:45 am

1st TDSS part 2

\compbatt.sys
20:14:57.0478 7044 Compbatt - ok
20:14:57.0524 7044 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:14:57.0525 7044 CompositeBus - ok
20:14:57.0534 7044 COMSysApp - ok
20:14:57.0560 7044 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:14:57.0561 7044 crcdisk - ok
20:14:57.0598 7044 CryptSvc (9c01375be382e834cc26d1b7eaf2c4fe) C:\Windows\system32\cryptsvc.dll
20:14:57.0601 7044 CryptSvc - ok
20:14:57.0650 7044 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:14:57.0657 7044 DcomLaunch - ok
20:14:57.0696 7044 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:14:57.0701 7044 defragsvc - ok
20:14:57.0740 7044 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:14:57.0742 7044 DfsC - ok
20:14:57.0792 7044 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:14:57.0796 7044 Dhcp - ok
20:14:57.0832 7044 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:14:57.0834 7044 discache - ok
20:14:57.0859 7044 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:14:57.0861 7044 Disk - ok
20:14:57.0900 7044 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:14:57.0902 7044 Dnscache - ok
20:14:57.0941 7044 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:14:57.0945 7044 dot3svc - ok
20:14:57.0969 7044 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:14:57.0972 7044 DPS - ok
20:14:57.0991 7044 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:14:57.0992 7044 drmkaud - ok
20:14:58.0074 7044 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:14:58.0086 7044 DXGKrnl - ok
20:14:58.0111 7044 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:14:58.0113 7044 EapHost - ok
20:14:58.0287 7044 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:14:58.0324 7044 ebdrv - ok
20:14:58.0425 7044 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:14:58.0429 7044 eeCtrl - ok
20:14:58.0514 7044 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:14:58.0516 7044 EFS - ok
20:14:58.0586 7044 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:14:58.0595 7044 ehRecvr - ok
20:14:58.0618 7044 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:14:58.0620 7044 ehSched - ok
20:14:58.0699 7044 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:14:58.0706 7044 elxstor - ok
20:14:58.0793 7044 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:14:58.0795 7044 EraserUtilRebootDrv - ok
20:14:58.0825 7044 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:14:58.0826 7044 ErrDev - ok
20:14:58.0877 7044 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:14:58.0880 7044 EventSystem - ok
20:14:58.0918 7044 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:14:58.0921 7044 exfat - ok
20:14:58.0948 7044 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:14:58.0952 7044 fastfat - ok
20:14:59.0012 7044 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:14:59.0025 7044 Fax - ok
20:14:59.0039 7044 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:14:59.0040 7044 fdc - ok
20:14:59.0054 7044 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:14:59.0056 7044 fdPHost - ok
20:14:59.0067 7044 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:14:59.0069 7044 FDResPub - ok
20:14:59.0094 7044 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:14:59.0096 7044 FileInfo - ok
20:14:59.0108 7044 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:14:59.0109 7044 Filetrace - ok
20:14:59.0122 7044 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:14:59.0124 7044 flpydisk - ok
20:14:59.0176 7044 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:14:59.0180 7044 FltMgr - ok
20:14:59.0259 7044 FontCache (c4c183e6551084039ec862da1c945e3d) C:\Windows\system32\FntCache.dll
20:14:59.0272 7044 FontCache - ok
20:14:59.0352 7044 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:14:59.0353 7044 FontCache3.0.0.0 - ok
20:14:59.0395 7044 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:14:59.0396 7044 FsDepends - ok
20:14:59.0420 7044 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:14:59.0422 7044 Fs_Rec - ok
20:14:59.0456 7044 fvevol (8f6322049018354f45f05a2fd2d4e5e0) C:\Windows\system32\DRIVERS\fvevol.sys
20:14:59.0460 7044 fvevol - ok
20:14:59.0481 7044 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:14:59.0483 7044 gagp30kx - ok
20:14:59.0559 7044 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:14:59.0562 7044 GameConsoleService - ok
20:14:59.0616 7044 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:14:59.0626 7044 gpsvc - ok
20:14:59.0686 7044 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:14:59.0687 7044 gupdate - ok
20:14:59.0692 7044 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:14:59.0693 7044 gupdatem - ok
20:14:59.0735 7044 gusvc (5d4bc124faae6730ac002cdb67bf1a1c) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:14:59.0738 7044 gusvc - ok
20:14:59.0817 7044 hardlock (d619ba1712b83d14149850e758b835ad) C:\Windows\system32\drivers\hardlock.sys
20:14:59.0820 7044 hardlock - ok
20:14:59.0824 7044 hasplms - ok
20:14:59.0845 7044 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:14:59.0846 7044 hcw85cir - ok
20:14:59.0889 7044 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:14:59.0893 7044 HdAudAddService - ok
20:14:59.0920 7044 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:14:59.0922 7044 HDAudBus - ok
20:14:59.0947 7044 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:14:59.0948 7044 HECIx64 - ok
20:14:59.0961 7044 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:14:59.0963 7044 HidBatt - ok
20:14:59.0987 7044 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:14:59.0989 7044 HidBth - ok
20:15:00.0015 7044 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:15:00.0017 7044 HidIr - ok
20:15:00.0029 7044 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:15:00.0031 7044 hidserv - ok
20:15:00.0049 7044 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:15:00.0050 7044 HidUsb - ok
20:15:00.0102 7044 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:15:00.0104 7044 hkmsvc - ok
20:15:00.0145 7044 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:15:00.0149 7044 HomeGroupListener - ok
20:15:00.0190 7044 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:15:00.0194 7044 HomeGroupProvider - ok
20:15:00.0292 7044 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:15:00.0293 7044 HP Support Assistant Service - ok
20:15:00.0355 7044 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:15:00.0357 7044 HP Wireless Assistant Service - ok
20:15:00.0390 7044 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:15:00.0392 7044 HPClientSvc - ok
20:15:00.0473 7044 hpqwmiex (514455f6586473791c5c6b25ba4e1bab) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:15:00.0485 7044 hpqwmiex - ok
20:15:00.0592 7044 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:15:00.0594 7044 HpSAMD - ok
20:15:00.0679 7044 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:15:00.0689 7044 HTTP - ok
20:15:00.0731 7044 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:15:00.0733 7044 hwpolicy - ok
20:15:00.0763 7044 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:15:00.0766 7044 i8042prt - ok
20:15:00.0827 7044 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
20:15:00.0832 7044 iaStor - ok
20:15:00.0895 7044 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:15:00.0896 7044 IAStorDataMgrSvc - ok
20:15:00.0942 7044 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:15:00.0947 7044 iaStorV - ok
20:15:01.0069 7044 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:01.0080 7044 idsvc - ok
20:15:01.0263 7044 IDSVia64 (a48928d4cca6f8b731989db08cf2c0ab) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20130425.001\IDSvia64.sys
20:15:01.0267 7044 IDSVia64 - ok
20:15:02.0021 7044 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:15:02.0280 7044 igfx - ok
20:15:02.0376 7044 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:15:02.0377 7044 iirsp - ok
20:15:02.0444 7044 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:15:02.0456 7044 IKEEXT - ok
20:15:02.0485 7044 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
20:15:02.0488 7044 Impcd - ok
20:15:02.0540 7044 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:15:02.0544 7044 IntcDAud - ok
20:15:02.0576 7044 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:15:02.0578 7044 intelide - ok
20:15:02.0610 7044 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:15:02.0612 7044 intelppm - ok
20:15:02.0642 7044 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:15:02.0648 7044 IPBusEnum - ok
20:15:02.0673 7044 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:02.0675 7044 IpFilterDriver - ok
20:15:02.0731 7044 iphlpsvc (08c2957bb30058e663720c5606885653) C:\Windows\System32\iphlpsvc.dll
20:15:02.0739 7044 iphlpsvc - ok
20:15:02.0773 7044 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:15:02.0775 7044 IPMIDRV - ok
20:15:02.0818 7044 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:15:02.0821 7044 IPNAT - ok
20:15:02.0835 7044 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:15:02.0836 7044 IRENUM - ok
20:15:02.0855 7044 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:15:02.0856 7044 isapnp - ok
20:15:02.0886 7044 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:15:02.0890 7044 iScsiPrt - ok
20:15:02.0914 7044 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:15:02.0916 7044 kbdclass - ok
20:15:02.0954 7044 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:15:02.0956 7044 kbdhid - ok
20:15:02.0992 7044 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:15:02.0994 7044 KeyIso - ok
20:15:03.0033 7044 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:15:03.0035 7044 KSecDD - ok
20:15:03.0076 7044 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:15:03.0079 7044 KSecPkg - ok
20:15:03.0110 7044 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:15:03.0112 7044 ksthunk - ok
20:15:03.0152 7044 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:15:03.0161 7044 KtmRm - ok
20:15:03.0198 7044 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:15:03.0201 7044 LanmanServer - ok
20:15:03.0230 7044 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:15:03.0234 7044 LanmanWorkstation - ok
20:15:03.0300 7044 LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:15:03.0301 7044 LightScribeService - ok
20:15:03.0317 7044 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:15:03.0319 7044 lltdio - ok
20:15:03.0351 7044 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:15:03.0355 7044 lltdsvc - ok
20:15:03.0370 7044 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:15:03.0372 7044 lmhosts - ok
20:15:03.0439 7044 LMS (0405f4bcd1c7a7b309f620fe0b5de5e6) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:15:03.0441 7044 LMS - ok
20:15:03.0474 7044 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:03.0476 7044 LSI_FC - ok
20:15:03.0507 7044 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:03.0509 7044 LSI_SAS - ok
20:15:03.0529 7044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:03.0531 7044 LSI_SAS2 - ok
20:15:03.0565 7044 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:03.0568 7044 LSI_SCSI - ok
20:15:03.0586 7044 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:15:03.0589 7044 luafv - ok
20:15:03.0638 7044 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:15:03.0641 7044 Mcx2Svc - ok
20:15:03.0695 7044 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:15:03.0696 7044 megasas - ok
20:15:03.0732 7044 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:03.0735 7044 MegaSR - ok
20:15:03.0773 7044 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:15:03.0775 7044 MMCSS - ok
20:15:03.0816 7044 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:15:03.0818 7044 Modem - ok
20:15:03.0841 7044 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:15:03.0842 7044 monitor - ok
20:15:03.0878 7044 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:15:03.0880 7044 mouclass - ok
20:15:03.0907 7044 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:15:03.0908 7044 mouhid - ok
20:15:03.0942 7044 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:15:03.0944 7044 mountmgr - ok
20:15:03.0983 7044 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:15:03.0985 7044 mpio - ok
20:15:04.0015 7044 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:15:04.0017 7044 mpsdrv - ok
20:15:04.0135 7044 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:15:04.0163 7044 MpsSvc - ok
20:15:04.0191 7044 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:15:04.0193 7044 MRxDAV - ok
20:15:04.0231 7044 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:04.0233 7044 mrxsmb - ok
20:15:04.0291 7044 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:04.0295 7044 mrxsmb10 - ok
20:15:04.0324 7044 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:04.0327 7044 mrxsmb20 - ok
20:15:04.0394 7044 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:15:04.0396 7044 msahci - ok
20:15:04.0436 7044 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:15:04.0439 7044 msdsm - ok
20:15:04.0489 7044 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:15:04.0493 7044 MSDTC - ok
20:15:04.0542 7044 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:15:04.0544 7044 Msfs - ok
20:15:04.0570 7044 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:15:04.0572 7044 mshidkmdf - ok
20:15:04.0601 7044 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:15:04.0604 7044 msisadrv - ok
20:15:04.0631 7044 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:15:04.0634 7044 MSiSCSI - ok
20:15:04.0640 7044 msiserver - ok
20:15:04.0651 7044 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:15:04.0652 7044 MSKSSRV - ok
20:15:04.0664 7044 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:04.0665 7044 MSPCLOCK - ok
20:15:04.0677 7044 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:15:04.0678 7044 MSPQM - ok
20:15:04.0733 7044 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:15:04.0738 7044 MsRPC - ok
20:15:04.0779 7044 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:15:04.0781 7044 mssmbios - ok
20:15:04.0806 7044 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:15:04.0807 7044 MSTEE - ok
20:15:04.0820 7044 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:04.0822 7044 MTConfig - ok
20:15:04.0841 7044 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:15:04.0843 7044 Mup - ok
20:15:04.0921 7044 N360 (f2840dbfe9322f35557219ae82cc4597) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
20:15:04.0925 7044 N360 - ok
20:15:04.0980 7044 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:15:04.0986 7044 napagent - ok
20:15:05.0032 7044 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:15:05.0037 7044 NativeWifiP - ok
20:15:05.0197 7044 NAVENG (88a2f45ce66b904285978d6bb13afeb2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130426.017\ENG64.SYS
20:15:05.0200 7044 NAVENG - ok
20:15:05.0318 7044 NAVEX15 (d2a545da3a90bbfa40e020c23f1b7a48) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130426.017\EX64.SYS
20:15:05.0342 7044 NAVEX15 - ok
20:15:05.0506 7044 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys
20:15:05.0512 7044 NDIS - ok
20:15:05.0540 7044 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:05.0541 7044 NdisCap - ok
20:15:05.0550 7044 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:05.0552 7044 NdisTapi - ok
20:15:05.0582 7044 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:05.0583 7044 Ndisuio - ok
20:15:05.0634 7044 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:05.0637 7044 NdisWan - ok
20:15:05.0693 7044 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:15:05.0695 7044 NDProxy - ok
20:15:05.0718 7044 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:15:05.0721 7044 NetBIOS - ok
20:15:05.0762 7044 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:15:05.0765 7044 NetBT - ok
20:15:05.0803 7044 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:15:05.0805 7044 Netlogon - ok
20:15:05.0837 7044 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:15:05.0843 7044 Netman - ok
20:15:05.0880 7044 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:15:05.0886 7044 netprofm - ok
20:15:06.0021 7044 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:06.0025 7044 NetTcpPortSharing - ok
20:15:06.0293 7044 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
20:15:06.0348 7044 netw5v64 - ok
20:15:06.0459 7044 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:06.0461 7044 nfrd960 - ok
20:15:06.0508 7044 NlaSvc (8ad77806d336673f270db31645267293) C:\Windows\System32\nlasvc.dll
20:15:06.0513 7044 NlaSvc - ok
20:15:06.0538 7044 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:15:06.0540 7044 Npfs - ok
20:15:06.0562 7044 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:15:06.0564 7044 nsi - ok
20:15:06.0577 7044 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:15:06.0578 7044 nsiproxy - ok
20:15:06.0680 7044 Ntfs (b8965fb53551b5455630a4b804d0791f) C:\Windows\system32\drivers\Ntfs.sys
20:15:06.0698 7044 Ntfs - ok
20:15:06.0811 7044 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:15:06.0812 7044 Null - ok
20:15:06.0840 7044 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:15:06.0843 7044 nvraid - ok
20:15:06.0862 7044 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:15:06.0865 7044 nvstor - ok
20:15:06.0888 7044 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:15:06.0891 7044 nv_agp - ok
20:15:06.0998 7044 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:15:07.0002 7044 odserv - ok
20:15:07.0027 7044 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:15:07.0029 7044 ohci1394 - ok
20:15:07.0056 7044 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:07.0057 7044 ose - ok
20:15:07.0100 7044 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:15:07.0105 7044 p2pimsvc - ok
20:15:07.0140 7044 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:15:07.0147 7044 p2psvc - ok
20:15:07.0186 7044 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:15:07.0189 7044 Parport - ok
20:15:07.0220 7044 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:15:07.0222 7044 partmgr - ok
20:15:07.0239 7044 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:15:07.0243 7044 PcaSvc - ok
20:15:07.0280 7044 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:15:07.0283 7044 pci - ok
20:15:07.0300 7044 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:15:07.0301 7044 pciide - ok
20:15:07.0332 7044 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:07.0335 7044 pcmcia - ok
20:15:07.0362 7044 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:15:07.0364 7044 pcw - ok
20:15:07.0413 7044 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:15:07.0421 7044 PEAUTH - ok
20:15:07.0482 7044 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:15:07.0484 7044 PerfHost - ok
20:15:07.0571 7044 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:15:07.0587 7044 pla - ok
20:15:07.0629 7044 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:15:07.0635 7044 PlugPlay - ok
20:15:07.0656 7044 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:15:07.0659 7044 PNRPAutoReg - ok
20:15:07.0697 7044 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:15:07.0700 7044 PNRPsvc - ok
20:15:07.0760 7044 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:15:07.0767 7044 PolicyAgent - ok
20:15:07.0809 7044 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:15:07.0813 7044 Power - ok
20:15:07.0869 7044 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:15:07.0872 7044 PptpMiniport - ok
20:15:07.0891 7044 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:15:07.0893 7044 Processor - ok
20:15:07.0931 7044 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:15:07.0936 7044 ProfSvc - ok
20:15:07.0970 7044 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:15:07.0971 7044 ProtectedStorage - ok
20:15:08.0006 7044 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:15:08.0008 7044 Psched - ok
20:15:08.0080 7044 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:15:08.0098 7044 ql2300 - ok
20:15:08.0200 7044 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:08.0202 7044 ql40xx - ok
20:15:08.0233 7044 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:15:08.0237 7044 QWAVE - ok
20:15:08.0264 7044 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:15:08.0265 7044 QWAVEdrv - ok
20:15:08.0283 7044 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:15:08.0285 7044 RasAcd - ok
20:15:08.0311 7044 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:08.0312 7044 RasAgileVpn - ok
20:15:08.0332 7044 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:15:08.0335 7044 RasAuto - ok
20:15:08.0375 7044 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:08.0378 7044 Rasl2tp - ok
20:15:08.0425 7044 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:15:08.0431 7044 RasMan - ok
20:15:08.0449 7044 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:08.0451 7044 RasPppoe - ok
20:15:08.0480 7044 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:15:08.0482 7044 RasSstp - ok
20:15:08.0511 7044 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:15:08.0516 7044 rdbss - ok
20:15:08.0533 7044 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:08.0535 7044 rdpbus - ok
20:15:08.0553 7044 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:08.0554 7044 RDPCDD - ok
20:15:08.0562 7044 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:15:08.0564 7044 RDPENCDD - ok
20:15:08.0579 7044 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:15:08.0581 7044 RDPREFMP - ok
20:15:08.0622 7044 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:15:08.0626 7044 RDPWD - ok
20:15:08.0667 7044 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:15:08.0670 7044 rdyboost - ok
20:15:08.0752 7044 ReadingFanatic_6xService (622fcf264119f7df127be353f796b319) C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe
20:15:08.0753 7044 ReadingFanatic_6xService - ok
20:15:08.0775 7044 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:15:08.0777 7044 RemoteAccess - ok
20:15:08.0806 7044 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:15:08.0809 7044 RemoteRegistry - ok
20:15:08.0837 7044 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:15:08.0840 7044 RFCOMM - ok
20:15:08.0903 7044 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
20:15:08.0906 7044 RoxioNow Service - ok
20:15:08.0914 7044 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:15:08.0917 7044 RpcEptMapper - ok
20:15:08.0930 7044 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:15:08.0932 7044 RpcLocator - ok
20:15:08.0986 7044 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:15:08.0993 7044 RpcSs - ok
20:15:09.0028 7044 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
20:15:09.0034 7044 RSPCIESTOR - ok
20:15:09.0070 7044 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:15:09.0072 7044 rspndr - ok
20:15:09.0129 7044 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:15:09.0135 7044 RTL8167 - ok
20:15:09.0170 7044 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:15:09.0172 7044 SamSs - ok
20:15:09.0235 7044 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:15:09.0236 7044 SASDIFSV - ok
20:15:09.0249 7044 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:15:09.0250 7044 SASKUTIL - ok
20:15:09.0296 7044 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:15:09.0298 7044 sbp2port - ok
20:15:09.0331 7044 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:15:09.0335 7044 SCardSvr - ok
20:15:09.0380 7044 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:15:09.0382 7044 scfilter - ok
20:15:09.0635 7044 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:15:09.0667 7044 Schedule - ok
20:15:09.0885 7044 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:15:09.0885 7044 SCPolicySvc - ok
20:15:09.0963 7044 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:15:09.0979 7044 sdbus - ok
20:15:10.0041 7044 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:15:10.0041 7044 SDRSVC - ok
20:15:10.0150 7044 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:15:10.0150 7044 SeaPort - ok
20:15:10.0181 7044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:15:10.0181 7044 secdrv - ok
20:15:10.0213 7044 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:15:10.0213 7044 seclogon - ok
20:15:10.0259 7044 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:15:10.0259 7044 SENS - ok
20:15:10.0291 7044 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:15:10.0291 7044 SensrSvc - ok
20:15:10.0322 7044 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:15:10.0322 7044 Serenum - ok
20:15:10.0337 7044 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:15:10.0337 7044 Serial - ok
20:15:10.0384 7044 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:15:10.0384 7044 sermouse - ok
20:15:10.0462 7044 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:15:10.0462 7044 SessionEnv - ok
20:15:10.0493 7044 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:15:10.0493 7044 sffdisk - ok
20:15:10.0509 7044 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:15:10.0509 7044 sffp_mmc - ok
20:15:10.0525 7044 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:15:10.0525 7044 sffp_sd - ok
20:15:10.0556 7044 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:10.0556 7044 sfloppy - ok
20:15:10.0618 7044 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:15:10.0618 7044 SharedAccess - ok
20:15:10.0681 7044 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:15:10.0681 7044 ShellHWDetection - ok
20:15:10.0712 7044 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:10.0712 7044 SiSRaid2 - ok
20:15:10.0743 7044 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:10.0743 7044 SiSRaid4 - ok
20:15:10.0759 7044 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:15:10.0774 7044 Smb - ok
20:15:10.0790 7044 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:15:10.0790 7044 SNMPTRAP - ok
20:15:10.0805 7044 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:15:10.0805 7044 spldr - ok
20:15:10.0868 7044 Spooler (85daa09a98c9286d4ea2ba8d0e644377) C:\Windows\System32\spoolsv.exe
20:15:10.0883 7044 Spooler - ok
20:15:11.0164 7044 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:15:11.0195 7044 sppsvc - ok
20:15:11.0305 7044 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:15:11.0305 7044 sppuinotify - ok
20:15:11.0445 7044 SRTSP (891793e00432fa055cf040605c260e49) C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS
20:15:11.0461 7044 SRTSP - ok
20:15:11.0476 7044 SRTSPX (1cb7bb3b0561fb5ecfe37f7731e8bf3e) C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS
20:15:11.0476 7044 SRTSPX - ok
20:15:11.0539 7044 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:15:11.0554 7044 srv - ok
20:15:11.0601 7044 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:15:11.0601 7044 srv2 - ok
20:15:11.0648 7044 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:15:11.0663 7044 SrvHsfHDA - ok
20:15:11.0804 7044 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:15:11.0835 7044 SrvHsfV92 - ok
20:15:12.0007 7044 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:15:12.0007 7044 SrvHsfWinac - ok
20:15:12.0053 7044 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:15:12.0053 7044 srvnet - ok
20:15:12.0100 7044 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:15:12.0100 7044 SSDPSRV - ok
20:15:12.0116 7044 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:15:12.0116 7044 SstpSvc - ok
20:15:12.0209 7044 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
20:15:12.0225 7044 STacSV - ok
20:15:12.0256 7044 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:15:12.0256 7044 stexstor - ok
20:15:12.0319 7044 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
20:15:12.0319 7044 STHDA - ok
20:15:12.0397 7044 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:15:12.0397 7044 stisvc - ok
20:15:12.0428 7044 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:15:12.0428 7044 swenum - ok
20:15:12.0490 7044 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:15:12.0506 7044 swprv - ok
20:15:12.0599 7044 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS
20:15:12.0599 7044 SymDS - ok
20:15:12.0724 7044 SymEFA (5cb7f2fd7e30a0f52f93574bfc3a8041) C:\Windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS
20:15:12.0740 7044 SymEFA - ok
20:15:12.0771 7044 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:15:12.0787 7044 SymEvent - ok
20:15:12.0818 7044 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS
20:15:12.0833 7044 SymIRON - ok
20:15:14.0159 7044 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS
20:15:14.0175 7044 SymNetS - ok
20:15:14.0347 7044 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys
20:15:14.0362 7044 SynTP - ok
20:15:14.0627 7044 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:15:14.0643 7044 SysMain - ok
20:15:14.0768 7044 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:15:14.0768 7044 TabletInputService - ok
20:15:14.0815 7044 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:15:14.0815 7044 TapiSrv - ok
20:15:14.0846 7044 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:15:14.0846 7044 TBS - ok
20:15:15.0033 7044 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys
20:15:15.0064 7044 Tcpip - ok
20:15:15.0329 7044 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys
20:15:15.0345 7044 TCPIP6 - ok
20:15:15.0470 7044 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys
20:15:15.0470 7044 tcpipreg - ok
20:15:15.0501 7044 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:15:15.0501 7044 TDPIPE - ok
20:15:15.0548 7044 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:15:15.0548 7044 TDTCP - ok
20:15:15.0579 7044 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:15:15.0579 7044 tdx - ok
20:15:15.0610 7044 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:15:15.0610 7044 TermDD - ok
20:15:15.0673 7044 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:15:15.0688 7044 TermService - ok
20:15:15.0719 7044 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:15:15.0719 7044 Themes - ok
20:15:15.0751 7044 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:15:15.0766 7044 THREADORDER - ok
20:15:15.0797 7044 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:15:15.0797 7044 TrkWks - ok
20:15:15.0875 7044 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:15:15.0875 7044 TrustedInstaller - ok
20:15:15.0922 7044 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:15.0922 7044 tssecsrv - ok
20:15:15.0953 7044 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:15:15.0969 7044 TsUsbFlt - ok
20:15:16.0016 7044 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:15:16.0016 7044 tunnel - ok
20:15:16.0047 7044 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:15:16.0063 7044 uagp35 - ok
20:15:16.0094 7044 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:15:16.0109 7044 udfs - ok
20:15:16.0141 7044 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:15:16.0141 7044 UI0Detect - ok
20:15:16.0172 7044 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:15:16.0187 7044 uliagpkx - ok
20:15:16.0203 7044 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:15:16.0219 7044 umbus - ok
20:15:16.0250 7044 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:15:16.0250 7044 UmPass - ok
20:15:16.0577 7044 UNS (6f895ca96552069b3d3ef5b4f6e90d3e) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:15:16.0609 7044 UNS - ok
20:15:16.0733 7044 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:15:16.0733 7044 upnphost - ok
20:15:16.0796 7044 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:16.0796 7044 usbccgp - ok
20:15:16.0811 7044 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:15:16.0811 7044 usbcir - ok
20:15:16.0843 7044 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:15:16.0843 7044 usbehci - ok
20:15:16.0874 7044 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:15:16.0889 7044 usbhub - ok
20:15:16.0905 7044 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:15:16.0905 7044 usbohci - ok
20:15:16.0921 7044 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:15:16.0921 7044 usbprint - ok
20:15:16.0967 7044 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:15:16.0967 7044 usbscan - ok
20:15:16.0983 7044 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:16.0983 7044 USBSTOR - ok
20:15:17.0030 7044 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:15:17.0030 7044 usbuhci - ok
20:15:17.0045 7044 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:15:17.0061 7044 usbvideo - ok
20:15:17.0092 7044 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:15:17.0092 7044 UxSms - ok
20:15:17.0139 7044 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:15:17.0139 7044 VaultSvc - ok
20:15:17.0139 7044 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:15:17.0155 7044 vdrvroot - ok
20:15:17.0217 7044 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:15:17.0233 7044 vds - ok
20:15:17.0264 7044 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:17.0264 7044 vga - ok
20:15:17.0279 7044 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:15:17.0279 7044 VgaSave - ok
20:15:17.0326 7044 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:15:17.0326 7044 vhdmp - ok
20:15:17.0342 7044 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:15:17.0342 7044 viaide - ok
20:15:17.0373 7044 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:15:17.0373 7044 volmgr - ok
20:15:17.0420 7044 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:15:17.0420 7044 volmgrx - ok
20:15:17.0482 7044 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:15:17.0482 7044 volsnap - ok
20:15:17.0513 7044 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:17.0513 7044 vsmraid - ok
20:15:17.0545 7044 VsmRWDriver (0b4832b848d016622e0f2f136e4715fd) C:\Windows\system32\DRIVERS\VsmRWDriver.sys
20:15:17.0545 7044 VsmRWDriver - ok
20:15:17.0716 7044 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:15:17.0747 7044 VSS - ok
20:15:17.0919 7044 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:15:17.0919 7044 vwifibus - ok
20:15:17.0935 7044 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:15:17.0935 7044 vwififlt - ok
20:15:17.0997 7044 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:15:18.0013 7044 W32Time - ok
20:15:18.0059 7044 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:15:18.0059 7044 WacomPen - ok
20:15:18.0091 7044 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:15:18.0091 7044 WANARP - ok
20:15:18.0091 7044 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:15:18.0106 7044 Wanarpv6 - ok
20:15:18.0262 7044 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:15:18.0293 7044 WatAdminSvc - ok
20:15:18.0418 7044 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:15:18.0434 7044 wbengine - ok
20:15:18.0574 7044 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:15:18.0590 7044 WbioSrvc - ok
20:15:18.0637 7044 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:15:18.0652 7044 wcncsvc - ok
20:15:18.0668 7044 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:15:18.0668 7044 WcsPlugInService - ok
20:15:18.0699 7044 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:15:18.0699 7044 Wd - ok
20:15:18.0793 7044 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys
20:15:18.0793 7044 Wdf01000 - ok
20:15:18.0824 7044 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:15:18.0824 7044 WdiServiceHost - ok
20:15:18.0839 7044 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:15:18.0839 7044 WdiSystemHost - ok
20:15:18.0886 7044 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:15:18.0886 7044 WebClient - ok
20:15:18.0917 7044 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:15:18.0917 7044 Wecsvc - ok
20:15:18.0949 7044 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:15:18.0949 7044 wercplsupport - ok
20:15:18.0964 7044 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:15:18.0964 7044 WerSvc - ok
20:15:19.0027 7044 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:15:19.0027 7044 WfpLwf - ok
20:15:19.0042 7044 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:15:19.0042 7044 WIMMount - ok
20:15:19.0073 7044 WinDefend - ok
20:15:19.0073 7044 WinHttpAutoProxySvc - ok
20:15:19.0151 7044 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:15:19.0151 7044 Winmgmt - ok
20:15:19.0323 7044 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:15:19.0339 7044 WinRM - ok
20:15:19.0526 7044 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:15:19.0541 7044 Wlansvc - ok
20:15:19.0619 7044 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:15:19.0619 7044 wlcrasvc - ok
20:15:19.0916 7044 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:15:19.0947 7044 wlidsvc - ok
20:15:20.0119 7044 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:15:20.0119 7044 WmiAcpi - ok
20:15:20.0197 7044 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:15:20.0197 7044 wmiApSrv - ok
20:15:20.0243 7044 WMPNetworkSvc - ok
20:15:20.0290 7044 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:15:20.0306 7044 WPCSvc - ok
20:15:20.0337 7044 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:15:20.0337 7044 WPDBusEnum - ok
20:15:20.0384 7044 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:15:20.0384 7044 ws2ifsl - ok
20:15:20.0415 7044 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:15:20.0415 7044 wscsvc - ok
20:15:20.0431 7044 WSearch - ok
20:15:20.0680 7044 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:15:20.0711 7044 wuauserv - ok
20:15:20.0836 7044 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys
20:15:20.0836 7044 WudfPf - ok
20:15:20.0867 7044 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:15:20.0867 7044 WUDFRd - ok
20:15:20.0899 7044 wudfsvc (b20f051b03a966392364c83f009f7d17) C:\Windows\System32\WUDFSvc.dll
20:15:20.0899 7044 wudfsvc - ok
20:15:20.0930 7044 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:15:20.0945 7044 WwanSvc - ok
20:15:20.0977 7044 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
20:15:20.0992 7044 yukonw7 - ok
20:15:21.0023 7044 MBR (0x1B8) (c3c93f1ca51bbacbabea804d2cc62ca1) \Device\Harddisk0\DR0
20:15:21.0413 7044 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
20:15:21.0413 7044 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
20:15:21.0429 7044 MBR (0x1B8) (23b571400a29918f5392f6e85eeb756e) \Device\Harddisk1\DR2
20:15:21.0445 7044 \Device\Harddisk1\DR2 - ok
20:15:21.0460 7044 Boot (0x1200) (c87fdda5352009ddd90e82c6a0d7744a) \Device\Harddisk0\DR0\Partition0
20:15:21.0460 7044 \Device\Harddisk0\DR0\Partition0 - ok
20:15:21.0460 7044 Boot (0x1200) (4baec38957c0939dcd1020ab92a4ad5c) \Device\Harddisk0\DR0\Partition1
20:15:21.0460 7044 \Device\Harddisk0\DR0\Partition1 - ok
20:15:21.0491 7044 Boot (0x1200) (1287f65d1017f1ec414f8e13d7c586cb) \Device\Harddisk0\DR0\Partition2
20:15:21.0507 7044 \Device\Harddisk0\DR0\Partition2 - ok
20:15:21.0523 7044 Boot (0x1200) (ae0e4de109a5ac559a99fc5a9c8fe6dd) \Device\Harddisk0\DR0\Partition3
20:15:21.0523 7044 \Device\Harddisk0\DR0\Partition3 - ok
20:15:21.0538 7044 Boot (0x1200) (eacaec74de639cd4aff2e647d0324fe5) \Device\Harddisk1\DR2\Partition0
20:15:21.0538 7044 \Device\Harddisk1\DR2\Partition0 - ok
20:15:21.0538 7044 ============================================================
20:15:21.0538 7044 Scan finished
20:15:21.0538 7044 ============================================================
20:15:21.0554 43536 Detected object count: 1
20:15:21.0554 43536 Actual detected object count: 1
20:15:29.0978 43536 \Device\Harddisk0\DR0\# - copied to quarantine
20:15:29.0978 43536 \Device\Harddisk0\DR0 - copied to quarantine
20:15:29.0978 43536 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine
20:16:37.0479 67876 Deinitialize success
32
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am

Re: Google links redirecting

Unread postby jeffhma » May 1st, 2013, 10:46 am

2nd TDSS

20:20:13.0810 67800 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
20:20:15.0823 67800 ============================================================
20:20:15.0823 67800 Current date / time: 2013/04/26 20:20:15.0823
20:20:15.0823 67800 SystemInfo:
20:20:15.0823 67800
20:20:15.0823 67800 OS Version: 6.1.7601 ServicePack: 1.0
20:20:15.0823 67800 Product type: Workstation
20:20:15.0823 67800 ComputerName: OWNER-HP
20:20:15.0823 67800 UserName: Owner
20:20:15.0823 67800 Windows directory: C:\Windows
20:20:15.0823 67800 System windows directory: C:\Windows
20:20:15.0823 67800 Running under WOW64
20:20:15.0823 67800 Processor architecture: Intel x64
20:20:15.0823 67800 Number of processors: 4
20:20:15.0823 67800 Page size: 0x1000
20:20:15.0823 67800 Boot type: Normal boot
20:20:15.0823 67800 ============================================================
20:20:16.0493 67800 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:20:16.0493 67800 Drive \Device\Harddisk1\DR3 - Size: 0xEF300000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:20:16.0509 67800 ============================================================
20:20:16.0509 67800 \Device\Harddisk0\DR0:
20:20:16.0509 67800 MBR partitions:
20:20:16.0509 67800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:20:16.0509 67800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x385CF000
20:20:16.0509 67800 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38633000, BlocksNum 0x1D1F000
20:20:16.0509 67800 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
20:20:16.0509 67800 \Device\Harddisk1\DR3:
20:20:16.0509 67800 MBR partitions:
20:20:16.0509 67800 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x7760E8
20:20:16.0509 67800 ============================================================
20:20:16.0525 67800 C: <-> \Device\Harddisk0\DR0\Partition2
20:20:16.0571 67800 D: <-> \Device\Harddisk0\DR0\Partition3
20:20:16.0587 67800 F: <-> \Device\Harddisk0\DR0\Partition4
20:20:16.0587 67800 ============================================================
20:20:16.0587 67800 Initialize success
20:20:16.0587 67800 ============================================================
20:20:19.0065 10936 ============================================================
20:20:19.0065 10936 Scan started
20:20:19.0065 10936 Mode: Manual;
20:20:19.0065 10936 ============================================================
20:20:21.0201 10936 ================ Scan system memory ========================
20:20:21.0201 10936 System memory - ok
20:20:21.0201 10936 ================ Scan services =============================
20:20:21.0326 10936 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:20:21.0326 10936 !SASCORE - ok
20:20:21.0513 10936 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:20:21.0513 10936 1394ohci - ok
20:20:21.0529 10936 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:20:21.0529 10936 ACPI - ok
20:20:21.0560 10936 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:20:21.0560 10936 AcpiPmi - ok
20:20:21.0700 10936 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:21.0700 10936 AdobeARMservice - ok
20:20:21.0747 10936 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:20:21.0747 10936 adp94xx - ok
20:20:21.0778 10936 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:20:21.0778 10936 adpahci - ok
20:20:21.0825 10936 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:20:21.0825 10936 adpu320 - ok
20:20:21.0872 10936 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:20:21.0872 10936 AeLookupSvc - ok
20:20:21.0934 10936 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:20:21.0934 10936 AFD - ok
20:20:21.0965 10936 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:20:21.0965 10936 agp440 - ok
20:20:22.0012 10936 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf C:\Windows\system32\drivers\aksdf.sys
20:20:22.0012 10936 aksdf - ok
20:20:22.0059 10936 [ 43415AF4F20E9867974623840A22FE98 ] aksfridge C:\Windows\system32\DRIVERS\aksfridge.sys
20:20:22.0059 10936 aksfridge - ok
20:20:22.0090 10936 [ A56F1B0F967AEF8A82D7771E6D166DEF ] akshasp C:\Windows\system32\DRIVERS\akshasp.sys
20:20:22.0090 10936 akshasp - ok
20:20:22.0121 10936 [ BC0EE7F8D0BE561793B80871F4F10627 ] akshhl C:\Windows\system32\DRIVERS\akshhl.sys
20:20:22.0121 10936 akshhl - ok
20:20:22.0153 10936 [ 27F2E2C89A1855B063FCAC21EB7D6A73 ] aksusb C:\Windows\system32\DRIVERS\aksusb.sys
20:20:22.0153 10936 aksusb - ok
20:20:22.0184 10936 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:20:22.0184 10936 ALG - ok
20:20:22.0215 10936 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:20:22.0215 10936 aliide - ok
20:20:22.0231 10936 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:20:22.0231 10936 amdide - ok
20:20:22.0277 10936 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:20:22.0277 10936 AmdK8 - ok
20:20:22.0309 10936 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:20:22.0309 10936 AmdPPM - ok
20:20:22.0340 10936 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:20:22.0340 10936 amdsata - ok
20:20:22.0371 10936 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:20:22.0371 10936 amdsbs - ok
20:20:22.0402 10936 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:20:22.0402 10936 amdxata - ok
20:20:22.0496 10936 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:20:22.0496 10936 AppID - ok
20:20:22.0527 10936 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:20:22.0527 10936 AppIDSvc - ok
20:20:22.0574 10936 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:20:22.0574 10936 Appinfo - ok
20:20:22.0621 10936 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:20:22.0621 10936 arc - ok
20:20:22.0667 10936 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:20:22.0667 10936 arcsas - ok
20:20:22.0964 10936 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:22.0964 10936 AsyncMac - ok
20:20:23.0026 10936 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:20:23.0042 10936 atapi - ok
20:20:23.0073 10936 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:23.0089 10936 AudioEndpointBuilder - ok
20:20:23.0089 10936 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:20:23.0089 10936 AudioSrv - ok
20:20:23.0160 10936 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:20:23.0160 10936 AxInstSV - ok
20:20:23.0200 10936 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:20:23.0210 10936 b06bdrv - ok
20:20:23.0240 10936 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:20:23.0250 10936 b57nd60a - ok
20:20:23.0300 10936 [ DBF43DB0C648DB9101D61041E00DF5C4 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:20:23.0300 10936 BBSvc - ok
20:20:23.0420 10936 [ 461E574D7967E895640109A371A912A5 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:20:23.0450 10936 BCM43XX - ok
20:20:23.0480 10936 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:20:23.0480 10936 BDESVC - ok
20:20:23.0500 10936 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:20:23.0500 10936 Beep - ok
20:20:23.0560 10936 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:20:23.0570 10936 BFE - ok
20:20:23.0780 10936 [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20130412.001\BHDrvx64.sys
20:20:23.0790 10936 BHDrvx64 - ok
20:20:23.0840 10936 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:20:23.0850 10936 BITS - ok
20:20:23.0890 10936 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:23.0890 10936 blbdrive - ok
20:20:23.0930 10936 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:20:23.0930 10936 bowser - ok
20:20:23.0960 10936 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:20:23.0960 10936 BrFiltLo - ok
20:20:23.0990 10936 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:20:23.0990 10936 BrFiltUp - ok
20:20:24.0030 10936 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:20:24.0030 10936 Browser - ok
20:20:24.0070 10936 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:20:24.0080 10936 Brserid - ok
20:20:24.0110 10936 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:24.0110 10936 BrSerWdm - ok
20:20:24.0140 10936 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:24.0140 10936 BrUsbMdm - ok
20:20:24.0160 10936 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:24.0160 10936 BrUsbSer - ok
20:20:24.0220 10936 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:20:24.0220 10936 BthEnum - ok
20:20:24.0250 10936 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:24.0250 10936 BTHMODEM - ok
20:20:24.0270 10936 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:20:24.0270 10936 BthPan - ok
20:20:24.0310 10936 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:20:24.0320 10936 BTHPORT - ok
20:20:24.0350 10936 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:20:24.0360 10936 bthserv - ok
20:20:24.0380 10936 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:20:24.0380 10936 BTHUSB - ok
20:20:24.0430 10936 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
20:20:24.0430 10936 btwampfl - ok
20:20:24.0450 10936 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:20:24.0450 10936 btwaudio - ok
20:20:24.0480 10936 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
20:20:24.0480 10936 btwavdt - ok
20:20:24.0530 10936 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:20:24.0540 10936 btwdins - ok
20:20:24.0570 10936 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:20:24.0570 10936 btwl2cap - ok
20:20:24.0590 10936 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:20:24.0590 10936 btwrchid - ok
20:20:24.0660 10936 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys
20:20:24.0660 10936 ccSet_N360 - ok
20:20:24.0940 10936 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:20:24.0950 10936 cdfs - ok
20:20:24.0990 10936 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:20:24.0990 10936 cdrom - ok
20:20:25.0030 10936 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:20:25.0030 10936 CertPropSvc - ok
20:20:25.0050 10936 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:20:25.0050 10936 circlass - ok
20:20:25.0080 10936 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:20:25.0090 10936 CLFS - ok
20:20:25.0160 10936 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:25.0160 10936 clr_optimization_v2.0.50727_32 - ok
20:20:25.0230 10936 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:20:25.0230 10936 clr_optimization_v2.0.50727_64 - ok
20:20:25.0310 10936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:25.0310 10936 clr_optimization_v4.0.30319_32 - ok
20:20:25.0350 10936 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:20:25.0360 10936 clr_optimization_v4.0.30319_64 - ok
20:20:25.0410 10936 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:20:25.0410 10936 clwvd - ok
20:20:25.0440 10936 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:25.0440 10936 CmBatt - ok
20:20:25.0480 10936 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:20:25.0480 10936 cmdide - ok
20:20:25.0530 10936 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:20:25.0530 10936 CNG - ok
20:20:25.0570 10936 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:20:25.0570 10936 Compbatt - ok
20:20:25.0610 10936 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:20:25.0610 10936 CompositeBus - ok
20:20:25.0620 10936 COMSysApp - ok
20:20:25.0670 10936 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:20:25.0670 10936 crcdisk - ok
20:20:25.0710 10936 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:20:25.0710 10936 CryptSvc - ok
20:20:25.0760 10936 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:20:25.0770 10936 DcomLaunch - ok
20:20:25.0800 10936 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:20:25.0800 10936 defragsvc - ok
20:20:25.0860 10936 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:20:25.0860 10936 DfsC - ok
20:20:25.0890 10936 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:20:25.0900 10936 Dhcp - ok
20:20:25.0930 10936 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:20:25.0930 10936 discache - ok
20:20:26.0010 10936 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:20:26.0020 10936 Disk - ok
20:20:26.0080 10936 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:20:26.0080 10936 Dnscache - ok
20:20:26.0140 10936 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:20:26.0140 10936 dot3svc - ok
20:20:26.0200 10936 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:20:26.0210 10936 DPS - ok
20:20:26.0300 10936 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:20:26.0300 10936 drmkaud - ok
20:20:26.0390 10936 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:20:26.0400 10936 DXGKrnl - ok
20:20:26.0440 10936 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:20:26.0440 10936 EapHost - ok
20:20:26.0520 10936 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:20:26.0530 10936 ebdrv - ok
20:20:26.0630 10936 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:20:26.0640 10936 eeCtrl - ok
20:20:26.0680 10936 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:20:26.0680 10936 EFS - ok
20:20:27.0150 10936 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:20:27.0150 10936 ehRecvr - ok
20:20:27.0180 10936 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:20:27.0180 10936 ehSched - ok
20:20:27.0220 10936 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:20:27.0230 10936 elxstor - ok
20:20:27.0290 10936 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:20:27.0290 10936 EraserUtilRebootDrv - ok
20:20:27.0300 10936 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:20:27.0300 10936 ErrDev - ok
20:20:27.0340 10936 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:20:27.0340 10936 EventSystem - ok
20:20:27.0360 10936 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:20:27.0360 10936 exfat - ok
20:20:27.0390 10936 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:20:27.0400 10936 fastfat - ok
20:20:27.0470 10936 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:20:27.0470 10936 Fax - ok
20:20:27.0500 10936 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:20:27.0500 10936 fdc - ok
20:20:27.0550 10936 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:20:27.0550 10936 fdPHost - ok
20:20:27.0560 10936 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:20:27.0560 10936 FDResPub - ok
20:20:27.0600 10936 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:20:27.0600 10936 FileInfo - ok
20:20:27.0610 10936 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:20:27.0620 10936 Filetrace - ok
20:20:27.0630 10936 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:27.0630 10936 flpydisk - ok
20:20:27.0660 10936 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:20:27.0670 10936 FltMgr - ok
20:20:27.0720 10936 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:20:27.0740 10936 FontCache - ok
20:20:27.0784 10936 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:20:27.0786 10936 FontCache3.0.0.0 - ok
20:20:27.0827 10936 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:20:27.0829 10936 FsDepends - ok
20:20:27.0865 10936 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:20:27.0866 10936 Fs_Rec - ok
20:20:27.0907 10936 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:20:27.0910 10936 fvevol - ok
20:20:27.0936 10936 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:20:27.0937 10936 gagp30kx - ok
20:20:27.0998 10936 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:20:28.0002 10936 GameConsoleService - ok
20:20:28.0057 10936 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:20:28.0067 10936 gpsvc - ok
20:20:28.0150 10936 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:28.0151 10936 gupdate - ok
20:20:28.0158 10936 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:28.0159 10936 gupdatem - ok
20:20:28.0199 10936 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:28.0202 10936 gusvc - ok
20:20:28.0254 10936 [ D619BA1712B83D14149850E758B835AD ] hardlock C:\Windows\system32\drivers\hardlock.sys
20:20:28.0258 10936 hardlock - ok
20:20:28.0263 10936 hasplms - ok
20:20:28.0300 10936 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:20:28.0302 10936 hcw85cir - ok
20:20:28.0358 10936 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:28.0363 10936 HdAudAddService - ok
20:20:28.0385 10936 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:20:28.0387 10936 HDAudBus - ok
20:20:28.0424 10936 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:20:28.0425 10936 HECIx64 - ok
20:20:28.0461 10936 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:20:28.0463 10936 HidBatt - ok
20:20:28.0485 10936 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:20:28.0487 10936 HidBth - ok
20:20:28.0514 10936 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:20:28.0516 10936 HidIr - ok
20:20:28.0527 10936 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:20:28.0528 10936 hidserv - ok
20:20:28.0582 10936 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:20:28.0583 10936 HidUsb - ok
20:20:28.0615 10936 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:20:28.0616 10936 hkmsvc - ok
20:20:28.0652 10936 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:28.0657 10936 HomeGroupListener - ok
20:20:28.0764 10936 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:28.0767 10936 HomeGroupProvider - ok
20:20:28.0891 10936 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:20:28.0891 10936 HP Support Assistant Service - ok
20:20:28.0965 10936 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:20:28.0966 10936 HP Wireless Assistant Service - ok
20:20:29.0003 10936 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:20:29.0005 10936 HPClientSvc - ok
20:20:29.0072 10936 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:20:29.0082 10936 hpqwmiex - ok
20:20:29.0124 10936 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:20:29.0127 10936 HpSAMD - ok
20:20:29.0182 10936 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:20:29.0189 10936 HTTP - ok
20:20:29.0221 10936 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:20:29.0222 10936 hwpolicy - ok
20:20:29.0273 10936 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:20:29.0274 10936 i8042prt - ok
20:20:29.0317 10936 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:20:29.0320 10936 iaStor - ok
20:20:29.0396 10936 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:20:29.0396 10936 IAStorDataMgrSvc - ok
20:20:29.0443 10936 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:20:29.0448 10936 iaStorV - ok
20:20:29.0513 10936 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:20:29.0522 10936 idsvc - ok
20:20:29.0617 10936 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20130425.001\IDSvia64.sys
20:20:29.0620 10936 IDSVia64 - ok
20:20:29.0865 10936 [ 33FAA40B288002C89529DBD14F3AB72C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:20:29.0930 10936 igfx - ok
20:20:29.0953 10936 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:20:29.0954 10936 iirsp - ok
20:20:29.0999 10936 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:20:30.0004 10936 IKEEXT - ok
20:20:30.0026 10936 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:20:30.0027 10936 Impcd - ok
20:20:30.0065 10936 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:30.0067 10936 IntcDAud - ok
20:20:30.0098 10936 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:20:30.0099 10936 intelide - ok
20:20:30.0131 10936 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:20:30.0132 10936 intelppm - ok
20:20:30.0173 10936 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:20:30.0174 10936 IPBusEnum - ok
20:20:30.0204 10936 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:30.0205 10936 IpFilterDriver - ok
20:20:30.0262 10936 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:20:30.0266 10936 iphlpsvc - ok
20:20:30.0293 10936 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:20:30.0294 10936 IPMIDRV - ok
20:20:30.0314 10936 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:20:30.0315 10936 IPNAT - ok
20:20:30.0367 10936 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:20:30.0368 10936 IRENUM - ok
20:20:30.0388 10936 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:20:30.0389 10936 isapnp - ok
20:20:30.0422 10936 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:20:30.0424 10936 iScsiPrt - ok
20:20:30.0469 10936 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:20:30.0469 10936 kbdclass - ok
20:20:30.0476 10936 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:20:30.0477 10936 kbdhid - ok
20:20:30.0491 10936 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:20:30.0493 10936 KeyIso - ok
20:20:30.0531 10936 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:20:30.0532 10936 KSecDD - ok
20:20:30.0583 10936 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:20:30.0584 10936 KSecPkg - ok
20:20:30.0610 10936 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:20:30.0611 10936 ksthunk - ok
20:20:30.0641 10936 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:20:30.0644 10936 KtmRm - ok
20:20:31.0029 10936 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:20:31.0031 10936 LanmanServer - ok
20:20:31.0073 10936 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:31.0075 10936 LanmanWorkstation - ok
20:20:31.0133 10936 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:20:31.0134 10936 LightScribeService - ok
20:20:31.0173 10936 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:20:31.0173 10936 lltdio - ok
20:20:31.0211 10936 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:20:31.0213 10936 lltdsvc - ok
20:20:31.0237 10936 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:20:31.0239 10936 lmhosts - ok
20:20:31.0402 10936 [ 0405F4BCD1C7A7B309F620FE0B5DE5E6 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:20:31.0404 10936 LMS - ok
20:20:31.0450 10936 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:20:31.0451 10936 LSI_FC - ok
20:20:31.0484 10936 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:20:31.0485 10936 LSI_SAS - ok
20:20:31.0496 10936 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:20:31.0497 10936 LSI_SAS2 - ok
20:20:31.0508 10936 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:20:31.0509 10936 LSI_SCSI - ok
20:20:31.0541 10936 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:20:31.0542 10936 luafv - ok
20:20:31.0570 10936 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:20:31.0571 10936 Mcx2Svc - ok
20:20:31.0613 10936 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:20:31.0614 10936 megasas - ok
20:20:31.0636 10936 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:20:31.0638 10936 MegaSR - ok
20:20:31.0674 10936 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:20:31.0675 10936 MMCSS - ok
20:20:31.0717 10936 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:20:31.0718 10936 Modem - ok
20:20:31.0741 10936 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:20:31.0742 10936 monitor - ok
20:20:31.0778 10936 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:20:31.0779 10936 mouclass - ok
20:20:31.0808 10936 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:20:31.0808 10936 mouhid - ok
20:20:31.0841 10936 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:20:31.0842 10936 mountmgr - ok
20:20:31.0870 10936 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:20:31.0872 10936 mpio - ok
20:20:31.0904 10936 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:20:31.0905 10936 mpsdrv - ok
20:20:31.0952 10936 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:20:31.0957 10936 MpsSvc - ok
20:20:31.0989 10936 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:20:31.0990 10936 MRxDAV - ok
20:20:32.0028 10936 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:32.0030 10936 mrxsmb - ok
20:20:32.0072 10936 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:32.0074 10936 mrxsmb10 - ok
20:20:32.0102 10936 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:32.0103 10936 mrxsmb20 - ok
20:20:32.0149 10936 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:20:32.0149 10936 msahci - ok
20:20:32.0168 10936 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:20:32.0169 10936 msdsm - ok
20:20:32.0197 10936 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:20:32.0198 10936 MSDTC - ok
20:20:32.0254 10936 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:20:32.0255 10936 Msfs - ok
20:20:32.0272 10936 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:20:32.0272 10936 mshidkmdf - ok
20:20:32.0292 10936 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:20:32.0292 10936 msisadrv - ok
20:20:32.0319 10936 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:20:32.0320 10936 MSiSCSI - ok
20:20:32.0324 10936 msiserver - ok
20:20:32.0363 10936 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:20:32.0364 10936 MSKSSRV - ok
20:20:32.0388 10936 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:32.0388 10936 MSPCLOCK - ok
20:20:32.0401 10936 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:20:32.0402 10936 MSPQM - ok
20:20:32.0460 10936 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:20:32.0462 10936 MsRPC - ok
20:20:32.0501 10936 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:20:32.0502 10936 mssmbios - ok
20:20:32.0541 10936 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:20:32.0541 10936 MSTEE - ok
20:20:32.0554 10936 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:20:32.0555 10936 MTConfig - ok
20:20:32.0607 10936 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:20:32.0608 10936 Mup - ok
20:20:33.0054 10936 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
20:20:33.0056 10936 N360 - ok
20:20:33.0114 10936 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:20:33.0117 10936 napagent - ok
20:20:33.0182 10936 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:20:33.0184 10936 NativeWifiP - ok
20:20:33.0284 10936 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130426.017\ENG64.SYS
20:20:33.0285 10936 NAVENG - ok
20:20:33.0395 10936 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130426.017\EX64.SYS
20:20:33.0405 10936 NAVEX15 - ok
20:20:33.0477 10936 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:20:33.0482 10936 NDIS - ok
20:20:33.0508 10936 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:33.0509 10936 NdisCap - ok
20:20:33.0529 10936 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:33.0530 10936 NdisTapi - ok
20:20:33.0570 10936 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:33.0571 10936 Ndisuio - ok
20:20:33.0620 10936 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:33.0622 10936 NdisWan - ok
20:20:33.0655 10936 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:20:33.0657 10936 NDProxy - ok
20:20:33.0675 10936 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:20:33.0676 10936 NetBIOS - ok
20:20:33.0711 10936 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:20:33.0714 10936 NetBT - ok
20:20:33.0737 10936 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:20:33.0740 10936 Netlogon - ok
20:20:33.0783 10936 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:20:33.0788 10936 Netman - ok
20:20:33.0822 10936 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:20:33.0828 10936 netprofm - ok
20:20:33.0855 10936 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:33.0858 10936 NetTcpPortSharing - ok
20:20:33.0992 10936 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:20:34.0168 10936 netw5v64 - ok
20:20:34.0192 10936 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:20:34.0194 10936 nfrd960 - ok
20:20:34.0248 10936 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:20:34.0252 10936 NlaSvc - ok
20:20:34.0271 10936 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:20:34.0272 10936 Npfs - ok
20:20:34.0297 10936 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:20:34.0298 10936 nsi - ok
20:20:34.0311 10936 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:20:34.0312 10936 nsiproxy - ok
20:20:34.0363 10936 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:20:34.0379 10936 Ntfs - ok
20:20:34.0412 10936 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:20:34.0413 10936 Null - ok
20:20:34.0439 10936 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:20:34.0440 10936 nvraid - ok
20:20:34.0472 10936 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:20:34.0473 10936 nvstor - ok
20:20:34.0509 10936 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:20:34.0510 10936 nv_agp - ok
20:20:34.0578 10936 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:20:34.0581 10936 odserv - ok
20:20:34.0604 10936 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:20:34.0605 10936 ohci1394 - ok
20:20:34.0642 10936 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:34.0644 10936 ose - ok
20:20:34.0691 10936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:20:34.0693 10936 p2pimsvc - ok
20:20:34.0729 10936 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:20:34.0732 10936 p2psvc - ok
20:20:34.0762 10936 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:20:34.0763 10936 Parport - ok
20:20:34.0798 10936 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:20:34.0799 10936 partmgr - ok
20:20:34.0834 10936 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:20:34.0836 10936 PcaSvc - ok
20:20:34.0856 10936 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:20:34.0857 10936 pci - ok
20:20:34.0901 10936 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:20:34.0901 10936 pciide - ok
20:20:34.0930 10936 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:34.0931 10936 pcmcia - ok
20:20:34.0962 10936 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:20:34.0963 10936 pcw - ok
20:20:34.0982 10936 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:20:34.0986 10936 PEAUTH - ok
20:20:35.0050 10936 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:20:35.0051 10936 PerfHost - ok
20:20:35.0105 10936 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:20:35.0121 10936 pla - ok
20:20:35.0176 10936 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:20:35.0179 10936 PlugPlay - ok
20:20:35.0202 10936 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:20:35.0203 10936 PNRPAutoReg - ok
20:20:35.0235 10936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:20:35.0239 10936 PNRPsvc - ok
20:20:35.0293 10936 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:20:35.0297 10936 PolicyAgent - ok
20:20:35.0329 10936 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:20:35.0331 10936 Power - ok
20:20:35.0368 10936 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:20:35.0369 10936 PptpMiniport - ok
20:20:35.0403 10936 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:20:35.0404 10936 Processor - ok
20:20:35.0439 10936 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:20:35.0443 10936 ProfSvc - ok
20:20:35.0460 10936 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:35.0461 10936 ProtectedStorage - ok
20:20:35.0494 10936 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:20:35.0496 10936 Psched - ok
20:20:35.0544 10936 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:20:35.0552 10936 ql2300 - ok
20:20:35.0577 10936 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:20:35.0578 10936 ql40xx - ok
20:20:35.0595 10936 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:20:35.0597 10936 QWAVE - ok
20:20:35.0620 10936 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:20:35.0621 10936 QWAVEdrv - ok
20:20:35.0640 10936 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:20:35.0641 10936 RasAcd - ok
20:20:35.0666 10936 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:35.0666 10936 RasAgileVpn - ok
20:20:35.0698 10936 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:20:35.0699 10936 RasAuto - ok
20:20:35.0750 10936 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:35.0751 10936 Rasl2tp - ok
20:20:35.0806 10936 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:20:35.0809 10936 RasMan - ok
20:20:35.0848 10936 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:35.0849 10936 RasPppoe - ok
20:20:35.0891 10936 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:20:35.0892 10936 RasSstp - ok
20:20:35.0930 10936 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:20:35.0931 10936 rdbss - ok
20:20:35.0956 10936 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:20:35.0957 10936 rdpbus - ok
20:20:35.0965 10936 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:35.0966 10936 RDPCDD - ok
20:20:35.0986 10936 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:20:35.0986 10936 RDPENCDD - ok
20:20:36.0014 10936 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:20:36.0015 10936 RDPREFMP - ok
20:20:36.0053 10936 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:20:36.0054 10936 RDPWD - ok
20:20:36.0120 10936 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:20:36.0121 10936 rdyboost - ok
20:20:36.0196 10936 [ 622FCF264119F7DF127BE353F796B319 ] ReadingFanatic_6xService C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe
20:20:36.0196 10936 ReadingFanatic_6xService - ok
20:20:36.0219 10936 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:20:36.0221 10936 RemoteAccess - ok
20:20:36.0251 10936 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:20:36.0253 10936 RemoteRegistry - ok
20:20:36.0292 10936 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:20:36.0293 10936 RFCOMM - ok
20:20:36.0351 10936 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
20:20:36.0354 10936 RoxioNow Service - ok
20:20:36.0390 10936 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:20:36.0392 10936 RpcEptMapper - ok
20:20:36.0443 10936 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:20:36.0444 10936 RpcLocator - ok
20:20:36.0480 10936 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:20:36.0483 10936 RpcSs - ok
20:20:36.0521 10936 [ CA327A84085F68200452E6761F943298 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:20:36.0523 10936 RSPCIESTOR - ok
20:20:36.0569 10936 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:20:36.0570 10936 rspndr - ok
20:20:36.0613 10936 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:20:36.0616 10936 RTL8167 - ok
20:20:36.0626 10936 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:20:36.0627 10936 SamSs - ok
20:20:36.0914 10936 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:20:36.0915 10936 SASDIFSV - ok
20:20:36.0950 10936 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:20:36.0950 10936 SASKUTIL - ok
20:20:36.0982 10936 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:20:36.0983 10936 sbp2port - ok
20:20:37.0006 10936 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:20:37.0008 10936 SCardSvr - ok
20:20:37.0047 10936 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:20:37.0048 10936 scfilter - ok
20:20:37.0093 10936 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:20:37.0100 10936 Schedule - ok
20:20:37.0121 10936 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:20:37.0122 10936 SCPolicySvc - ok
20:20:37.0168 10936 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:20:37.0169 10936 sdbus - ok
20:20:37.0205 10936 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:20:37.0207 10936 SDRSVC - ok
20:20:37.0282 10936 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:20:37.0283 10936 SeaPort - ok
20:20:37.0303 10936 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:20:37.0303 10936 secdrv - ok
20:20:37.0335 10936 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:20:37.0336 10936 seclogon - ok
20:20:37.0361 10936 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:20:37.0363 10936 SENS - ok
20:20:37.0393 10936 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:20:37.0395 10936 SensrSvc - ok
20:20:37.0413 10936 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:20:37.0414 10936 Serenum - ok
20:20:37.0430 10936 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:20:37.0431 10936 Serial - ok
20:20:37.0441 10936 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:20:37.0442 10936 sermouse - ok
20:20:37.0491 10936 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:20:37.0494 10936 SessionEnv - ok
20:20:37.0526 10936 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:20:37.0526 10936 sffdisk - ok
20:20:37.0533 10936 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:20:37.0533 10936 sffp_mmc - ok
20:20:37.0545 10936 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:20:37.0546 10936 sffp_sd - ok
20:20:37.0565 10936 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:20:37.0566 10936 sfloppy - ok
20:20:37.0601 10936 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:20:37.0603 10936 SharedAccess - ok
20:20:37.0641 10936 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:37.0647 10936 ShellHWDetection - ok
20:20:37.0684 10936 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:20:37.0685 10936 SiSRaid2 - ok
20:20:37.0707 10936 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:20:37.0708 10936 SiSRaid4 - ok
20:20:37.0746 10936 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:20:37.0747 10936 Smb - ok
20:20:37.0789 10936 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:20:37.0790 10936 SNMPTRAP - ok
20:20:37.0802 10936 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:20:37.0803 10936 spldr - ok
20:20:37.0836 10936 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:20:37.0840 10936 Spooler - ok
20:20:37.0927 10936 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:20:37.0947 10936 sppsvc - ok
20:20:37.0969 10936 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:20:37.0971 10936 sppuinotify - ok
20:20:38.0057 10936 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS
20:20:38.0061 10936 SRTSP - ok
20:20:38.0094 10936 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS
20:20:38.0095 10936 SRTSPX - ok
20:20:38.0138 10936 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:20:38.0140 10936 srv - ok
20:20:38.0160 10936 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:20:38.0164 10936 srv2 - ok
20:20:38.0196 10936 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:20:38.0198 10936 SrvHsfHDA - ok
20:20:38.0234 10936 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:20:38.0244 10936 SrvHsfV92 - ok
20:20:38.0265 10936 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:20:38.0269 10936 SrvHsfWinac - ok
20:20:38.0283 10936 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:20:38.0286 10936 srvnet - ok
20:20:38.0323 10936 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:20:38.0325 10936 SSDPSRV - ok
20:20:38.0336 10936 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:20:38.0338 10936 SstpSvc - ok
20:20:38.0405 10936 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
20:20:38.0407 10936 STacSV - ok
20:20:38.0440 10936 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:20:38.0440 10936 stexstor - ok
20:20:38.0472 10936 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:20:38.0475 10936 STHDA - ok
20:20:38.0525 10936 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:20:38.0529 10936 stisvc - ok
20:20:38.0562 10936 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:20:38.0563 10936 swenum - ok
20:20:38.0598 10936 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:20:38.0602 10936 swprv - ok
20:20:38.0636 10936 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS
20:20:38.0639 10936 SymDS - ok
20:20:38.0718 10936 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS
20:20:38.0724 10936 SymEFA - ok
20:20:38.0755 10936 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:20:38.0757 10936 SymEvent - ok
20:20:38.0802 10936 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS
20:20:38.0803 10936 SymIRON - ok
20:20:38.0840 10936 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS
20:20:38.0842 10936 SymNetS - ok
20:20:38.0912 10936 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:20:38.0920 10936 SynTP - ok
20:20:39.0044 10936 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:20:39.0054 10936 SysMain - ok
20:20:39.0084 10936 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:39.0085 10936 TabletInputService - ok
20:20:39.0102 10936 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:20:39.0105 10936 TapiSrv - ok
20:20:39.0138 10936 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:20:39.0139 10936 TBS - ok
20:20:39.0241 10936 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:20:39.0252 10936 Tcpip - ok
20:20:39.0308 10936 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:20:39.0318 10936 TCPIP6 - ok
20:20:39.0362 10936 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:20:39.0363 10936 tcpipreg - ok
20:20:39.0382 10936 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:20:39.0383 10936 TDPIPE - ok
20:20:39.0415 10936 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:20:39.0416 10936 TDTCP - ok
20:20:39.0452 10936 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:20:39.0453 10936 tdx - ok
20:20:39.0482 10936 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:20:39.0483 10936 TermDD - ok
20:20:39.0531 10936 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:20:39.0536 10936 TermService - ok
20:20:39.0563 10936 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:20:39.0564 10936 Themes - ok
20:20:39.0586 10936 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:20:39.0587 10936 THREADORDER - ok
20:20:39.0595 10936 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:20:39.0597 10936 TrkWks - ok
20:20:39.0648 10936 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:39.0649 10936 TrustedInstaller - ok
20:20:39.0686 10936 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:39.0687 10936 tssecsrv - ok
20:20:39.0732 10936 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:20:39.0733 10936 TsUsbFlt - ok
20:20:39.0778 10936 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:20:39.0779 10936 tunnel - ok
20:20:39.0813 10936 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:20:39.0814 10936 uagp35 - ok
20:20:39.0854 10936 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:20:39.0856 10936 udfs - ok
20:20:39.0887 10936 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:20:39.0888 10936 UI0Detect - ok
20:20:39.0905 10936 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:20:39.0906 10936 uliagpkx - ok
20:20:39.0949 10936 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:20:39.0951 10936 umbus - ok
20:20:39.0992 10936 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:20:39.0992 10936 UmPass - ok
20:20:40.0122 10936 [ 6F895CA96552069B3D3EF5B4F6E90D3E ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:20:40.0134 10936 UNS - ok
20:20:40.0179 10936 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:20:40.0182 10936 upnphost - ok
20:20:40.0214 10936 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:40.0215 10936 usbccgp - ok
20:20:40.0240 10936 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:20:40.0241 10936 usbcir - ok
20:20:40.0262 10936 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:20:40.0262 10936 usbehci - ok
20:20:40.0291 10936 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:20:40.0293 10936 usbhub - ok
20:20:40.0321 10936 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:20:40.0321 10936 usbohci - ok
20:20:40.0351 10936 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:20:40.0351 10936 usbprint - ok
20:20:40.0389 10936 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:20:40.0390 10936 usbscan - ok
20:20:40.0433 10936 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:40.0434 10936 USBSTOR - ok
20:20:40.0476 10936 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:20:40.0476 10936 usbuhci - ok
20:20:40.0508 10936 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:20:40.0509 10936 usbvideo - ok
20:20:40.0542 10936 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:20:40.0544 10936 UxSms - ok
20:20:40.0571 10936 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:20:40.0574 10936 VaultSvc - ok
20:20:40.0595 10936 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:20:40.0596 10936 vdrvroot - ok
20:20:40.0636 10936 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:20:40.0640 10936 vds - ok
20:20:40.0668 10936 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:40.0670 10936 vga - ok
20:20:41.0003 10936 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:20:41.0003 10936 VgaSave - ok
20:20:41.0045 10936 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:20:41.0046 10936 vhdmp - ok
20:20:41.0074 10936 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:20:41.0074 10936 viaide - ok
20:20:41.0093 10936 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:20:41.0094 10936 volmgr - ok
20:20:41.0142 10936 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:20:41.0144 10936 volmgrx - ok
20:20:41.0198 10936 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:20:41.0200 10936 volsnap - ok
20:20:41.0252 10936 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:20:41.0253 10936 vsmraid - ok
20:20:41.0331 10936 [ 0B4832B848D016622E0F2F136E4715FD ] VsmRWDriver C:\Windows\system32\DRIVERS\VsmRWDriver.sys
20:20:41.0332 10936 VsmRWDriver - ok
20:20:41.0427 10936 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:20:41.0436 10936 VSS - ok
20:20:41.0467 10936 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:20:41.0467 10936 vwifibus - ok
20:20:41.0500 10936 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:20:41.0501 10936 vwififlt - ok
20:20:41.0566 10936 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:20:41.0570 10936 W32Time - ok
20:20:41.0596 10936 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:20:41.0597 10936 WacomPen - ok
20:20:41.0648 10936 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:20:41.0649 10936 WANARP - ok
20:20:41.0653 10936 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:20:41.0655 10936 Wanarpv6 - ok
20:20:41.0729 10936 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:20:41.0736 10936 WatAdminSvc - ok
20:20:41.0790 10936 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:20:41.0799 10936 wbengine - ok
20:20:41.0829 10936 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:20:41.0831 10936 WbioSrvc - ok
20:20:41.0871 10936 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:20:41.0874 10936 wcncsvc - ok
20:20:41.0900 10936 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:20:41.0902 10936 WcsPlugInService - ok
20:20:41.0932 10936 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:20:41.0933 10936 Wd - ok
20:20:42.0020 10936 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:20:42.0024 10936 Wdf01000 - ok
20:20:42.0051 10936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:20:42.0053 10936 WdiServiceHost - ok
20:20:42.0057 10936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:20:42.0059 10936 WdiSystemHost - ok
20:20:42.0102 10936 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:20:42.0105 10936 WebClient - ok
20:20:42.0147 10936 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:20:42.0150 10936 Wecsvc - ok
20:20:42.0172 10936 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:20:42.0175 10936 wercplsupport - ok
20:20:42.0226 10936 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:20:42.0231 10936 WerSvc - ok
20:20:42.0271 10936 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:20:42.0271 10936 WfpLwf - ok
20:20:42.0305 10936 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:20:42.0306 10936 WIMMount - ok
20:20:42.0323 10936 WinDefend - ok
20:20:42.0330 10936 WinHttpAutoProxySvc - ok
20:20:42.0380 10936 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:20:42.0382 10936 Winmgmt - ok
20:20:42.0459 10936 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:20:42.0470 10936 WinRM - ok
20:20:42.0522 10936 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:20:42.0528 10936 Wlansvc - ok
20:20:42.0584 10936 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:20:42.0585 10936 wlcrasvc - ok
20:20:42.0699 10936 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:20:42.0711 10936 wlidsvc - ok
20:20:42.0752 10936 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:20:42.0752 10936 WmiAcpi - ok
20:20:42.0793 10936 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:20:42.0795 10936 wmiApSrv - ok
20:20:42.0836 10936 WMPNetworkSvc - ok
20:20:42.0860 10936 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:20:42.0862 10936 WPCSvc - ok
20:20:42.0885 10936 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:20:42.0887 10936 WPDBusEnum - ok
20:20:42.0923 10936 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:20:42.0923 10936 ws2ifsl - ok
20:20:42.0954 10936 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:20:42.0956 10936 wscsvc - ok
20:20:42.0962 10936 WSearch - ok
20:20:43.0042 10936 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:20:43.0055 10936 wuauserv - ok
20:20:43.0089 10936 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:20:43.0090 10936 WudfPf - ok
20:20:43.0109 10936 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:43.0111 10936 WUDFRd - ok
20:20:43.0139 10936 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:20:43.0140 10936 wudfsvc - ok
20:20:43.0174 10936 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:20:43.0179 10936 WwanSvc - ok
20:20:43.0224 10936 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:20:43.0226 10936 yukonw7 - ok
20:20:43.0249 10936 ================ Scan global ===============================
20:20:43.0269 10936 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:20:43.0307 10936 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:20:43.0319 10936 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:20:43.0361 10936 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:20:43.0396 10936 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:20:43.0401 10936 [Global] - ok
20:20:43.0401 10936 ================ Scan MBR ==================================
20:20:43.0416 10936 [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
20:20:43.0416 10936 Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:20:43.0471 10936 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
20:20:43.0472 10936 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
20:20:43.0479 10936 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR3
20:20:43.0507 10936 \Device\Harddisk1\DR3 - ok
20:20:43.0507 10936 ================ Scan VBR ==================================
20:20:43.0509 10936 [ C87FDDA5352009DDD90E82C6A0D7744A ] \Device\Harddisk0\DR0\Partition1
20:20:43.0511 10936 \Device\Harddisk0\DR0\Partition1 - ok
20:20:43.0528 10936 [ 4BAEC38957C0939DCD1020AB92A4AD5C ] \Device\Harddisk0\DR0\Partition2
20:20:43.0529 10936 \Device\Harddisk0\DR0\Partition2 - ok
20:20:43.0562 10936 [ 1287F65D1017F1EC414F8E13D7C586CB ] \Device\Harddisk0\DR0\Partition3
20:20:43.0564 10936 \Device\Harddisk0\DR0\Partition3 - ok
20:20:43.0589 10936 [ AE0E4DE109A5AC559A99FC5A9C8FE6DD ] \Device\Harddisk0\DR0\Partition4
20:20:43.0590 10936 \Device\Harddisk0\DR0\Partition4 - ok
20:20:43.0596 10936 [ 2CE2DAC8D6131356D80B440A09C19CC4 ] \Device\Harddisk1\DR3\Partition1
20:20:43.0597 10936 \Device\Harddisk1\DR3\Partition1 - ok
20:20:43.0598 10936 ============================================================
20:20:43.0598 10936 Scan finished
20:20:43.0598 10936 ============================================================
20:20:43.0607 20116 Detected object count: 1
20:20:43.0607 20116 Actual detected object count: 1
20:20:59.0570 20116 \Device\Harddisk0\DR0\# - copied to quarantine
20:20:59.0570 20116 \Device\Harddisk0\DR0 - copied to quarantine
20:20:59.0632 20116 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
20:20:59.0632 20116 \Device\Harddisk0\DR0 - ok
20:21:00.0601 20116 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
20:21:31.0983 70396 Deinitialize success
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am

Re: Google links redirecting

Unread postby jeffhma » May 1st, 2013, 10:46 am

ComboFix


ComboFix 13-04-27.04 - Owner 04/28/2013 9:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2320 [GMT -4:00]
Running from: g:\usb toolbox\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\AppData\Local\{5CEE77A1-CC1F-4D88-AD9D-00194CB65461}\{882FB294-5118-49E0-B7CB-5B81508EF3D3}\kictt.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-03-28 to 2013-04-28 )))))))))))))))))))))))))))))))
.
.
2013-04-28 13:25 . 2013-04-28 13:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-28 12:20 . 2011-05-12 18:05 18816 ------w- c:\windows\SysWow64\SAVRKBootTasks.sys
2013-04-28 11:14 . 2011-05-12 18:03 6144 ------w- c:\windows\system32\E263.tmp
2013-04-28 11:09 . 2011-05-12 18:03 6144 ------w- c:\windows\system32\A6AA.tmp
2013-04-28 11:08 . 2013-04-28 11:08 -------- d-----w- c:\program files (x86)\Sophos
2013-04-27 17:08 . 2013-04-27 17:08 -------- d-----w- C:\ClamWinPortable
2013-04-27 00:13 . 2013-04-27 00:20 -------- d-----w- C:\TDSSKiller_Quarantine
2013-04-26 21:44 . 2013-04-26 21:44 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-04-26 21:43 . 2013-04-26 23:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-04-26 21:43 . 2013-04-26 21:43 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-04-26 21:33 . 2013-04-26 21:33 -------- d-----w- c:\users\Owner\AppData\Local\Programs
2013-04-26 21:25 . 2013-04-26 21:25 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2013-04-26 21:25 . 2013-04-26 21:25 -------- d-----w- c:\programdata\Malwarebytes
2013-04-26 21:25 . 2013-04-26 23:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-26 21:25 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-24 14:22 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 15:34 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-10 15:38 . 2011-05-05 21:54 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-13 11:15 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 11:15 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 11:15 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 11:15 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 11:15 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 11:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-26 10:07 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2d948797-8fe3-4508-9b6f-4bf349a9ea34}]
2013-02-07 14:09 62864 ----a-w- c:\program files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{f149b372-5830-4d88-b8f6-2853d12c1af5}]
2013-02-07 14:09 707728 ----a-w- c:\progra~2\READIN~2\bar\1.bin\6xbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{b36151d1-7770-4480-87e4-f89fb54e173d}"= "c:\program files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll" [2013-02-07 707728]
.
[HKEY_CLASSES_ROOT\clsid\{b36151d1-7770-4480-87e4-f89fb54e173d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-04-26 5629312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-16 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\E263.tmp [2011-05-12 6144]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-12-08 329832]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VsmRWDriver;VSM Reader/Writer Type A USB Driver service;c:\windows\system32\DRIVERS\VsmRWDriver.sys [2007-01-08 15104]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-31 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R4 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R4 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
R4 ReadingFanatic_6xService;ReadingFanaticService;c:\progra~2\READIN~2\bar\1.bin\6xbarsvc.exe [2013-02-07 42504]
R4 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
R4 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-23 2320920]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS [2012-01-17 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-04-12 1390680]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20130426.001\IDSvia64.sys [2012-12-08 513184]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [2012-01-17 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [2012-01-17 405624]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2013-04-26 140672]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-24 78208]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [2012-06-16 138272]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-12-08 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-12-08 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 565352]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 22:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 20:41 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-29 13:05]
.
2013-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-29 13:05]
.
2013-04-02 c:\windows\Tasks\HPCeeScheduleForOWNER-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-04-19 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 208.67.222.222
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-{882FB294-5118-49E0-B7CB-5B81508EF3D3} - c:\users\Owner\AppData\Local\{5CEE77A1-CC1F-4D88-AD9D-00194CB65461}\{882FB294-5118-49E0-B7CB-5B81508EF3D3}\kictt.dll
Wow6432Node-HKU-Default-Run-{882FB294-5118-49E0-B7CB-5B81508EF3D3} - c:\users\Owner\AppData\Local\{5CEE77A1-CC1F-4D88-AD9D-00194CB65461}\{882FB294-5118-49E0-B7CB-5B81508EF3D3}\kictt.dll
SafeBoot-80869067.sys
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~2\UNWISE.EXE
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.4.1.14\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\E263.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-28 09:27:33
ComboFix-quarantined-files.txt 2013-04-28 13:27
.
Pre-Run: 421,492,199,424 bytes free
Post-Run: 421,262,245,888 bytes free
.
- - End Of File - - 7EDDDDCBAE2C944EAE862FB6D1551132
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am

Re: Google links redirecting

Unread postby wannabeageek » May 2nd, 2013, 11:02 am

jeffhma,

Rootkit Warning/ Remote Access Infection

One or more of the identified infections you had was related to a rootkit component.

20:15:29.0978 43536 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine
20:20:59.0632 20116 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot


Please take time to carefully read THIS topic, then let me know how you want to proceed.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Google links redirecting

Unread postby jeffhma » May 2nd, 2013, 1:46 pm

I had to return the computer to it's owner. Before returning it I installed the Crossloop remote access program on Sunday 4-28-2013. Could this be the source of the Remote Access Component you say was detected ? While waiting to hear from you I will alert the owner about the potential risks of using the computer.
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am

Re: Google links redirecting

Unread postby wannabeageek » May 5th, 2013, 2:35 pm

Hi jeffhma,

jeffhma wrote:Could this be the source of the Remote Access Component you say was detected ?


Not likely as the rootkits were found on the 26th of April. There are no Crossloop entries on the logs and you said you installed Crossloop on the 28th of April which is after the logs were created and the infection(s) were removed.
jeffhma wrote:Before returning it I installed the Crossloop remote access program on Sunday 4-28-2013.


1st TDSS

20:10:41.0799 31408 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
20:10:43.0827 31408 ============================================================
20:10:43.0827 31408 Current date / time: 2013/04/26 20:10:43.0827

2nd TDSS

20:20:13.0810 67800 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
20:20:15.0823 67800 ============================================================
20:20:15.0823 67800 Current date / time: 2013/04/26 20:20:15.0823


The RAI/Rootkit warning stands.

wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Google links redirecting

Unread postby jeffhma » May 5th, 2013, 4:36 pm

The owner of the computer is unable to continue at this time. Thank you for your efforts and consider this topic to be closed.
jeffhma
Active Member
 
Posts: 7
Joined: April 28th, 2013, 10:08 am

Re: Google links redirecting

Unread postby deltalima » May 6th, 2013, 9:35 am

As the owner of the computer is unable to continue at this time, this topic is now closed.

If you still require help, please open a new thread in the Malware Removal forum, include a
fresh DDS log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 87 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware