Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan.zeroaccess.B [Solved]


  • This topic is locked This topic is locked

#1
sydneedshelp

sydneedshelp

    New Member

  • Member
  • Pip
  • 9 posts
I know that I have seen others asking this same question, and I am not sure if I am supposed to try what they were told or whether to ask for individual help. With that being said, please help me if you can. I have this trojan.zeroaccess.B as an unresolved security risk in Norton. I have tried to manually delete the temporary file and the dialogue box says I do not have permission to do so. My computer is running very slow and often freezing. It also says start-up programs are failing. Any help someone can provide will be much apprecited. Thank you in advance!

~Sydneedshelp

Edited by sydneedshelp, 22 July 2012 - 09:56 PM.

  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello sydneedshelp and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Verify Driver Digital Signature
    • Detect TDLFS file system
  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
OTL.Txt:

OTL logfile created on: 7/23/2012 2:22:05 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\KS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 43.87% Memory free
5.95 Gb Paging File | 4.11 Gb Available in Paging File | 69.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 187.68 Gb Free Space | 65.15% Space Free | Partition Type: NTFS

Computer Name: KS-PC | User Name: KS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/23 14:21:12 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\KS\Desktop\OTL.exe
PRC - [2012/07/12 09:50:47 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
PRC - [2012/06/13 16:21:33 | 000,066,160 | ---- | M] (White Sky, Inc.) -- C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2012/06/13 16:21:32 | 006,534,768 | ---- | M] (White Sky, Inc.) -- C:\Program Files\Constant Guard Protection Suite\IDVault.exe
PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\KS\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/25 11:13:40 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/08/03 23:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccsvchst.exe
PRC - [2011/06/16 22:40:58 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011/04/26 15:23:02 | 000,223,088 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/04/26 15:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/02/14 16:40:04 | 000,378,216 | ---- | M] (Acer Incorporated) -- C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe
PRC - [2009/01/09 11:40:26 | 000,942,592 | ---- | M] (Audiovox Electronics Corp.) -- C:\Users\KS\Documents\RCA Detective\RCADetective.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/23 13:25:32 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/22 21:14:28 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008/05/06 13:28:54 | 000,311,296 | ---- | M] (Acer Inc.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\eRecovery\HidChk.exe
PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 13:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/01/20 21:23:43 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
PRC - [2007/05/11 05:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007/02/22 18:32:12 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/13 16:21:33 | 000,104,048 | ---- | M] () -- C:\Program Files\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll
MOD - [2012/06/13 16:19:24 | 000,548,040 | ---- | M] () -- C:\Program Files\Constant Guard Protection Suite\sqlite3.dll
MOD - [2011/06/24 23:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 23:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/26 15:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/06/11 03:34:27 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\1c6ec78c1819450dfea5e820ce9ed7c3\WindowsFormsIntegration.ni.dll
MOD - [2010/06/11 03:34:21 | 001,356,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\de790a49543ee90e3eafc3f4ed7793e6\System.WorkflowServices.ni.dll
MOD - [2010/06/11 03:34:03 | 001,706,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\4b1fc1408913b93bd727203187e01d63\System.ServiceModel.Web.ni.dll
MOD - [2010/06/11 03:33:55 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\51b84451b1b85247987a6f6a38c38e9c\System.Management.ni.dll
MOD - [2010/06/11 03:31:34 | 017,403,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\cfa8a7e5c73e9b64b9b7c889c57aec6e\System.ServiceModel.ni.dll
MOD - [2010/06/11 03:31:06 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\4df596a3d7e55f25a5e8b48d6fdf05e7\System.ServiceProcess.ni.dll
MOD - [2010/06/11 03:31:01 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e2657fc569c6f343c2034ae4998f5624\System.Web.Services.ni.dll
MOD - [2010/06/11 03:30:55 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8942cd4aa98f657330b5c8890589c2ee\System.Transactions.ni.dll
MOD - [2010/06/11 03:30:54 | 011,797,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\792dcc29f3d031147565b1eb60831845\System.Web.ni.dll
MOD - [2010/06/11 03:30:42 | 002,345,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d217ded934951332a80c8e457a50f487\System.Runtime.Serialization.ni.dll
MOD - [2010/06/11 03:30:38 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\9e57961eb2a42e62694fc75a719d4a63\System.IdentityModel.ni.dll
MOD - [2010/06/11 03:30:35 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\6f4ed529cb8ae1e22ecc49ed4d8aa863\System.Security.ni.dll
MOD - [2010/06/11 03:30:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e14b5b54564ad576dd249e7e8762366d\System.Configuration.ni.dll
MOD - [2010/06/11 03:30:29 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\029e36a801b895ca62cb4b61ed1106d7\SMDiagnostics.ni.dll
MOD - [2010/06/11 03:29:12 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0279340aa3f1bcbf2d8ee1b0cd438f86\System.Xml.ni.dll
MOD - [2010/06/11 03:28:53 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0bb2a8e2374c59943da54078b609e38b\System.Windows.Forms.ni.dll
MOD - [2010/06/11 03:28:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2eb2e94ae8fd5a45071d6c7d9fa96f49\System.Drawing.ni.dll
MOD - [2010/06/11 03:28:23 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\29ff69411dbe49a598c32e3872fd75bf\System.Data.ni.dll
MOD - [2010/06/11 03:28:07 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b444c94cc1bff3d98aedbd6ad417dc9\PresentationFramework.Aero.ni.dll
MOD - [2010/06/11 03:28:02 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0ca5c8f070af8e20c257c06b0f405989\PresentationFramework.ni.dll
MOD - [2010/06/11 03:27:26 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9b37f74b6801b43fef5d86351c9c6082\PresentationCore.ni.dll
MOD - [2010/06/11 03:27:10 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4a433b7f3fd8793d43387a07486aae8d\WindowsBase.ni.dll
MOD - [2010/06/11 03:26:45 | 007,949,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5177b93dac897c12b12167fa786bbdd0\System.ni.dll
MOD - [2010/04/12 07:19:58 | 005,967,872 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
MOD - [2010/04/08 09:52:20 | 000,271,024 | ---- | M] () -- C:\Program Files\Search Toolbar\SearchToolbar.dll
MOD - [2009/10/15 03:17:08 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\4b879c6ae53ff0f95106d2075ed90461\UIAutomationProvider.ni.dll
MOD - [2009/10/15 03:15:13 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\cccf9e783368088a6d357cc45f446478\Accessibility.ni.dll
MOD - [2009/10/15 03:11:29 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2008/10/29 21:41:34 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2008/07/27 13:03:15 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2008/07/27 13:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/07/27 13:03:15 | 000,839,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
MOD - [2008/07/27 13:03:15 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2008/07/27 13:03:15 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2008/07/27 13:03:15 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2008/06/19 20:14:44 | 001,245,184 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2008/01/20 21:24:02 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/01/20 21:24:02 | 000,223,232 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2007/01/13 05:01:28 | 000,475,136 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007/01/13 05:01:28 | 000,397,312 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
MOD - [2005/07/30 21:00:40 | 000,114,688 | ---- | M] () -- C:\Windows\System32\OdiOlDVR.dll
MOD - [2004/06/21 10:14:54 | 000,053,248 | ---- | M] () -- C:\Windows\System32\OdiAPI.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/12 10:41:10 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/13 16:21:33 | 000,066,160 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2011/08/03 23:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011/06/16 22:40:58 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2011/05/24 23:38:14 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/26 15:23:02 | 000,223,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/09/25 17:25:06 | 000,688,132 | ---- | M] (NCH Software) [Auto | Stopped] -- C:\Program Files\NCH Swift Sound\WebDictate\webdictate.exe -- (WebDictateService)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/07/22 21:14:28 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/07/17 19:20:51 | 000,035,752 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FixZeroAccess.sys -- (FixZeroAccess)
DRV - [2012/06/18 19:01:14 | 000,821,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120711.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/06/14 13:39:26 | 000,382,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120720.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/05/30 23:11:49 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/05/30 23:11:49 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/15 20:02:40 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120723.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/05/15 20:02:40 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120723.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/21 21:53:36 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symtdiv.sys -- (SYMTDIv)
DRV - [2011/08/21 21:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symefa.sys -- (SymEFA)
DRV - [2011/08/03 23:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\cchpx86.sys -- (ccHP)
DRV - [2011/07/05 10:24:24 | 000,025,232 | ---- | M] (StrikeForce Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\gidv2.sys -- (GIDv2)
DRV - [2011/06/17 22:28:18 | 000,240,736 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0151.sys -- (RsFx0151)
DRV - [2010/08/09 13:58:04 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\ironx86.sys -- (SymIRON)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\srtsp.sys -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/22 02:44:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symds.sys -- (SymDS)
DRV - [2008/07/22 21:14:24 | 001,203,808 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/06/11 14:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/05/02 09:46:00 | 007,460,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/03/25 00:38:20 | 001,048,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/25 07:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/04/07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emac...209&m=et1161-07
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emac...209&m=et1161-07
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACEW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emac...209&m=et1161-07
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {810F3EC9-0959-4662-B1FD-3496798947D6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACEW
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{810F3EC9-0959-4662-B1FD-3496798947D6}: "URL" = http://www.google.co...1I7ACEW_enUS323
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...}&o=15527&l=dis
IE - HKCU\..\SearchScopes\Comcast: "URL" = http://search.xfinit...tiv_tech_search
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {E1754164-50FD-48FF-802A-FB6960143DC0}:1.9.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2010.9.0.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..network.proxy.ftp: ":0"
FF - prefs.js..network.proxy.gopher: ":0"
FF - prefs.js..network.proxy.http: ":0"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: ":0"
FF - prefs.js..network.proxy.ssl: ":0"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ksolo.com/AVX: C:\Program Files\kSolo\npAVX.dll (kSolo, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@View22/View22: C:\Program Files\View22\Version 3.10.50\NPView22.dll (View22 Technology)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{E1754164-50FD-48FF-802A-FB6960143DC0}: C:\Users\KS\AppData\Local\{E1754164-50FD-48FF-802A-FB6960143DC0} [2010/08/06 16:03:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/23 11:16:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/07/22 23:22:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/09 17:01:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/09 17:01:33 | 000,000,000 | ---D | M]

[2010/11/25 13:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Extensions
[2009/04/26 11:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/05/01 01:31:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\3ztmy7py.default\extensions
[2010/11/29 16:16:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\3ztmy7py.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/03 00:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/15 20:00:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/11 09:03:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/07/22 23:22:02 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
[2011/07/23 11:16:01 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011/11/03 00:45:41 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\PROGRAMDATA\WHITE SKY, INC\ID VAULT\XPCOM3
[2010/08/06 16:03:57 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\KS\APPDATA\LOCAL\{E1754164-50FD-48FF-802A-FB6960143DC0}
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Constant Guard Protection Suite (COM)) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.613.0\NativeBHO.dll (WhiteSky)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Easy Dock] File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [GIDDesktop] C:\Program Files\SFT\GuardedID\gidd.exe (StrikeForce Technologies Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WebDictate] C:\Program Files\NCH Swift Sound\WebDictate\webdictate.exe (NCH Software)
O4 - HKCU..\Run: [Desktop Software] C:\Program Files\Common Files\SupportSoft\bin\bcont.exe (SupportSoft, Inc.)
O4 - Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\KS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O4 - Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk = C:\Users\KS\Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...7/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} http://merillat.view...View22RTEv4.cab (View22RTEv4 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABF127C2-0520-4364-BA2A-AAB26DA78954}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\KS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\KS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\AutoRun\command - "" = I:\rcaeasyrip_setup.exe
O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\install\command - "" = I:\rcaeasyrip_setup.exe
O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\usermanualEnglish\command - "" = I:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\usermanualFrench\command - "" = I:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\usermanualSpanish\command - "" = I:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{e90fbae6-46e3-11de-9af9-002197d66014}\Shell - "" = AutoRun
O33 - MountPoints2\{e90fbae6-46e3-11de-9af9-002197d66014}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
System Restore Service not available.

========== Files/Folders - Created Within 30 Days ==========

[2012/07/23 14:21:01 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\KS\Desktop\OTL.exe
[2012/07/17 19:20:53 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\FixZeroAccess
[2012/07/17 19:20:51 | 000,035,752 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\FixZeroAccess.sys
[2012/07/16 08:21:09 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012/06/24 23:59:36 | 000,000,000 | ---D | C] -- C:\Users\KS\Documents\Documents\Documents\Documents\Syllabi
[2009/07/05 12:45:19 | 003,125,968 | ---- | C] (InstallShield Software Corporation) -- C:\Users\KS\RP5120_DVM_V4.08.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/23 14:24:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/23 14:21:12 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\KS\Desktop\OTL.exe
[2012/07/23 13:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/23 13:17:03 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 13:17:03 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 13:08:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/07/22 23:21:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012/07/22 23:17:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/22 23:16:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/22 23:15:44 | 3085,373,440 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/17 19:22:57 | 505,699,502 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/17 19:20:51 | 000,035,752 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\FixZeroAccess.sys
[2012/07/12 17:46:02 | 000,672,480 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/12 17:46:02 | 000,129,130 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/27 15:46:43 | 000,002,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2012/06/27 15:46:42 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/16 16:37:10 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\L\[email protected]
[2012/07/16 08:09:44 | 000,013,312 | ---- | C] () -- C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\U\[email protected]
[2012/02/02 22:52:45 | 000,000,340 | ---- | C] () -- C:\Windows\wininit.ini
[2011/05/24 23:58:51 | 007,664,171 | ---- | C] () -- C:\Users\KS\Cholesterol Lessons.zip
[2011/05/24 23:34:19 | 066,112,000 | ---- | C] () -- C:\Users\KS\presenter.msi
[2011/05/12 13:52:16 | 000,001,940 | ---- | C] () -- C:\Users\KS\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/15 09:47:52 | 000,000,680 | ---- | C] () -- C:\Users\KS\AppData\Local\d3d9caps.dat
[2011/02/15 21:43:12 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011/02/15 21:43:12 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2011/01/12 07:34:38 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/01/06 15:38:34 | 000,000,561 | ---- | C] () -- C:\Users\KS\LimeWire - Shortcut.lnk
[2010/11/25 13:00:45 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/11/18 12:30:31 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/11/09 22:13:42 | 000,000,000 | ---- | C] () -- C:\Windows\DVEdit.INI
[2010/11/09 21:57:33 | 000,122,880 | ---- | C] () -- C:\Windows\System32\trc.dll
[2010/11/09 21:57:11 | 000,124,264 | R--- | C] () -- C:\Windows\System32\mp3dec.dll
[2010/11/09 21:57:11 | 000,010,600 | R--- | C] () -- C:\Windows\System32\IcdSptSvps.dll
[2010/11/09 21:57:10 | 000,081,920 | R--- | C] () -- C:\Windows\System32\dsp_trc.dll
[2010/10/19 10:02:10 | 000,000,175 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/09/29 18:01:46 | 000,114,688 | ---- | C] () -- C:\Windows\System32\OdiOlDVR.dll
[2010/09/29 18:01:45 | 000,053,248 | ---- | C] () -- C:\Windows\System32\OdiAPI.dll
[2010/08/08 18:32:07 | 000,000,071 | ---- | C] () -- C:\Users\KS\AppData\Roaming\sh4.dat
[2010/08/08 18:32:07 | 000,000,036 | ---- | C] () -- C:\Users\KS\AppData\Roaming\skynet.dat
[2010/08/08 18:32:07 | 000,000,009 | ---- | C] () -- C:\Users\KS\AppData\Roaming\nuar.old
[2010/08/08 18:32:07 | 000,000,001 | ---- | C] () -- C:\Users\KS\AppData\Roaming\sh3.dat
[2010/08/06 16:03:58 | 000,000,120 | ---- | C] () -- C:\Users\KS\AppData\Local\Pkojiyasomiz.dat
[2010/08/06 16:03:58 | 000,000,000 | ---- | C] () -- C:\Users\KS\AppData\Local\Emucalirikijiraz.bin
[2009/11/29 20:53:47 | 003,016,571 | ---- | C] () -- C:\Users\KS\Regret_ft_latoya-.mp3
[2009/11/29 20:34:29 | 005,766,877 | ---- | C] () -- C:\Users\KS\Bulletproof -Raheem Devaughn.mp3
[2009/11/29 20:27:31 | 008,159,647 | ---- | C] () -- C:\Users\KS\It Kills Me-Melanie Fiona.mp3
[2009/11/29 20:15:03 | 006,738,499 | ---- | C] () -- C:\Users\KS\Epiphany- Chrisette Michelle.mp3
[2009/11/29 20:10:29 | 006,835,807 | ---- | C] () -- C:\Users\KS\Bed Rock ft lloyd.mp3
[2009/10/21 17:16:10 | 000,000,159 | ---- | C] () -- C:\Users\KS\webct_upload_applet.properties
[2009/07/05 13:10:00 | 000,001,794 | ---- | C] () -- C:\Users\KS\AppData\Roaming\SAS7_000.DAT
[2009/06/29 20:50:07 | 000,034,644 | ---- | C] () -- C:\Users\KS\AppData\Roaming\wklnhst.dat
[2009/06/08 11:11:55 | 000,024,064 | ---- | C] () -- C:\Users\KS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/20 21:25:01 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\@
[2008/01/20 21:25:01 | 000,002,048 | -HS- | C] () -- C:\Users\KS\AppData\Local\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\@

========== LOP Check ==========

[2012/07/22 23:19:05 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Dropbox
[2012/07/17 19:20:53 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\FixZeroAccess
[2012/07/22 23:21:24 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\ID Vault
[2011/05/25 17:03:25 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\LimeWire
[2011/10/05 14:38:38 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\motorola
[2010/09/25 17:25:01 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\NCH Swift Sound
[2009/06/23 11:16:51 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Nuance
[2012/03/02 18:12:10 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\QSR_International
[2011/03/23 22:09:36 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\SPSSInc
[2009/07/13 03:20:32 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Template
[2010/09/10 15:09:52 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\VanDyke
[2010/01/13 19:57:26 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\WildTangent
[2012/07/22 23:13:50 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 217 bytes -> C:\ProgramData\Temp:8927A071
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:F35A93AD

< End of report >
  • 0

#4
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
OTL Extras logfile created on: 7/23/2012 2:22:05 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\KS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 43.87% Memory free
5.95 Gb Paging File | 4.11 Gb Available in Paging File | 69.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 187.68 Gb Free Space | 65.15% Space Free | Partition Type: NTFS

Computer Name: KS-PC | User Name: KS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185292F7-7C0A-4F72-B2CC-CBEBD40B050E}" = Microsoft SQL Server 2008 R2 Native Client
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 26
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{48B08845-0CB0-45EC-893C-15319ADDA312}" = Microsoft SQL Server 2008 R2 Setup (English)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 SP1 Database Engine Shared
"{4F93ABBE-5A1D-4D56-94CB-022F109FDE4D}" = Adobe Presenter 7
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 SP1 Database Engine Services
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C56F2C0-54E6-4670-8767-F904BCE28B49}" = VanDyke Software SecureFX 6.5
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{80EFBB50-5B6C-4A9D-AFBC-C7664AFF252F}" = Digital Voice Recorder
"{82184A1C-52B8-438F-A79B-8D7580114987}" = QSR NVivo 9.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}" = HP Photosmart All-In-One Software 9.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{9191979D-821C-4EA8-B021-2DA1D859A7C5}" = GuardedID
"{93968FB2-C67A-4A9B-80C2-5D4D9393058E}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 SP1 Database Engine Services
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C35CCBEB-5A54-4DD8-9EC8-110F2A8154B3}" = Motorola Mobile Drivers Installation 5.1.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 SP1 Common Files
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{E209F988-EF49-4B3D-84A6-3CBB67F058AC}" = Google SketchUp 7
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 SP1 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FB91E774-867B-4567-ACE7-8144EF036068}" = Olympus Digital Wave Player
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 SP1 Common Files
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Presenter 7" = Adobe Presenter 7
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Express" = Express Dictate
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ID Vault" = Constant Guard Protection Suite
"IKEA Home Planner Kitchen" = IKEA Home Planner Kitchen
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"kSolo" = kSolo Recorder
"LimeWire" = LimeWire 5.1.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"MotoHelper" = MotoHelper 2.0.51 Driver 5.1.0
"Mozilla Firefox (3.6.24)" = Mozilla Firefox (3.6.24)
"N360" = Norton Security Suite
"NVIDIA Drivers" = NVIDIA Drivers
"RCA Detective™_is1" = RCA Detective™ 2.0.0.99
"RCA easyRip_is1" = RCA easyRip 2.1.7.0
"Recuva" = Recuva
"Scribe" = Express Scribe
"Search Toolbar" = Search Toolbar
"View22" = View22
"WebDictate" = Web Dictate
"WildTangent emachines Master Uninstall" = eMachines Games

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect Add-in" = Adobe Connect Add-in
"Dropbox" = Dropbox
"DYOS Kitchen Release 0.29" = DYOS Kitchen Release 0.29

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/8/2011 2:13:28 PM | Computer Name = KS-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18928 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b04 Start Time: 01ccb5d3b91f3658 Termination Time: 0

Error - 12/8/2011 3:14:22 PM | Computer Name = KS-PC | Source = SPP | ID = 16387
Description =

Error - 12/8/2011 3:14:22 PM | Computer Name = KS-PC | Source = System Restore | ID = 8193
Description =

Error - 12/8/2011 3:14:22 PM | Computer Name = KS-PC | Source = System Restore | ID = 8210
Description =

Error - 12/9/2011 2:52:05 AM | Computer Name = KS-PC | Source = SPP | ID = 16387
Description =

Error - 12/9/2011 2:52:05 AM | Computer Name = KS-PC | Source = System Restore | ID = 8193
Description =

Error - 12/9/2011 2:52:05 AM | Computer Name = KS-PC | Source = System Restore | ID = 8210
Description =

Error - 12/12/2011 5:18:16 PM | Computer Name = KS-PC | Source = SPP | ID = 16387
Description =

Error - 12/12/2011 5:18:16 PM | Computer Name = KS-PC | Source = System Restore | ID = 8193
Description =

Error - 12/12/2011 5:18:16 PM | Computer Name = KS-PC | Source = System Restore | ID = 8210
Description =

[ OSession Events ]
Error - 10/19/2010 10:53:30 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7724
seconds with 960 seconds of active time. This session ended with a crash.

Error - 3/19/2011 10:25:12 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1309
seconds with 540 seconds of active time. This session ended with a crash.

Error - 5/25/2011 12:40:49 AM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 140 seconds with 120 seconds of active time. This session ended with a crash.

Error - 6/3/2011 10:42:18 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 817 seconds with 360 seconds of active time. This session ended with a crash.

Error - 6/3/2011 11:04:40 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 1335 seconds with 960 seconds of active time. This session ended with a
crash.

Error - 6/3/2011 11:16:09 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 552 seconds with 540 seconds of active time. This session ended with a crash.

Error - 6/3/2011 11:27:39 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 474 seconds with 420 seconds of active time. This session ended with a crash.

Error - 9/28/2011 9:16:01 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 69 seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/5/2012 11:15:03 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3962
seconds with 2280 seconds of active time. This session ended with a crash.

Error - 6/28/2012 12:44:47 PM | Computer Name = KS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 60415
seconds with 3480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/22/2012 11:17:34 PM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 7/22/2012 11:20:27 PM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 7/22/2012 11:24:13 PM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 7/22/2012 11:24:55 PM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 7/22/2012 11:31:17 PM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 7/22/2012 11:31:47 PM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 7/23/2012 12:17:04 AM | Computer Name = KS-PC | Source = HTTP | ID = 15016
Description =

Error - 7/23/2012 12:18:00 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 7/23/2012 12:18:00 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 7/23/2012 12:18:00 AM | Computer Name = KS-PC | Source = Service Control Manager | ID = 7003
Description =


< End of report >
  • 0

#5
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
14:53:10.0592 4396 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
14:53:12.0608 4396 ============================================================
14:53:12.0608 4396 Current date / time: 2012/07/23 14:53:12.0608
14:53:12.0608 4396 SystemInfo:
14:53:12.0608 4396
14:53:12.0608 4396 OS Version: 6.0.6001 ServicePack: 1.0
14:53:12.0608 4396 Product type: Workstation
14:53:12.0608 4396 ComputerName: KS-PC
14:53:12.0609 4396 UserName: KS
14:53:12.0609 4396 Windows directory: C:\Windows
14:53:12.0609 4396 System windows directory: C:\Windows
14:53:12.0609 4396 Processor architecture: Intel x86
14:53:12.0609 4396 Number of processors: 2
14:53:12.0609 4396 Page size: 0x1000
14:53:12.0609 4396 Boot type: Normal boot
14:53:12.0609 4396 ============================================================
14:53:13.0527 4396 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:53:13.0541 4396 ============================================================
14:53:13.0541 4396 \Device\Harddisk0\DR0:
14:53:13.0541 4396 MBR partitions:
14:53:13.0541 4396 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x2402DAB0
14:53:13.0541 4396 ============================================================
14:53:13.0579 4396 C: <-> \Device\Harddisk0\DR0\Partition0
14:53:13.0579 4396 ============================================================
14:53:13.0579 4396 Initialize success
14:53:13.0579 4396 ============================================================
14:53:36.0719 6564 ============================================================
14:53:36.0719 6564 Scan started
14:53:36.0719 6564 Mode: Manual; SigCheck; TDLFS;
14:53:36.0719 6564 ============================================================
14:53:37.0750 6564 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
14:53:37.0884 6564 ACPI - ok
14:53:37.0938 6564 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:53:38.0018 6564 AdobeFlashPlayerUpdateSvc - ok
14:53:38.0089 6564 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:53:38.0130 6564 adp94xx - ok
14:53:38.0184 6564 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:53:38.0218 6564 adpahci - ok
14:53:38.0259 6564 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:53:38.0285 6564 adpu160m - ok
14:53:38.0313 6564 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:53:38.0348 6564 adpu320 - ok
14:53:38.0392 6564 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
14:53:38.0500 6564 AeLookupSvc - ok
14:53:38.0554 6564 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
14:53:38.0722 6564 AFD - ok
14:53:38.0779 6564 AgereModemAudio (8ed60797908fd394eee0d6949f493224) C:\Windows\system32\agrsmsvc.exe
14:53:38.0892 6564 AgereModemAudio - ok
14:53:38.0984 6564 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
14:53:39.0063 6564 AgereSoftModem - ok
14:53:39.0121 6564 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:53:39.0144 6564 agp440 - ok
14:53:39.0170 6564 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:53:39.0195 6564 aic78xx - ok
14:53:39.0227 6564 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
14:53:39.0295 6564 ALG - ok
14:53:39.0312 6564 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:53:39.0335 6564 aliide - ok
14:53:39.0366 6564 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:53:39.0389 6564 amdagp - ok
14:53:39.0456 6564 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:53:39.0478 6564 amdide - ok
14:53:39.0517 6564 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:53:39.0621 6564 AmdK7 - ok
14:53:39.0653 6564 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
14:53:39.0723 6564 AmdK8 - ok
14:53:39.0763 6564 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
14:53:39.0881 6564 Appinfo - ok
14:53:40.0239 6564 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:53:40.0304 6564 Apple Mobile Device - ok
14:53:40.0344 6564 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:53:40.0371 6564 arc - ok
14:53:40.0411 6564 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:53:40.0442 6564 arcsas - ok
14:53:40.0466 6564 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:53:40.0558 6564 AsyncMac - ok
14:53:40.0580 6564 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
14:53:40.0602 6564 atapi - ok
14:53:40.0662 6564 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
14:53:40.0743 6564 AudioEndpointBuilder - ok
14:53:40.0753 6564 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
14:53:40.0840 6564 Audiosrv - ok
14:53:40.0896 6564 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:53:40.0983 6564 Beep - ok
14:53:41.0318 6564 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120711.002\BHDrvx86.sys
14:53:41.0481 6564 BHDrvx86 - ok
14:53:41.0579 6564 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
14:53:41.0717 6564 BITS - ok
14:53:41.0798 6564 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:53:41.0910 6564 blbdrive - ok
14:53:42.0074 6564 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
14:53:42.0194 6564 Bonjour Service - ok
14:53:42.0268 6564 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
14:53:42.0382 6564 bowser - ok
14:53:42.0409 6564 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:53:42.0452 6564 BrFiltLo - ok
14:53:42.0482 6564 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:53:42.0552 6564 BrFiltUp - ok
14:53:42.0601 6564 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
14:53:42.0725 6564 Browser - ok
14:53:42.0756 6564 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:53:42.0923 6564 Brserid - ok
14:53:42.0964 6564 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:53:43.0125 6564 BrSerWdm - ok
14:53:43.0153 6564 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:53:43.0284 6564 BrUsbMdm - ok
14:53:43.0471 6564 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:53:43.0644 6564 BrUsbSer - ok
14:53:43.0711 6564 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:53:43.0817 6564 BTHMODEM - ok
14:53:43.0880 6564 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
14:53:43.0913 6564 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
14:53:43.0913 6564 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
14:53:44.0058 6564 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
14:53:44.0119 6564 ccHP - ok
14:53:44.0176 6564 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:53:44.0242 6564 cdfs - ok
14:53:44.0281 6564 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
14:53:44.0413 6564 cdrom - ok
14:53:44.0507 6564 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
14:53:44.0560 6564 CertPropSvc - ok
14:53:44.0610 6564 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:53:44.0672 6564 circlass - ok
14:53:44.0709 6564 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
14:53:44.0749 6564 CLFS - ok
14:53:44.0830 6564 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:53:44.0890 6564 clr_optimization_v2.0.50727_32 - ok
14:53:44.0966 6564 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:53:45.0007 6564 clr_optimization_v4.0.30319_32 - ok
14:53:45.0036 6564 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:53:45.0058 6564 cmdide - ok
14:53:45.0083 6564 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
14:53:45.0114 6564 Compbatt - ok
14:53:45.0121 6564 COMSysApp - ok
14:53:45.0141 6564 crcdisk (0dabf1f0e5f7e11b3af381764943bc8c) C:\Windows\system32\drivers\crcdisk.sys
14:53:45.0142 6564 Suspicious file (Forged): C:\Windows\system32\drivers\crcdisk.sys. Real md5: 0dabf1f0e5f7e11b3af381764943bc8c, Fake md5: 741e9dff4f42d2d8477d0fc1dc0df871
14:53:45.0142 6564 crcdisk ( Rootkit.Win32.TDSS.tdl3 ) - infected
14:53:45.0142 6564 crcdisk - detected Rootkit.Win32.TDSS.tdl3 (0)
14:53:45.0180 6564 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:53:45.0235 6564 Crusoe - ok
14:53:45.0296 6564 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
14:53:45.0386 6564 CryptSvc - ok
14:53:45.0443 6564 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
14:53:45.0593 6564 DcomLaunch - ok
14:53:45.0681 6564 DeviceMonitorService (0259948ffe5f7e69cd1d8a8e74e0547c) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
14:53:45.0740 6564 DeviceMonitorService - ok
14:53:45.0767 6564 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
14:53:45.0831 6564 DfsC - ok
14:53:45.0983 6564 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
14:53:46.0189 6564 DFSR - ok
14:53:46.0300 6564 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
14:53:46.0380 6564 Dhcp - ok
14:53:46.0426 6564 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
14:53:46.0469 6564 disk - ok
14:53:46.0489 6564 Dnscache (f5a0f1da1ed8b429597e71d27d976e31) C:\Windows\System32\dnsrslvr.dll
14:53:46.0542 6564 Dnscache - ok
14:53:46.0567 6564 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
14:53:46.0640 6564 dot3svc - ok
14:53:46.0680 6564 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
14:53:46.0739 6564 Dot4 - ok
14:53:46.0757 6564 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:53:46.0807 6564 Dot4Print - ok
14:53:46.0843 6564 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
14:53:46.0954 6564 dot4usb - ok
14:53:46.0996 6564 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
14:53:47.0063 6564 DPS - ok
14:53:47.0130 6564 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:53:47.0174 6564 drmkaud - ok
14:53:47.0237 6564 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
14:53:47.0371 6564 DXGKrnl - ok
14:53:47.0410 6564 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:53:47.0497 6564 E1G60 - ok
14:53:47.0528 6564 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
14:53:47.0569 6564 EapHost - ok
14:53:47.0689 6564 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
14:53:47.0733 6564 Ecache - ok
14:53:47.0837 6564 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:53:47.0912 6564 eeCtrl - ok
14:53:47.0974 6564 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
14:53:48.0086 6564 ehRecvr - ok
14:53:48.0109 6564 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
14:53:48.0269 6564 ehSched - ok
14:53:48.0311 6564 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
14:53:48.0362 6564 ehstart - ok
14:53:48.0427 6564 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:53:48.0491 6564 elxstor - ok
14:53:48.0581 6564 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
14:53:48.0735 6564 EMDMgmt - ok
14:53:48.0860 6564 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:53:48.0888 6564 EraserUtilRebootDrv - ok
14:53:48.0927 6564 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:53:48.0987 6564 ErrDev - ok
14:53:49.0060 6564 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
14:53:49.0120 6564 ETService ( UnsignedFile.Multi.Generic ) - warning
14:53:49.0120 6564 ETService - detected UnsignedFile.Multi.Generic (1)
14:53:49.0178 6564 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
14:53:49.0310 6564 EventSystem - ok
14:53:49.0366 6564 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
14:53:49.0434 6564 exfat - ok
14:53:49.0472 6564 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
14:53:49.0556 6564 fastfat - ok
14:53:49.0634 6564 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:53:49.0704 6564 fdc - ok
14:53:49.0736 6564 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
14:53:49.0842 6564 fdPHost - ok
14:53:49.0850 6564 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
14:53:49.0959 6564 FDResPub - ok
14:53:49.0992 6564 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:53:50.0025 6564 FileInfo - ok
14:53:50.0052 6564 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:53:50.0146 6564 Filetrace - ok
14:53:50.0170 6564 FixZeroAccess (d75afe00f1a248d52ab72c991048105c) C:\Windows\system32\drivers\FixZeroAccess.sys
14:53:50.0193 6564 FixZeroAccess - ok
14:53:50.0280 6564 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:53:50.0374 6564 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:53:50.0374 6564 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:53:50.0425 6564 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:53:50.0509 6564 flpydisk - ok
14:53:50.0565 6564 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
14:53:50.0619 6564 FltMgr - ok
14:53:50.0672 6564 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:53:50.0696 6564 FontCache3.0.0.0 - ok
14:53:50.0744 6564 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:53:50.0824 6564 Fs_Rec - ok
14:53:50.0854 6564 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:53:50.0877 6564 gagp30kx - ok
14:53:50.0981 6564 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
14:53:51.0085 6564 GameConsoleService - ok
14:53:51.0120 6564 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
14:53:51.0152 6564 GEARAspiWDM - ok
14:53:51.0257 6564 GIDv2 (20f6c49e2c410fcd32d781f521579bf5) C:\Windows\system32\drivers\GIDv2.sys
14:53:51.0277 6564 GIDv2 - ok
14:53:51.0339 6564 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
14:53:51.0444 6564 gpsvc - ok
14:53:51.0505 6564 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
14:53:51.0577 6564 gupdate - ok
14:53:51.0604 6564 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
14:53:51.0664 6564 gupdatem - ok
14:53:51.0718 6564 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:53:51.0775 6564 gusvc - ok
14:53:51.0812 6564 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
14:53:51.0912 6564 HdAudAddService - ok
14:53:51.0924 6564 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:53:51.0979 6564 HDAudBus - ok
14:53:52.0023 6564 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:53:52.0114 6564 HidBth - ok
14:53:52.0150 6564 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:53:52.0264 6564 HidIr - ok
14:53:52.0343 6564 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
14:53:52.0437 6564 hidserv - ok
14:53:52.0470 6564 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
14:53:52.0526 6564 HidUsb - ok
14:53:52.0544 6564 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
14:53:52.0618 6564 hkmsvc - ok
14:53:52.0650 6564 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:53:52.0677 6564 HpCISSs - ok
14:53:52.0798 6564 hpqcxs08 (a30e97371e38ef45b0757561b2796733) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:53:52.0870 6564 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:53:52.0870 6564 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:53:52.0905 6564 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
14:53:52.0992 6564 HTTP - ok
14:53:53.0027 6564 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:53:53.0049 6564 i2omp - ok
14:53:53.0093 6564 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:53:53.0275 6564 i8042prt - ok
14:53:53.0330 6564 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:53:53.0370 6564 iaStorV - ok
14:53:53.0490 6564 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:53:53.0605 6564 idsvc - ok
14:53:53.0828 6564 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120720.001\IDSvix86.sys
14:53:53.0882 6564 IDSVix86 - ok
14:53:54.0088 6564 IDVaultSvc (ebed410c201b7050c0f7cbbb0306656a) C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
14:53:54.0131 6564 IDVaultSvc - ok
14:53:54.0230 6564 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:53:54.0325 6564 iirsp - ok
14:53:54.0365 6564 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
14:53:54.0441 6564 IKEEXT - ok
14:53:54.0467 6564 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
14:53:54.0488 6564 int15 - ok
14:53:54.0595 6564 IntcAzAudAddService (23ebcee9aaa4d6c88728791fab462456) C:\Windows\system32\drivers\RTKVHDA.sys
14:53:54.0718 6564 IntcAzAudAddService - ok
14:53:54.0848 6564 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:53:54.0873 6564 intelide - ok
14:53:54.0906 6564 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:53:54.0978 6564 intelppm - ok
14:53:55.0008 6564 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
14:53:55.0098 6564 IPBusEnum - ok
14:53:55.0129 6564 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:53:55.0192 6564 IpFilterDriver - ok
14:53:55.0198 6564 IpInIp - ok
14:53:55.0238 6564 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:53:55.0308 6564 IPMIDRV - ok
14:53:55.0333 6564 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:53:55.0388 6564 IPNAT - ok
14:53:55.0463 6564 iPod Service (6e27978a4755f4789f912f5f49392f7c) C:\Program Files\iPod\bin\iPodService.exe
14:53:55.0596 6564 iPod Service - ok
14:53:55.0635 6564 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:53:55.0712 6564 IRENUM - ok
14:53:55.0745 6564 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:53:55.0767 6564 isapnp - ok
14:53:55.0794 6564 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
14:53:55.0868 6564 iScsiPrt - ok
14:53:55.0902 6564 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:53:55.0978 6564 iteatapi - ok
14:53:56.0014 6564 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:53:56.0038 6564 iteraid - ok
14:53:56.0056 6564 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:53:56.0099 6564 kbdclass - ok
14:53:56.0124 6564 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
14:53:56.0215 6564 kbdhid - ok
14:53:56.0245 6564 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:53:56.0335 6564 KeyIso - ok
14:53:56.0364 6564 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
14:53:56.0409 6564 KSecDD - ok
14:53:56.0473 6564 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
14:53:56.0559 6564 KtmRm - ok
14:53:56.0593 6564 LanmanServer (05ce901a4472b3fbf9407c94ad1db693) C:\Windows\system32\srvsvc.dll
14:53:56.0656 6564 LanmanServer - ok
14:53:56.0705 6564 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
14:53:56.0784 6564 LanmanWorkstation - ok
14:53:56.0830 6564 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:53:56.0872 6564 lltdio - ok
14:53:56.0901 6564 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
14:53:56.0987 6564 lltdsvc - ok
14:53:56.0999 6564 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
14:53:57.0094 6564 lmhosts - ok
14:53:57.0134 6564 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:53:57.0160 6564 LSI_FC - ok
14:53:57.0212 6564 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:53:57.0241 6564 LSI_SAS - ok
14:53:57.0264 6564 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:53:57.0287 6564 LSI_SCSI - ok
14:53:57.0321 6564 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:53:57.0385 6564 luafv - ok
14:53:57.0472 6564 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
14:53:57.0523 6564 McComponentHostService - ok
14:53:57.0548 6564 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
14:53:57.0605 6564 Mcx2Svc - ok
14:53:57.0668 6564 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:53:57.0693 6564 megasas - ok
14:53:57.0752 6564 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:53:57.0817 6564 MegaSR - ok
14:53:57.0877 6564 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:53:57.0930 6564 Microsoft Office Groove Audit Service - ok
14:53:57.0965 6564 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:53:58.0015 6564 MMCSS - ok
14:53:58.0054 6564 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:53:58.0109 6564 Modem - ok
14:53:58.0154 6564 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:53:58.0202 6564 monitor - ok
14:53:58.0259 6564 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
14:53:58.0315 6564 MotoHelper - ok
14:53:58.0343 6564 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:53:58.0366 6564 mouclass - ok
14:53:58.0378 6564 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:53:58.0447 6564 mouhid - ok
14:53:58.0479 6564 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:53:58.0502 6564 MountMgr - ok
14:53:58.0550 6564 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:53:58.0631 6564 mpio - ok
14:53:58.0663 6564 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:53:58.0748 6564 mpsdrv - ok
14:53:58.0814 6564 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:53:58.0868 6564 Mraid35x - ok
14:53:58.0915 6564 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
14:53:58.0988 6564 MRxDAV - ok
14:53:59.0026 6564 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:53:59.0142 6564 mrxsmb - ok
14:53:59.0189 6564 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:53:59.0282 6564 mrxsmb10 - ok
14:53:59.0307 6564 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:53:59.0374 6564 mrxsmb20 - ok
14:53:59.0421 6564 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
14:53:59.0443 6564 msahci - ok
14:53:59.0467 6564 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:53:59.0493 6564 msdsm - ok
14:53:59.0554 6564 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
14:53:59.0651 6564 MSDTC - ok
14:53:59.0686 6564 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:53:59.0751 6564 Msfs - ok
14:53:59.0805 6564 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:53:59.0894 6564 msisadrv - ok
14:53:59.0943 6564 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
14:54:00.0033 6564 MSiSCSI - ok
14:54:00.0085 6564 msiserver - ok
14:54:00.0121 6564 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:54:00.0277 6564 MSKSSRV - ok
14:54:00.0340 6564 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:00.0435 6564 MSPCLOCK - ok
14:54:00.0464 6564 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:54:00.0507 6564 MSPQM - ok
14:54:00.0542 6564 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
14:54:00.0569 6564 MsRPC - ok
14:54:00.0587 6564 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:54:00.0611 6564 mssmbios - ok
14:54:00.0695 6564 MSSQL$QSRNVIVO9 - ok
14:54:00.0763 6564 MSSQLServerADHelper100 (8e8e74c953eb0c4f8828d99d6f27fd6f) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:54:00.0797 6564 MSSQLServerADHelper100 - ok
14:54:00.0824 6564 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:54:00.0890 6564 MSTEE - ok
14:54:00.0916 6564 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
14:54:00.0940 6564 Mup - ok
14:54:01.0025 6564 N360 (b4187346f54e362daffe647b25a58d50) C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
14:54:01.0079 6564 N360 - ok
14:54:01.0148 6564 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
14:54:01.0281 6564 napagent - ok
14:54:01.0331 6564 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
14:54:01.0361 6564 NativeWifiP - ok
14:54:01.0474 6564 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120723.002\NAVENG.SYS
14:54:01.0498 6564 NAVENG - ok
14:54:01.0594 6564 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120723.002\NAVEX15.SYS
14:54:01.0745 6564 NAVEX15 - ok
14:54:01.0838 6564 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
14:54:01.0901 6564 NDIS - ok
14:54:01.0911 6564 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:01.0952 6564 NdisTapi - ok
14:54:01.0998 6564 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:02.0061 6564 Ndisuio - ok
14:54:02.0108 6564 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:02.0174 6564 NdisWan - ok
14:54:02.0182 6564 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:54:02.0249 6564 NDProxy - ok
14:54:02.0279 6564 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
14:54:02.0298 6564 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:54:02.0299 6564 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:54:02.0358 6564 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:54:02.0406 6564 NetBIOS - ok
14:54:02.0446 6564 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
14:54:02.0526 6564 netbt - ok
14:54:02.0549 6564 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:54:02.0596 6564 Netlogon - ok
14:54:02.0626 6564 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
14:54:02.0713 6564 Netman - ok
14:54:02.0734 6564 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
14:54:02.0814 6564 netprofm - ok
14:54:02.0906 6564 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:02.0956 6564 NetTcpPortSharing - ok
14:54:02.0990 6564 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:54:03.0035 6564 nfrd960 - ok
14:54:03.0074 6564 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
14:54:03.0138 6564 NlaSvc - ok
14:54:03.0178 6564 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
14:54:03.0247 6564 Npfs - ok
14:54:03.0281 6564 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
14:54:03.0335 6564 nsi - ok
14:54:03.0350 6564 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:54:03.0448 6564 nsiproxy - ok
14:54:03.0506 6564 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
14:54:03.0773 6564 Ntfs - ok
14:54:03.0791 6564 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:54:03.0937 6564 ntrigdigi - ok
14:54:03.0954 6564 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:54:04.0058 6564 Null - ok
14:54:04.0154 6564 NVENETFD (c39ad3b818502edfa4b819148b72a0e3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
14:54:04.0326 6564 NVENETFD - ok
14:54:04.0675 6564 nvlddmkm (69d60d2ecd43d0f9f3accc16926e9128) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:54:05.0238 6564 nvlddmkm - ok
14:54:05.0377 6564 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:54:05.0403 6564 nvraid - ok
14:54:05.0436 6564 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:54:05.0469 6564 nvstor - ok
14:54:05.0502 6564 nvstor32 (fa7b8eca6e845b244b7e30a9dcd82c6c) C:\Windows\system32\DRIVERS\nvstor32.sys
14:54:05.0523 6564 nvstor32 - ok
14:54:05.0573 6564 nvsvc (f397a6fa4b83d243ad25a1dc401237a0) C:\Windows\system32\nvvsvc.exe
14:54:05.0678 6564 nvsvc - ok
14:54:05.0720 6564 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:54:05.0744 6564 nv_agp - ok
14:54:05.0757 6564 NwlnkFlt - ok
14:54:05.0815 6564 NwlnkFwd - ok
14:54:05.0960 6564 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:54:06.0066 6564 odserv - ok
14:54:06.0103 6564 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:54:06.0163 6564 ohci1394 - ok
14:54:06.0314 6564 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:54:06.0420 6564 ose - ok
14:54:06.0521 6564 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:54:06.0595 6564 p2pimsvc - ok
14:54:06.0606 6564 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:54:06.0651 6564 p2psvc - ok
14:54:06.0704 6564 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:54:06.0804 6564 Parport - ok
14:54:06.0844 6564 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
14:54:06.0886 6564 partmgr - ok
14:54:06.0907 6564 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:54:06.0994 6564 Parvdm - ok
14:54:07.0023 6564 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
14:54:07.0064 6564 PcaSvc - ok
14:54:07.0086 6564 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
14:54:07.0163 6564 pci - ok
14:54:07.0208 6564 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:54:07.0234 6564 pciide - ok
14:54:07.0285 6564 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:54:07.0320 6564 pcmcia - ok
14:54:07.0420 6564 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:54:07.0565 6564 PEAUTH - ok
14:54:07.0707 6564 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
14:54:07.0842 6564 pla - ok
14:54:07.0933 6564 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
14:54:07.0999 6564 PlugPlay - ok
14:54:08.0101 6564 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
14:54:08.0144 6564 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:54:08.0144 6564 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:54:08.0319 6564 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:54:08.0360 6564 PNRPAutoReg - ok
14:54:08.0404 6564 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:54:08.0444 6564 PNRPsvc - ok
14:54:08.0515 6564 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
14:54:08.0661 6564 PolicyAgent - ok
14:54:08.0714 6564 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:54:08.0785 6564 PptpMiniport - ok
14:54:08.0815 6564 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:54:09.0037 6564 Processor - ok
14:54:09.0098 6564 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
14:54:09.0236 6564 ProfSvc - ok
14:54:09.0290 6564 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:54:09.0374 6564 ProtectedStorage - ok
14:54:09.0395 6564 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
14:54:09.0508 6564 PSched - ok
14:54:09.0563 6564 PxHelp20 (5491e4e7d93804f43abe8ce3c39f5a86) C:\Windows\system32\Drivers\PxHelp20.sys
14:54:09.0722 6564 PxHelp20 - ok
14:54:09.0787 6564 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:54:09.0900 6564 ql2300 - ok
14:54:09.0921 6564 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:54:09.0984 6564 ql40xx - ok
14:54:10.0033 6564 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
14:54:10.0133 6564 QWAVE - ok
14:54:10.0198 6564 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:54:10.0224 6564 QWAVEdrv - ok
14:54:10.0249 6564 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:54:10.0421 6564 RasAcd - ok
14:54:10.0523 6564 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
14:54:10.0590 6564 RasAuto - ok
14:54:10.0607 6564 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:10.0700 6564 Rasl2tp - ok
14:54:10.0960 6564 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
14:54:11.0078 6564 RasMan - ok
14:54:11.0393 6564 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:11.0460 6564 RasPppoe - ok
14:54:11.0527 6564 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
14:54:11.0593 6564 RasSstp - ok
14:54:11.0646 6564 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
14:54:11.0765 6564 rdbss - ok
14:54:11.0809 6564 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:11.0918 6564 RDPCDD - ok
14:54:11.0955 6564 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:54:12.0028 6564 rdpdr - ok
14:54:12.0041 6564 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:54:12.0130 6564 RDPENCDD - ok
14:54:12.0174 6564 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
14:54:12.0230 6564 RDPWD - ok
14:54:12.0303 6564 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
14:54:12.0373 6564 RemoteAccess - ok
14:54:12.0419 6564 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
14:54:12.0484 6564 RemoteRegistry - ok
14:54:12.0547 6564 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
14:54:12.0584 6564 RimUsb - ok
14:54:12.0627 6564 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
14:54:12.0678 6564 RpcLocator - ok
14:54:12.0741 6564 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
14:54:12.0789 6564 RpcSs - ok
14:54:12.0900 6564 RsFx0151 (66a54bf20084400a7dd5e3b69e008799) C:\Windows\system32\DRIVERS\RsFx0151.sys
14:54:12.0942 6564 RsFx0151 - ok
14:54:12.0997 6564 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:54:13.0050 6564 rspndr - ok
14:54:13.0115 6564 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:54:13.0161 6564 SamSs - ok
14:54:13.0202 6564 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:54:13.0269 6564 sbp2port - ok
14:54:13.0297 6564 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
14:54:13.0351 6564 SCardSvr - ok
14:54:13.0396 6564 Schedule (1d5e99db3c10f4fa034010dc49043ca4) C:\Windows\system32\schedsvc.dll
14:54:13.0481 6564 Schedule - ok
14:54:13.0521 6564 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
14:54:13.0562 6564 SCPolicySvc - ok
14:54:13.0583 6564 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
14:54:13.0661 6564 SDRSVC - ok
14:54:13.0687 6564 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:54:13.0794 6564 secdrv - ok
14:54:13.0830 6564 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
14:54:13.0893 6564 seclogon - ok
14:54:13.0910 6564 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
14:54:13.0976 6564 SENS - ok
14:54:14.0029 6564 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:54:14.0272 6564 Serenum - ok
14:54:14.0335 6564 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:54:14.0475 6564 Serial - ok
14:54:14.0507 6564 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:54:14.0654 6564 sermouse - ok
14:54:14.0738 6564 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
14:54:14.0788 6564 SessionEnv - ok
14:54:14.0824 6564 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:54:14.0875 6564 sffdisk - ok
14:54:14.0916 6564 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:54:14.0962 6564 sffp_mmc - ok
14:54:14.0989 6564 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:54:15.0045 6564 sffp_sd - ok
14:54:15.0087 6564 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:54:15.0173 6564 sfloppy - ok
14:54:15.0214 6564 ShellHWDetection (27f10f348e508243f6254846f8370d0d) C:\Windows\System32\shsvcs.dll
14:54:15.0299 6564 ShellHWDetection - ok
14:54:15.0335 6564 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:54:15.0360 6564 sisagp - ok
14:54:15.0389 6564 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:54:15.0411 6564 SiSRaid2 - ok
14:54:15.0429 6564 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:54:15.0453 6564 SiSRaid4 - ok
14:54:15.0590 6564 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
14:54:15.0825 6564 slsvc - ok
14:54:15.0910 6564 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
14:54:15.0957 6564 SLUINotify - ok
14:54:15.0992 6564 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
14:54:16.0089 6564 Smb - ok
14:54:16.0152 6564 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
14:54:16.0219 6564 SNMPTRAP - ok
14:54:16.0265 6564 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:54:16.0284 6564 spldr - ok
14:54:16.0328 6564 Spooler (846cdf9a3cf4da9b306adfb7d55ee4c2) C:\Windows\System32\spoolsv.exe
14:54:16.0448 6564 Spooler - ok
14:54:16.0543 6564 sprtsvc_ddoctorv2 (c3716ec0d36ad924b6888d794563e647) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
14:54:16.0587 6564 sprtsvc_ddoctorv2 - ok
14:54:16.0675 6564 SQLAgent$QSRNVIVO9 (230c6aa1091190d2fdb40766cbd3dbbd) c:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE
14:54:16.0775 6564 SQLAgent$QSRNVIVO9 - ok
14:54:16.0818 6564 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:54:16.0896 6564 SQLBrowser - ok
14:54:16.0941 6564 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:54:16.0975 6564 SQLWriter - ok
14:54:17.0029 6564 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
14:54:17.0064 6564 SRTSP - ok
14:54:17.0081 6564 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
14:54:17.0134 6564 SRTSPX - ok
14:54:17.0170 6564 srv (8e5fc19b3b38364c5f44ccecec5248e9) C:\Windows\system32\DRIVERS\srv.sys
14:54:17.0255 6564 srv - ok
14:54:17.0288 6564 srv2 (4ceeb95e0b79e48b81f2da0a6c24c64b) C:\Windows\system32\DRIVERS\srv2.sys
14:54:17.0353 6564 srv2 - ok
14:54:17.0403 6564 srvnet (f9c65e1e00a6bbf7c57d9b8ea068c525) C:\Windows\system32\DRIVERS\srvnet.sys
14:54:17.0434 6564 srvnet - ok
14:54:17.0481 6564 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
14:54:17.0547 6564 SSDPSRV - ok
14:54:17.0582 6564 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
14:54:17.0634 6564 SstpSvc - ok
14:54:17.0688 6564 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
14:54:17.0734 6564 stisvc - ok
14:54:17.0765 6564 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:54:17.0789 6564 swenum - ok
14:54:17.0830 6564 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
14:54:17.0905 6564 swprv - ok
14:54:17.0933 6564 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:54:17.0960 6564 Symc8xx - ok
14:54:18.0034 6564 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
14:54:18.0070 6564 SymDS - ok
14:54:18.0109 6564 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
14:54:18.0140 6564 SymEFA - ok
14:54:18.0200 6564 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS
14:54:18.0254 6564 SymEvent - ok
14:54:18.0312 6564 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
14:54:18.0341 6564 SymIRON - ok
14:54:18.0376 6564 SYMTDIv (b501d61792d8355eae7eb4f7449a9d99) C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
14:54:18.0431 6564 SYMTDIv - ok
14:54:18.0470 6564 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:54:18.0558 6564 Sym_hi - ok
14:54:18.0584 6564 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:54:18.0606 6564 Sym_u3 - ok
14:54:18.0665 6564 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
14:54:18.0754 6564 SysMain - ok
14:54:18.0782 6564 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
14:54:18.0828 6564 TabletInputService - ok
14:54:18.0876 6564 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
14:54:18.0937 6564 TapiSrv - ok
14:54:18.0949 6564 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
14:54:19.0009 6564 TBS - ok
14:54:19.0067 6564 Tcpip (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\drivers\tcpip.sys
14:54:19.0141 6564 Tcpip - ok
14:54:19.0155 6564 Tcpip6 (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\DRIVERS\tcpip.sys
14:54:19.0206 6564 Tcpip6 - ok
14:54:19.0262 6564 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
14:54:19.0389 6564 tcpipreg - ok
14:54:19.0451 6564 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:54:19.0558 6564 TDPIPE - ok
14:54:19.0606 6564 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:54:19.0692 6564 TDTCP - ok
14:54:19.0747 6564 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
14:54:19.0845 6564 tdx - ok
14:54:19.0890 6564 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
14:54:19.0911 6564 TermDD - ok
14:54:19.0950 6564 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
14:54:20.0064 6564 TermService - ok
14:54:20.0119 6564 Themes (27f10f348e508243f6254846f8370d0d) C:\Windows\system32\shsvcs.dll
14:54:20.0167 6564 Themes - ok
14:54:20.0193 6564 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:54:20.0285 6564 THREADORDER - ok
14:54:20.0321 6564 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
14:54:20.0386 6564 TrkWks - ok
14:54:20.0421 6564 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
14:54:20.0494 6564 TrustedInstaller - ok
14:54:20.0527 6564 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:54:20.0564 6564 tssecsrv - ok
14:54:20.0613 6564 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:54:20.0673 6564 tunmp - ok
14:54:20.0700 6564 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
14:54:20.0761 6564 tunnel - ok
14:54:20.0805 6564 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:54:20.0830 6564 uagp35 - ok
14:54:20.0874 6564 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
14:54:20.0937 6564 udfs - ok
14:54:20.0993 6564 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
14:54:21.0056 6564 UI0Detect - ok
14:54:21.0103 6564 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:54:21.0134 6564 uliagpkx - ok
14:54:21.0162 6564 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:54:21.0197 6564 uliahci - ok
14:54:21.0258 6564 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:54:21.0286 6564 UlSata - ok
14:54:21.0355 6564 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:54:21.0378 6564 ulsata2 - ok
14:54:21.0412 6564 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:54:21.0488 6564 umbus - ok
14:54:21.0533 6564 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
14:54:21.0629 6564 upnphost - ok
14:54:21.0690 6564 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
14:54:21.0747 6564 USBAAPL - ok
14:54:21.0789 6564 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
14:54:21.0850 6564 usbaudio - ok
14:54:21.0907 6564 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:54:21.0965 6564 usbccgp - ok
14:54:21.0998 6564 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:54:22.0096 6564 usbcir - ok
14:54:22.0128 6564 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
14:54:22.0195 6564 usbehci - ok
14:54:22.0229 6564 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
14:54:22.0281 6564 usbhub - ok
14:54:22.0321 6564 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
14:54:22.0362 6564 usbohci - ok
14:54:22.0391 6564 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:54:22.0456 6564 usbprint - ok
14:54:22.0480 6564 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:54:22.0521 6564 usbscan - ok
14:54:22.0563 6564 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:54:22.0650 6564 USBSTOR - ok
14:54:22.0698 6564 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:54:22.0729 6564 usbuhci - ok
14:54:22.0765 6564 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
14:54:22.0830 6564 UxSms - ok
14:54:22.0870 6564 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
14:54:22.0995 6564 vds - ok
14:54:23.0027 6564 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:54:23.0078 6564 vga - ok
14:54:23.0095 6564 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:54:23.0135 6564 VgaSave - ok
14:54:23.0183 6564 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:54:23.0210 6564 viaagp - ok
14:54:23.0246 6564 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:54:23.0302 6564 ViaC7 - ok
14:54:23.0328 6564 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:54:23.0349 6564 viaide - ok
14:54:23.0422 6564 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\Windows\system32\DRIVERS\VNUSB.sys
14:54:23.0446 6564 VNUSB ( UnsignedFile.Multi.Generic ) - warning
14:54:23.0446 6564 VNUSB - detected UnsignedFile.Multi.Generic (1)
14:54:23.0470 6564 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:54:23.0495 6564 volmgr - ok
14:54:23.0516 6564 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
14:54:23.0552 6564 volmgrx - ok
14:54:23.0573 6564 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
14:54:23.0617 6564 volsnap - ok
14:54:23.0661 6564 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:54:23.0685 6564 vsmraid - ok
14:54:23.0798 6564 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
14:54:23.0947 6564 VSS - ok
14:54:23.0985 6564 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
14:54:24.0072 6564 W32Time - ok
14:54:24.0142 6564 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:54:24.0226 6564 WacomPen - ok
14:54:24.0271 6564 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:54:24.0333 6564 Wanarp - ok
14:54:24.0339 6564 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:54:24.0373 6564 Wanarpv6 - ok
14:54:24.0431 6564 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
14:54:24.0511 6564 wcncsvc - ok
14:54:24.0570 6564 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
14:54:24.0611 6564 WcsPlugInService - ok
14:54:24.0667 6564 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:54:24.0687 6564 Wd - ok
14:54:24.0721 6564 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:54:24.0812 6564 Wdf01000 - ok
14:54:24.0832 6564 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:54:24.0883 6564 WdiServiceHost - ok
14:54:24.0894 6564 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:54:24.0939 6564 WdiSystemHost - ok
14:54:24.0973 6564 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
14:54:25.0040 6564 WebClient - ok
14:54:25.0192 6564 WebDictateService (f62901ad90cf2069ff3529b6c50aafd9) C:\Program Files\NCH Swift Sound\WebDictate\webdictate.exe
14:54:25.0317 6564 WebDictateService ( UnsignedFile.Multi.Generic ) - warning
14:54:25.0318 6564 WebDictateService - detected UnsignedFile.Multi.Generic (1)
14:54:25.0360 6564 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
14:54:25.0422 6564 Wecsvc - ok
14:54:25.0434 6564 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
14:54:25.0478 6564 wercplsupport - ok
14:54:25.0501 6564 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
14:54:25.0541 6564 WerSvc - ok
14:54:25.0551 6564 WinHttpAutoProxySvc - ok
14:54:25.0608 6564 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
14:54:25.0655 6564 Winmgmt - ok
14:54:25.0696 6564 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
14:54:25.0783 6564 WinRM - ok
14:54:25.0837 6564 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
14:54:25.0932 6564 Wlansvc - ok
14:54:25.0984 6564 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
14:54:26.0017 6564 WmiAcpi - ok
14:54:26.0075 6564 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
14:54:26.0156 6564 wmiApSrv - ok
14:54:26.0231 6564 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:54:26.0300 6564 WMPNetworkSvc - ok
14:54:26.0363 6564 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
14:54:26.0405 6564 WPCSvc - ok
14:54:26.0423 6564 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
14:54:26.0465 6564 WPDBusEnum - ok
14:54:26.0515 6564 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
14:54:26.0548 6564 WpdUsb - ok
14:54:26.0654 6564 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:54:26.0741 6564 WPFFontCache_v0400 - ok
14:54:26.0781 6564 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:54:26.0819 6564 ws2ifsl - ok
14:54:26.0824 6564 WSearch - ok
14:54:26.0925 6564 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
14:54:27.0024 6564 wuauserv - ok
14:54:27.0188 6564 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:54:27.0246 6564 WUDFRd - ok
14:54:27.0283 6564 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
14:54:27.0326 6564 wudfsvc - ok
14:54:27.0348 6564 MBR (0x1B8) (8c9f9e03865c35f0f3829a23cda42f5d) \Device\Harddisk0\DR0
14:54:30.0532 6564 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:54:30.0532 6564 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:54:30.0562 6564 Boot (0x1200) (4eceb69f07d61343f8ce194208bc7937) \Device\Harddisk0\DR0\Partition0
14:54:30.0565 6564 \Device\Harddisk0\DR0\Partition0 - ok
14:54:30.0565 6564 ============================================================
14:54:30.0565 6564 Scan finished
14:54:30.0565 6564 ============================================================
14:54:30.0588 8028 Detected object count: 10
14:54:30.0588 8028 Actual detected object count: 10
14:57:20.0107 8028 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:20.0107 8028 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:20.0176 8028 C:\Windows\system32\drivers\crcdisk.sys - copied to quarantine
14:57:20.0976 8028 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
14:57:21.0089 8028 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
14:57:21.0146 8028 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
14:57:21.0158 8028 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
14:57:21.0176 8028 \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
14:57:22.0168 8028 \Device\Harddisk0\DR0\TDLFS\bwbp.tmp - copied to quarantine
14:57:22.0178 8028 \Device\Harddisk0\DR0\TDLFS\nryd.tmp - copied to quarantine
14:57:22.0304 8028 Backup copy found, using it..
14:57:22.0457 8028 C:\Windows\system32\drivers\crcdisk.sys - will be cured on reboot
14:57:22.0457 8028 crcdisk ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure
14:57:22.0469 8028 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0469 8028 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0469 8028 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0470 8028 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0474 8028 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0474 8028 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0480 8028 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0480 8028 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0484 8028 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0484 8028 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0490 8028 VNUSB ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0490 8028 VNUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0494 8028 WebDictateService ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0494 8028 WebDictateService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0498 8028 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:57:22.0498 8028 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
14:57:50.0155 2460 Deinitialize success
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Let's continue

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\AutoRun\command - "" = I:\rcaeasyrip_setup.exe
    O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\install\command - "" = I:\rcaeasyrip_setup.exe
    O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\usermanualEnglish\command - "" = I:\rcaeasyrip_setup.exe /pdf_English
    O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\usermanualFrench\command - "" = I:\rcaeasyrip_setup.exe /pdf_French
    O33 - MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\Shell\usermanualSpanish\command - "" = I:\rcaeasyrip_setup.exe /pdf_Spanish
    O33 - MountPoints2\{e90fbae6-46e3-11de-9af9-002197d66014}\Shell - "" = AutoRun
    O33 - MountPoints2\{e90fbae6-46e3-11de-9af9-002197d66014}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
    O33 - MountPoints2\L\Shell - "" = AutoRun
    O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
    [2010/08/06 16:03:58 | 000,000,120 | ---- | C] () -- C:\Users\KS\AppData\Local\Pkojiyasomiz.dat
    [2010/08/06 16:03:58 | 000,000,000 | ---- | C] () -- C:\Users\KS\AppData\Local\Emucalirikijiraz.bin

    :Files
    C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85}
    C:\Users\KS\AppData\Local\{0fe012a7-5b9a-258f-298f-d41e79b29c85}
    ipconfig /flushdns /c

    :Commands
    [purity]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles
Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 3

Run TDSSKiller onw more time. For entry

\Device\Harddisk0\DR0 ( TDSS File System )

select Delete option and remove it. Post log for me as you did last time.

Step 4

Please don't forget to include these items in your reply:

  • OTL fix log
  • Combofix log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#7
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
File I:\rcaeasyrip_setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
File I:\rcaeasyrip_setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
File I:\rcaeasyrip_setup.exe /pdf_English not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
File I:\rcaeasyrip_setup.exe /pdf_French not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397f0c2d-7ac9-11de-8b1f-002197d66014}\ not found.
File I:\rcaeasyrip_setup.exe /pdf_Spanish not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e90fbae6-46e3-11de-9af9-002197d66014}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e90fbae6-46e3-11de-9af9-002197d66014}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e90fbae6-46e3-11de-9af9-002197d66014}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e90fbae6-46e3-11de-9af9-002197d66014}\ not found.
File K:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
File J:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ not found.
File K:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ not found.
File L:\LaunchU3.exe -a not found.
C:\Users\KS\AppData\Local\Pkojiyasomiz.dat moved successfully.
C:\Users\KS\AppData\Local\Emucalirikijiraz.bin moved successfully.
========== FILES ==========
C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\U folder moved successfully.
C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\L folder moved successfully.
C:\Windows\Installer\{0fe012a7-5b9a-258f-298f-d41e79b29c85} folder moved successfully.
C:\Users\KS\AppData\Local\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\U folder moved successfully.
C:\Users\KS\AppData\Local\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\L folder moved successfully.
C:\Users\KS\AppData\Local\{0fe012a7-5b9a-258f-298f-d41e79b29c85} folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\KS\Desktop\cmd.bat deleted successfully.
C:\Users\KS\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.54.0 log created on 07252012_123234
  • 0

#8
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
ComboFix 12-07-26.03 - KS 07/25/2012 13:01:18.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2942.1847 [GMT -5:00]
Running from: c:\users\KS\Desktop\ComboFix.exe
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbar.dll
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\users\KS\AppData\Local\{E1754164-50FD-48FF-802A-FB6960143DC0}
c:\users\KS\AppData\Local\{E1754164-50FD-48FF-802A-FB6960143DC0}\chrome.manifest
c:\users\KS\AppData\Local\{E1754164-50FD-48FF-802A-FB6960143DC0}\chrome\content\_cfg.js
c:\users\KS\AppData\Local\{E1754164-50FD-48FF-802A-FB6960143DC0}\chrome\content\overlay.xul
c:\users\KS\AppData\Local\{E1754164-50FD-48FF-802A-FB6960143DC0}\install.rdf
c:\users\KS\AppData\Local\Temp\{FDAAEE8C-D315-4EB2-9A5E-915F801E942F}\fpb.tmp
c:\users\KS\AppData\Roaming\skynet.dat
c:\windows\assembly\GAC\Desktop.ini
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.3.inf
c:\windows\system32\AutoRun.inf
c:\windows\Update.bat
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected
Restored copy from - c:\windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-25 to 2012-07-25 )))))))))))))))))))))))))))))))
.
.
2012-07-25 18:18 . 2012-07-25 18:24 -------- d-----w- c:\users\KS\AppData\Local\temp
2012-07-25 18:18 . 2012-07-25 18:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-25 17:32 . 2012-07-25 17:32 -------- d-----w- C:\_OTL
2012-07-23 19:57 . 2012-07-23 19:57 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-18 00:20 . 2012-07-18 00:20 -------- d-----w- c:\users\KS\AppData\Roaming\FixZeroAccess
2012-07-18 00:20 . 2012-07-18 00:20 35752 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys
2012-07-16 13:21 . 2012-07-16 13:21 -------- d-sh--w- c:\windows\system32\%APPDATA%
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-23 19:59 . 2006-11-02 08:52 24632 ----a-w- c:\windows\system32\drivers\crcdisk.sys
2012-07-12 15:41 . 2012-05-21 03:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 15:41 . 2012-01-14 14:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\KS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\KS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\KS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-23 6183456]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 92704]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" [2007-04-16 259624]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"WebDictate"="c:\program files\NCH Swift Sound\WebDictate\webdictate.exe" [2010-09-25 688132]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"GIDDesktop"="c:\program files\SFT\GuardedID\gidd.exe" [2011-07-05 395528]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-06 421888]
.
c:\users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\KS\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OneNote Table Of Contents.onetoc2 [2009-6-23 3656]
RCA Detective.lnk - c:\users\KS\Documents\RCA Detective\RCADetective.exe [2009-7-29 942592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BigFix.lnk - c:\program files\BigFix\bigfix.exe [N/A]
Constant Guard.lnk - c:\program files\Constant Guard Protection Suite\IDVault.exe [2012-7-18 6536304]
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2010-9-29 118784]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"=hex(0):
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg]
2011-07-05 15:26 435976 ----a-w- c:\program files\SFT\GuardedID\GIDI.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-21 15:41]
.
2012-07-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-13 17:14]
.
2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:14]
.
2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0209&m=et1161-07
uInternet Settings,ProxyOverride = *.local;192.168.*.*
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab
FF - ProfilePath - c:\users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\3ztmy7py.default\
FF - prefs.js: network.proxy.ftp - :0
FF - prefs.js: network.proxy.gopher - :0
FF - prefs.js: network.proxy.http - :0
FF - prefs.js: network.proxy.socks - :0
FF - prefs.js: network.proxy.ssl - :0
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-Easy Dock - (no file)
SafeBoot-18789443.sys
AddRemove-RCA Detective™_is1 - c:\users\KS\Documents\RCA Detective\unins000.exe
AddRemove-RCA easyRip_is1 - c:\users\KS\Documents\RCA easyRip\unins000.exe
AddRemove-Search Toolbar - c:\program files\Search Toolbar\SearchToolbarUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-25 13:25
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.4.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2668)
c:\users\KS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\eappprxy.dll
c:\windows\System32\AltTab.dll
c:\windows\System32\ntlanman.dll
c:\windows\System32\davclnt.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Motorola Media Link\Lite\NServiceEntry.exe
c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Motorola\MotoHelper\MotoHelperService.exe
c:\program files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe
c:\program files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Motorola\MotoHelper\MotoHelperAgent.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\Constant Guard Protection Suite\IDVaultSvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-07-25 13:31:32 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-25 18:31
.
Pre-Run: 204,880,044,032 bytes free
Post-Run: 205,233,475,584 bytes free
.
- - End Of File - - 548705B4A0AA9F559A42AEAEC6EEA032
  • 0

#9
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
13:35:56.0202 5284 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
13:36:02.0364 5284 ============================================================
13:36:02.0364 5284 Current date / time: 2012/07/25 13:36:02.0364
13:36:02.0364 5284 SystemInfo:
13:36:02.0364 5284
13:36:02.0364 5284 OS Version: 6.0.6001 ServicePack: 1.0
13:36:02.0364 5284 Product type: Workstation
13:36:02.0364 5284 ComputerName: KS-PC
13:36:02.0364 5284 UserName: KS
13:36:02.0364 5284 Windows directory: C:\Windows
13:36:02.0364 5284 System windows directory: C:\Windows
13:36:02.0364 5284 Processor architecture: Intel x86
13:36:02.0364 5284 Number of processors: 2
13:36:02.0364 5284 Page size: 0x1000
13:36:02.0364 5284 Boot type: Normal boot
13:36:02.0364 5284 ============================================================
13:36:03.0347 5284 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:36:03.0362 5284 ============================================================
13:36:03.0362 5284 \Device\Harddisk0\DR0:
13:36:03.0362 5284 MBR partitions:
13:36:03.0362 5284 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x2402DAB0
13:36:03.0362 5284 ============================================================
13:36:03.0518 5284 C: <-> \Device\Harddisk0\DR0\Partition0
13:36:03.0518 5284 ============================================================
13:36:03.0518 5284 Initialize success
13:36:03.0518 5284 ============================================================
13:36:40.0537 4856 ============================================================
13:36:40.0537 4856 Scan started
13:36:40.0537 4856 Mode: Manual;
13:36:40.0537 4856 ============================================================
13:36:41.0863 4856 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
13:36:41.0894 4856 ACPI - ok
13:36:42.0128 4856 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:36:42.0128 4856 AdobeFlashPlayerUpdateSvc - ok
13:36:42.0269 4856 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:36:42.0269 4856 adp94xx - ok
13:36:42.0394 4856 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:36:42.0409 4856 adpahci - ok
13:36:42.0472 4856 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:36:42.0487 4856 adpu160m - ok
13:36:42.0550 4856 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:36:42.0550 4856 adpu320 - ok
13:36:42.0628 4856 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:36:42.0628 4856 AeLookupSvc - ok
13:36:42.0674 4856 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
13:36:42.0690 4856 AFD - ok
13:36:42.0706 4856 AgereModemAudio (8ed60797908fd394eee0d6949f493224) C:\Windows\system32\agrsmsvc.exe
13:36:42.0706 4856 AgereModemAudio - ok
13:36:42.0768 4856 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
13:36:42.0815 4856 AgereSoftModem - ok
13:36:42.0908 4856 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:36:42.0908 4856 agp440 - ok
13:36:43.0064 4856 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:36:43.0080 4856 aic78xx - ok
13:36:43.0127 4856 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:36:43.0127 4856 ALG - ok
13:36:43.0158 4856 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:36:43.0174 4856 aliide - ok
13:36:43.0189 4856 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:36:43.0189 4856 amdagp - ok
13:36:43.0236 4856 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:36:43.0236 4856 amdide - ok
13:36:43.0283 4856 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:36:43.0283 4856 AmdK7 - ok
13:36:43.0330 4856 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
13:36:43.0330 4856 AmdK8 - ok
13:36:43.0361 4856 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:36:43.0361 4856 Appinfo - ok
13:36:43.0579 4856 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:36:43.0579 4856 Apple Mobile Device - ok
13:36:43.0704 4856 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:36:43.0704 4856 arc - ok
13:36:43.0751 4856 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:36:43.0751 4856 arcsas - ok
13:36:43.0782 4856 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:43.0782 4856 AsyncMac - ok
13:36:43.0829 4856 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
13:36:43.0829 4856 atapi - ok
13:36:43.0876 4856 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
13:36:43.0891 4856 AudioEndpointBuilder - ok
13:36:43.0891 4856 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
13:36:43.0891 4856 Audiosrv - ok
13:36:43.0922 4856 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:36:43.0922 4856 Beep - ok
13:36:43.0954 4856 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
13:36:43.0969 4856 BFE - ok
13:36:44.0718 4856 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120711.002\BHDrvx86.sys
13:36:44.0765 4856 BHDrvx86 - ok
13:36:45.0311 4856 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
13:36:45.0389 4856 BITS - ok
13:36:45.0498 4856 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:36:45.0607 4856 blbdrive - ok
13:36:45.0872 4856 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
13:36:45.0872 4856 Bonjour Service - ok
13:36:45.0935 4856 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
13:36:45.0935 4856 bowser - ok
13:36:45.0966 4856 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:36:45.0966 4856 BrFiltLo - ok
13:36:46.0013 4856 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:36:46.0013 4856 BrFiltUp - ok
13:36:46.0044 4856 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:36:46.0044 4856 Browser - ok
13:36:46.0106 4856 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:36:46.0153 4856 Brserid - ok
13:36:46.0184 4856 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:36:46.0184 4856 BrSerWdm - ok
13:36:46.0231 4856 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:36:46.0231 4856 BrUsbMdm - ok
13:36:46.0262 4856 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:36:46.0262 4856 BrUsbSer - ok
13:36:46.0309 4856 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:36:46.0309 4856 BTHMODEM - ok
13:36:46.0450 4856 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
13:36:46.0450 4856 BVRPMPR5 - ok
13:36:46.0808 4856 catchme - ok
13:36:46.0933 4856 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
13:36:46.0949 4856 ccHP - ok
13:36:46.0964 4856 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:36:46.0964 4856 cdfs - ok
13:36:46.0996 4856 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
13:36:46.0996 4856 cdrom - ok
13:36:47.0042 4856 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
13:36:47.0042 4856 CertPropSvc - ok
13:36:47.0074 4856 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:36:47.0074 4856 circlass - ok
13:36:47.0167 4856 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
13:36:47.0167 4856 CLFS - ok
13:36:47.0245 4856 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:36:47.0245 4856 clr_optimization_v2.0.50727_32 - ok
13:36:47.0339 4856 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:36:47.0339 4856 clr_optimization_v4.0.30319_32 - ok
13:36:47.0370 4856 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:36:47.0370 4856 cmdide - ok
13:36:47.0386 4856 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
13:36:47.0386 4856 Compbatt - ok
13:36:47.0386 4856 COMSysApp - ok
13:36:47.0401 4856 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:36:47.0401 4856 crcdisk - ok
13:36:47.0526 4856 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:36:47.0526 4856 Crusoe - ok
13:36:47.0604 4856 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
13:36:47.0604 4856 CryptSvc - ok
13:36:48.0072 4856 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
13:36:48.0088 4856 DcomLaunch - ok
13:36:48.0166 4856 DeviceMonitorService (0259948ffe5f7e69cd1d8a8e74e0547c) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
13:36:48.0166 4856 DeviceMonitorService - ok
13:36:48.0181 4856 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
13:36:48.0197 4856 DfsC - ok
13:36:48.0415 4856 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
13:36:48.0478 4856 DFSR - ok
13:36:48.0587 4856 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
13:36:48.0587 4856 Dhcp - ok
13:36:48.0649 4856 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
13:36:48.0649 4856 disk - ok
13:36:48.0680 4856 Dnscache (f5a0f1da1ed8b429597e71d27d976e31) C:\Windows\System32\dnsrslvr.dll
13:36:48.0696 4856 Dnscache - ok
13:36:49.0086 4856 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
13:36:49.0102 4856 dot3svc - ok
13:36:49.0148 4856 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:36:49.0164 4856 Dot4 - ok
13:36:49.0180 4856 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:36:49.0180 4856 Dot4Print - ok
13:36:49.0226 4856 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:36:49.0226 4856 dot4usb - ok
13:36:49.0289 4856 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:36:49.0289 4856 DPS - ok
13:36:49.0336 4856 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:36:49.0398 4856 drmkaud - ok
13:36:49.0882 4856 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
13:36:49.0944 4856 DXGKrnl - ok
13:36:49.0960 4856 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:36:49.0960 4856 E1G60 - ok
13:36:49.0975 4856 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:36:50.0006 4856 EapHost - ok
13:36:50.0038 4856 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
13:36:50.0053 4856 Ecache - ok
13:36:50.0350 4856 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:36:50.0365 4856 eeCtrl - ok
13:36:50.0428 4856 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:36:50.0459 4856 ehRecvr - ok
13:36:50.0474 4856 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:36:50.0474 4856 ehSched - ok
13:36:50.0537 4856 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:36:50.0537 4856 ehstart - ok
13:36:50.0599 4856 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:36:50.0646 4856 elxstor - ok
13:36:50.0896 4856 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
13:36:50.0974 4856 EMDMgmt - ok
13:36:51.0114 4856 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:36:51.0114 4856 EraserUtilRebootDrv - ok
13:36:51.0176 4856 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:36:51.0176 4856 ErrDev - ok
13:36:51.0254 4856 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
13:36:51.0254 4856 ETService - ok
13:36:51.0364 4856 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
13:36:51.0364 4856 EventSystem - ok
13:36:51.0410 4856 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
13:36:51.0426 4856 exfat - ok
13:36:51.0457 4856 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
13:36:51.0473 4856 fastfat - ok
13:36:51.0520 4856 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:36:51.0520 4856 fdc - ok
13:36:51.0644 4856 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:36:51.0644 4856 fdPHost - ok
13:36:51.0722 4856 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:36:51.0722 4856 FDResPub - ok
13:36:51.0800 4856 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:36:51.0816 4856 FileInfo - ok
13:36:51.0847 4856 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:36:51.0863 4856 Filetrace - ok
13:36:51.0894 4856 FixZeroAccess (d75afe00f1a248d52ab72c991048105c) C:\Windows\system32\drivers\FixZeroAccess.sys
13:36:51.0894 4856 FixZeroAccess - ok
13:36:51.0988 4856 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:36:52.0003 4856 FLEXnet Licensing Service - ok
13:36:52.0050 4856 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:36:52.0050 4856 flpydisk - ok
13:36:52.0128 4856 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
13:36:52.0144 4856 FltMgr - ok
13:36:52.0190 4856 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:36:52.0190 4856 FontCache3.0.0.0 - ok
13:36:52.0237 4856 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:36:52.0237 4856 Fs_Rec - ok
13:36:52.0268 4856 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:36:52.0268 4856 gagp30kx - ok
13:36:52.0331 4856 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
13:36:52.0362 4856 GameConsoleService - ok
13:36:52.0393 4856 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
13:36:52.0393 4856 GEARAspiWDM - ok
13:36:52.0440 4856 GIDv2 (20f6c49e2c410fcd32d781f521579bf5) C:\Windows\system32\drivers\GIDv2.sys
13:36:52.0456 4856 GIDv2 - ok
13:36:52.0612 4856 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
13:36:52.0612 4856 gpsvc - ok
13:36:52.0690 4856 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:36:52.0705 4856 gupdate - ok
13:36:52.0721 4856 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:36:52.0721 4856 gupdatem - ok
13:36:52.0752 4856 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:36:52.0752 4856 gusvc - ok
13:36:52.0783 4856 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
13:36:52.0799 4856 HdAudAddService - ok
13:36:52.0830 4856 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:36:52.0830 4856 HDAudBus - ok
13:36:52.0892 4856 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:36:52.0892 4856 HidBth - ok
13:36:52.0924 4856 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:36:52.0924 4856 HidIr - ok
13:36:52.0970 4856 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
13:36:52.0970 4856 hidserv - ok
13:36:53.0002 4856 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
13:36:53.0002 4856 HidUsb - ok
13:36:53.0080 4856 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:36:53.0080 4856 hkmsvc - ok
13:36:53.0158 4856 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:36:53.0173 4856 HpCISSs - ok
13:36:53.0392 4856 hpqcxs08 (a30e97371e38ef45b0757561b2796733) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:36:53.0392 4856 hpqcxs08 - ok
13:36:53.0470 4856 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
13:36:53.0485 4856 HTTP - ok
13:36:53.0532 4856 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:36:53.0594 4856 i2omp - ok
13:36:53.0641 4856 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:36:53.0641 4856 i8042prt - ok
13:36:54.0000 4856 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:36:54.0000 4856 iaStorV - ok
13:36:54.0187 4856 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:36:54.0234 4856 idsvc - ok
13:36:54.0421 4856 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120724.001\IDSvix86.sys
13:36:54.0421 4856 IDSVix86 - ok
13:36:54.0546 4856 IDVaultSvc (a744324e96d6c12a007a4a11e910afdb) C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
13:36:54.0546 4856 IDVaultSvc - ok
13:36:55.0170 4856 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:36:55.0170 4856 iirsp - ok
13:36:55.0420 4856 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
13:36:55.0420 4856 IKEEXT - ok
13:36:55.0466 4856 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
13:36:55.0466 4856 int15 - ok
13:36:55.0560 4856 IntcAzAudAddService (23ebcee9aaa4d6c88728791fab462456) C:\Windows\system32\drivers\RTKVHDA.sys
13:36:55.0622 4856 IntcAzAudAddService - ok
13:36:55.0732 4856 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:36:55.0732 4856 intelide - ok
13:36:55.0763 4856 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:36:55.0763 4856 intelppm - ok
13:36:55.0981 4856 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:36:55.0981 4856 IPBusEnum - ok
13:36:56.0012 4856 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:36:56.0012 4856 IpFilterDriver - ok
13:36:56.0044 4856 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
13:36:56.0059 4856 iphlpsvc - ok
13:36:56.0059 4856 IpInIp - ok
13:36:56.0122 4856 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:36:56.0153 4856 IPMIDRV - ok
13:36:56.0184 4856 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:36:56.0200 4856 IPNAT - ok
13:36:56.0418 4856 iPod Service (6e27978a4755f4789f912f5f49392f7c) C:\Program Files\iPod\bin\iPodService.exe
13:36:56.0418 4856 iPod Service - ok
13:36:56.0480 4856 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:36:56.0480 4856 IRENUM - ok
13:36:56.0527 4856 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:36:56.0527 4856 isapnp - ok
13:36:56.0558 4856 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
13:36:56.0558 4856 iScsiPrt - ok
13:36:56.0590 4856 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:36:56.0590 4856 iteatapi - ok
13:36:56.0621 4856 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:36:56.0621 4856 iteraid - ok
13:36:56.0668 4856 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:36:56.0683 4856 kbdclass - ok
13:36:56.0699 4856 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
13:36:56.0699 4856 kbdhid - ok
13:36:56.0730 4856 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:36:56.0730 4856 KeyIso - ok
13:36:56.0917 4856 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
13:36:56.0995 4856 KSecDD - ok
13:36:57.0042 4856 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:36:57.0058 4856 KtmRm - ok
13:36:57.0073 4856 LanmanServer (05ce901a4472b3fbf9407c94ad1db693) C:\Windows\System32\srvsvc.dll
13:36:57.0089 4856 LanmanServer - ok
13:36:57.0182 4856 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
13:36:57.0182 4856 LanmanWorkstation - ok
13:36:57.0245 4856 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:36:57.0260 4856 lltdio - ok
13:36:57.0292 4856 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:36:57.0307 4856 lltdsvc - ok
13:36:57.0323 4856 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:36:57.0323 4856 lmhosts - ok
13:36:57.0370 4856 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:36:57.0416 4856 LSI_FC - ok
13:36:57.0479 4856 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:36:57.0479 4856 LSI_SAS - ok
13:36:57.0526 4856 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:36:57.0541 4856 LSI_SCSI - ok
13:36:57.0572 4856 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:36:57.0588 4856 luafv - ok
13:36:58.0134 4856 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
13:36:58.0134 4856 McComponentHostService - ok
13:36:58.0196 4856 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:36:58.0196 4856 Mcx2Svc - ok
13:36:58.0259 4856 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:36:58.0259 4856 megasas - ok
13:36:58.0477 4856 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:36:58.0540 4856 MegaSR - ok
13:36:59.0273 4856 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:36:59.0273 4856 Microsoft Office Groove Audit Service - ok
13:36:59.0413 4856 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:36:59.0413 4856 MMCSS - ok
13:36:59.0491 4856 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:36:59.0491 4856 Modem - ok
13:36:59.0663 4856 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:36:59.0678 4856 monitor - ok
13:36:59.0772 4856 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
13:36:59.0772 4856 MotoHelper - ok
13:36:59.0803 4856 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:36:59.0803 4856 mouclass - ok
13:36:59.0850 4856 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:36:59.0850 4856 mouhid - ok
13:36:59.0897 4856 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:36:59.0928 4856 MountMgr - ok
13:37:00.0240 4856 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:37:00.0240 4856 mpio - ok
13:37:00.0271 4856 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:37:00.0271 4856 mpsdrv - ok
13:37:00.0334 4856 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
13:37:00.0365 4856 MpsSvc - ok
13:37:00.0396 4856 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:37:00.0396 4856 Mraid35x - ok
13:37:00.0505 4856 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
13:37:00.0505 4856 MRxDAV - ok
13:37:00.0536 4856 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:00.0536 4856 mrxsmb - ok
13:37:00.0599 4856 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:00.0614 4856 mrxsmb10 - ok
13:37:00.0646 4856 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:00.0646 4856 mrxsmb20 - ok
13:37:00.0708 4856 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
13:37:00.0786 4856 msahci - ok
13:37:00.0786 4856 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:37:00.0802 4856 msdsm - ok
13:37:00.0833 4856 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:37:00.0864 4856 MSDTC - ok
13:37:00.0880 4856 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:37:00.0895 4856 Msfs - ok
13:37:00.0911 4856 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:37:00.0911 4856 msisadrv - ok
13:37:00.0989 4856 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:37:00.0989 4856 MSiSCSI - ok
13:37:00.0989 4856 msiserver - ok
13:37:01.0036 4856 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:37:01.0036 4856 MSKSSRV - ok
13:37:01.0082 4856 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:01.0082 4856 MSPCLOCK - ok
13:37:01.0114 4856 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:37:01.0114 4856 MSPQM - ok
13:37:01.0129 4856 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
13:37:01.0129 4856 MsRPC - ok
13:37:01.0176 4856 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:37:01.0176 4856 mssmbios - ok
13:37:01.0254 4856 MSSQL$QSRNVIVO9 - ok
13:37:01.0332 4856 MSSQLServerADHelper100 (8e8e74c953eb0c4f8828d99d6f27fd6f) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:37:01.0332 4856 MSSQLServerADHelper100 - ok
13:37:01.0379 4856 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:37:01.0379 4856 MSTEE - ok
13:37:01.0394 4856 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
13:37:01.0394 4856 Mup - ok
13:37:01.0472 4856 N360 (b4187346f54e362daffe647b25a58d50) C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
13:37:01.0472 4856 N360 - ok
13:37:01.0535 4856 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
13:37:01.0550 4856 napagent - ok
13:37:01.0628 4856 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
13:37:01.0706 4856 NativeWifiP - ok
13:37:01.0987 4856 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120724.033\NAVENG.SYS
13:37:01.0987 4856 NAVENG - ok
13:37:02.0050 4856 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120724.033\NAVEX15.SYS
13:37:02.0065 4856 NAVEX15 - ok
13:37:02.0299 4856 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
13:37:02.0315 4856 NDIS - ok
13:37:02.0315 4856 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:02.0315 4856 NdisTapi - ok
13:37:02.0330 4856 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:02.0330 4856 Ndisuio - ok
13:37:02.0362 4856 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:02.0377 4856 NdisWan - ok
13:37:02.0408 4856 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:37:02.0408 4856 NDProxy - ok
13:37:02.0486 4856 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
13:37:02.0486 4856 Net Driver HPZ12 - ok
13:37:02.0533 4856 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:37:02.0533 4856 NetBIOS - ok
13:37:02.0549 4856 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
13:37:02.0596 4856 netbt - ok
13:37:02.0611 4856 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:37:02.0627 4856 Netlogon - ok
13:37:02.0642 4856 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:37:02.0642 4856 Netman - ok
13:37:02.0720 4856 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:37:02.0767 4856 netprofm - ok
13:37:02.0954 4856 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:37:02.0970 4856 NetTcpPortSharing - ok
13:37:03.0032 4856 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:37:03.0048 4856 nfrd960 - ok
13:37:03.0079 4856 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:37:03.0110 4856 NlaSvc - ok
13:37:03.0126 4856 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
13:37:03.0126 4856 Npfs - ok
13:37:03.0173 4856 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:37:03.0173 4856 nsi - ok
13:37:03.0173 4856 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:37:03.0188 4856 nsiproxy - ok
13:37:03.0235 4856 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
13:37:03.0266 4856 Ntfs - ok
13:37:03.0329 4856 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:37:03.0376 4856 ntrigdigi - ok
13:37:03.0407 4856 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:37:03.0407 4856 Null - ok
13:37:03.0485 4856 NVENETFD (c39ad3b818502edfa4b819148b72a0e3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
13:37:03.0532 4856 NVENETFD - ok
13:37:07.0182 4856 nvlddmkm (69d60d2ecd43d0f9f3accc16926e9128) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:37:07.0244 4856 nvlddmkm - ok
13:37:07.0744 4856 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:37:07.0744 4856 nvraid - ok
13:37:07.0759 4856 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:37:07.0775 4856 nvstor - ok
13:37:07.0822 4856 nvstor32 (fa7b8eca6e845b244b7e30a9dcd82c6c) C:\Windows\system32\DRIVERS\nvstor32.sys
13:37:07.0822 4856 nvstor32 - ok
13:37:07.0853 4856 nvsvc (f397a6fa4b83d243ad25a1dc401237a0) C:\Windows\system32\nvvsvc.exe
13:37:07.0853 4856 nvsvc - ok
13:37:08.0102 4856 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:37:08.0102 4856 nv_agp - ok
13:37:08.0102 4856 NwlnkFlt - ok
13:37:08.0118 4856 NwlnkFwd - ok
13:37:08.0352 4856 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:37:08.0446 4856 odserv - ok
13:37:08.0492 4856 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:37:08.0492 4856 ohci1394 - ok
13:37:08.0586 4856 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:08.0586 4856 ose - ok
13:37:08.0680 4856 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:37:08.0695 4856 p2pimsvc - ok
13:37:08.0711 4856 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:37:08.0726 4856 p2psvc - ok
13:37:08.0773 4856 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:37:08.0820 4856 Parport - ok
13:37:08.0867 4856 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
13:37:08.0898 4856 partmgr - ok
13:37:08.0914 4856 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:37:08.0914 4856 Parvdm - ok
13:37:08.0929 4856 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:37:08.0929 4856 PcaSvc - ok
13:37:08.0992 4856 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
13:37:09.0023 4856 pci - ok
13:37:09.0054 4856 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
13:37:09.0054 4856 pciide - ok
13:37:09.0210 4856 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:37:09.0226 4856 pcmcia - ok
13:37:09.0272 4856 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:37:09.0288 4856 PEAUTH - ok
13:37:09.0413 4856 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:37:09.0428 4856 pla - ok
13:37:09.0600 4856 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
13:37:09.0616 4856 PlugPlay - ok
13:37:09.0678 4856 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
13:37:09.0678 4856 Pml Driver HPZ12 - ok
13:37:09.0865 4856 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:37:09.0865 4856 PNRPAutoReg - ok
13:37:09.0881 4856 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:37:09.0896 4856 PNRPsvc - ok
13:37:10.0021 4856 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
13:37:10.0068 4856 PolicyAgent - ok
13:37:10.0130 4856 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:37:10.0162 4856 PptpMiniport - ok
13:37:10.0193 4856 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:37:10.0208 4856 Processor - ok
13:37:10.0364 4856 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
13:37:10.0364 4856 ProfSvc - ok
13:37:10.0411 4856 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:37:10.0411 4856 ProtectedStorage - ok
13:37:10.0458 4856 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
13:37:10.0474 4856 PSched - ok
13:37:10.0489 4856 PxHelp20 (5491e4e7d93804f43abe8ce3c39f5a86) C:\Windows\system32\Drivers\PxHelp20.sys
13:37:10.0489 4856 PxHelp20 - ok
13:37:10.0567 4856 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:37:10.0645 4856 ql2300 - ok
13:37:10.0723 4856 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:37:10.0786 4856 ql40xx - ok
13:37:10.0848 4856 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:37:10.0895 4856 QWAVE - ok
13:37:10.0910 4856 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:37:10.0910 4856 QWAVEdrv - ok
13:37:10.0942 4856 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:37:10.0942 4856 RasAcd - ok
13:37:10.0988 4856 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:37:11.0020 4856 RasAuto - ok
13:37:11.0035 4856 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:11.0035 4856 Rasl2tp - ok
13:37:11.0082 4856 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
13:37:11.0098 4856 RasMan - ok
13:37:11.0129 4856 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:11.0129 4856 RasPppoe - ok
13:37:11.0176 4856 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
13:37:11.0207 4856 RasSstp - ok
13:37:11.0222 4856 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
13:37:11.0222 4856 rdbss - ok
13:37:11.0269 4856 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:11.0300 4856 RDPCDD - ok
13:37:11.0347 4856 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:37:11.0347 4856 rdpdr - ok
13:37:11.0394 4856 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:37:11.0410 4856 RDPENCDD - ok
13:37:11.0456 4856 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
13:37:11.0488 4856 RDPWD - ok
13:37:11.0503 4856 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:37:11.0519 4856 RemoteAccess - ok
13:37:11.0550 4856 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
13:37:11.0550 4856 RemoteRegistry - ok
13:37:11.0597 4856 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
13:37:11.0597 4856 RimUsb - ok
13:37:11.0597 4856 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:37:11.0612 4856 RpcLocator - ok
13:37:11.0659 4856 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\System32\rpcss.dll
13:37:11.0659 4856 RpcSs - ok
13:37:11.0753 4856 RsFx0151 (66a54bf20084400a7dd5e3b69e008799) C:\Windows\system32\DRIVERS\RsFx0151.sys
13:37:11.0753 4856 RsFx0151 - ok
13:37:11.0878 4856 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:37:11.0893 4856 rspndr - ok
13:37:11.0940 4856 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:37:11.0940 4856 SamSs - ok
13:37:12.0096 4856 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:37:12.0096 4856 sbp2port - ok
13:37:12.0361 4856 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
13:37:12.0377 4856 SCardSvr - ok
13:37:12.0439 4856 Schedule (1d5e99db3c10f4fa034010dc49043ca4) C:\Windows\system32\schedsvc.dll
13:37:12.0455 4856 Schedule - ok
13:37:12.0595 4856 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
13:37:12.0595 4856 SCPolicySvc - ok
13:37:12.0658 4856 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:37:12.0658 4856 SDRSVC - ok
13:37:12.0689 4856 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:37:12.0736 4856 secdrv - ok
13:37:12.0736 4856 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:37:12.0736 4856 seclogon - ok
13:37:12.0751 4856 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
13:37:12.0767 4856 SENS - ok
13:37:12.0845 4856 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:37:12.0845 4856 Serenum - ok
13:37:12.0907 4856 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:37:12.0907 4856 Serial - ok
13:37:12.0954 4856 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:37:12.0954 4856 sermouse - ok
13:37:13.0126 4856 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:37:13.0126 4856 SessionEnv - ok
13:37:13.0157 4856 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
13:37:13.0172 4856 sffdisk - ok
13:37:13.0188 4856 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:37:13.0188 4856 sffp_mmc - ok
13:37:13.0219 4856 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
13:37:13.0219 4856 sffp_sd - ok
13:37:13.0282 4856 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:37:13.0282 4856 sfloppy - ok
13:37:13.0344 4856 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:37:13.0360 4856 SharedAccess - ok
13:37:13.0375 4856 ShellHWDetection (27f10f348e508243f6254846f8370d0d) C:\Windows\System32\shsvcs.dll
13:37:13.0391 4856 ShellHWDetection - ok
13:37:13.0422 4856 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:37:13.0422 4856 sisagp - ok
13:37:13.0453 4856 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:37:13.0453 4856 SiSRaid2 - ok
13:37:13.0656 4856 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:37:13.0656 4856 SiSRaid4 - ok
13:37:14.0857 4856 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
13:37:14.0935 4856 slsvc - ok
13:37:15.0013 4856 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
13:37:15.0060 4856 SLUINotify - ok
13:37:15.0107 4856 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
13:37:15.0107 4856 Smb - ok
13:37:15.0138 4856 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:37:15.0138 4856 SNMPTRAP - ok
13:37:15.0154 4856 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:37:15.0154 4856 spldr - ok
13:37:15.0200 4856 Spooler (846cdf9a3cf4da9b306adfb7d55ee4c2) C:\Windows\System32\spoolsv.exe
13:37:15.0200 4856 Spooler - ok
13:37:15.0356 4856 sprtsvc_ddoctorv2 (c3716ec0d36ad924b6888d794563e647) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
13:37:15.0356 4856 sprtsvc_ddoctorv2 - ok
13:37:15.0590 4856 SQLAgent$QSRNVIVO9 (230c6aa1091190d2fdb40766cbd3dbbd) c:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE
13:37:15.0622 4856 SQLAgent$QSRNVIVO9 - ok
13:37:15.0731 4856 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:37:15.0746 4856 SQLBrowser - ok
13:37:15.0793 4856 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:37:15.0793 4856 SQLWriter - ok
13:37:15.0918 4856 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
13:37:15.0949 4856 SRTSP - ok
13:37:15.0965 4856 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
13:37:15.0965 4856 SRTSPX - ok
13:37:16.0012 4856 srv (8e5fc19b3b38364c5f44ccecec5248e9) C:\Windows\system32\DRIVERS\srv.sys
13:37:16.0043 4856 srv - ok
13:37:16.0058 4856 srv2 (4ceeb95e0b79e48b81f2da0a6c24c64b) C:\Windows\system32\DRIVERS\srv2.sys
13:37:16.0074 4856 srv2 - ok
13:37:16.0090 4856 srvnet (f9c65e1e00a6bbf7c57d9b8ea068c525) C:\Windows\system32\DRIVERS\srvnet.sys
13:37:16.0090 4856 srvnet - ok
13:37:16.0136 4856 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:37:16.0152 4856 SSDPSRV - ok
13:37:16.0183 4856 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:37:16.0183 4856 SstpSvc - ok
13:37:16.0230 4856 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
13:37:16.0230 4856 stisvc - ok
13:37:16.0261 4856 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:37:16.0292 4856 swenum - ok
13:37:16.0324 4856 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
13:37:16.0339 4856 swprv - ok
13:37:16.0370 4856 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:37:16.0370 4856 Symc8xx - ok
13:37:16.0573 4856 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
13:37:16.0573 4856 SymDS - ok
13:37:16.0714 4856 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
13:37:16.0714 4856 SymEFA - ok
13:37:16.0760 4856 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:37:16.0776 4856 SymEvent - ok
13:37:16.0838 4856 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
13:37:16.0854 4856 SymIRON - ok
13:37:16.0901 4856 SYMTDIv (b501d61792d8355eae7eb4f7449a9d99) C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
13:37:16.0916 4856 SYMTDIv - ok
13:37:16.0948 4856 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:37:16.0963 4856 Sym_hi - ok
13:37:17.0026 4856 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:37:17.0026 4856 Sym_u3 - ok
13:37:17.0088 4856 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
13:37:17.0135 4856 SysMain - ok
13:37:17.0150 4856 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:37:17.0150 4856 TabletInputService - ok
13:37:17.0182 4856 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
13:37:17.0182 4856 TapiSrv - ok
13:37:17.0197 4856 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:37:17.0197 4856 TBS - ok
13:37:17.0431 4856 Tcpip (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\drivers\tcpip.sys
13:37:17.0447 4856 Tcpip - ok
13:37:17.0462 4856 Tcpip6 (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\DRIVERS\tcpip.sys
13:37:17.0478 4856 Tcpip6 - ok
13:37:17.0494 4856 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
13:37:17.0494 4856 tcpipreg - ok
13:37:17.0540 4856 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:37:17.0540 4856 TDPIPE - ok
13:37:17.0572 4856 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:37:17.0572 4856 TDTCP - ok
13:37:17.0634 4856 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
13:37:17.0634 4856 tdx - ok
13:37:17.0681 4856 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
13:37:17.0712 4856 TermDD - ok
13:37:17.0759 4856 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
13:37:17.0759 4856 TermService - ok
13:37:17.0837 4856 Themes (27f10f348e508243f6254846f8370d0d) C:\Windows\system32\shsvcs.dll
13:37:17.0852 4856 Themes - ok
13:37:17.0884 4856 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:37:17.0884 4856 THREADORDER - ok
13:37:17.0946 4856 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:37:17.0946 4856 TrkWks - ok
13:37:17.0993 4856 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
13:37:18.0008 4856 TrustedInstaller - ok
13:37:18.0055 4856 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:18.0118 4856 tssecsrv - ok
13:37:18.0180 4856 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:37:18.0180 4856 tunmp - ok
13:37:18.0211 4856 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
13:37:18.0227 4856 tunnel - ok
13:37:18.0242 4856 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:37:18.0242 4856 uagp35 - ok
13:37:18.0305 4856 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
13:37:18.0367 4856 udfs - ok
13:37:18.0414 4856 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:37:18.0430 4856 UI0Detect - ok
13:37:18.0476 4856 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:37:18.0492 4856 uliagpkx - ok
13:37:18.0539 4856 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:37:18.0539 4856 uliahci - ok
13:37:18.0601 4856 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:37:18.0632 4856 UlSata - ok
13:37:18.0664 4856 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:37:18.0664 4856 ulsata2 - ok
13:37:18.0710 4856 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:37:18.0742 4856 umbus - ok
13:37:18.0788 4856 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:37:18.0788 4856 upnphost - ok
13:37:18.0820 4856 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
13:37:18.0820 4856 USBAAPL - ok
13:37:18.0851 4856 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
13:37:18.0851 4856 usbaudio - ok
13:37:18.0929 4856 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:18.0929 4856 usbccgp - ok
13:37:18.0976 4856 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:37:18.0976 4856 usbcir - ok
13:37:19.0054 4856 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
13:37:19.0054 4856 usbehci - ok
13:37:19.0100 4856 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
13:37:19.0116 4856 usbhub - ok
13:37:19.0132 4856 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
13:37:19.0132 4856 usbohci - ok
13:37:19.0178 4856 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:37:19.0210 4856 usbprint - ok
13:37:19.0241 4856 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:37:19.0241 4856 usbscan - ok
13:37:19.0272 4856 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:19.0303 4856 USBSTOR - ok
13:37:19.0334 4856 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:37:19.0334 4856 usbuhci - ok
13:37:19.0381 4856 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
13:37:19.0381 4856 UxSms - ok
13:37:19.0490 4856 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
13:37:19.0522 4856 vds - ok
13:37:19.0568 4856 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:19.0568 4856 vga - ok
13:37:19.0600 4856 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:37:19.0646 4856 VgaSave - ok
13:37:19.0678 4856 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:37:19.0678 4856 viaagp - ok
13:37:19.0756 4856 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:37:19.0756 4856 ViaC7 - ok
13:37:19.0787 4856 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:37:19.0787 4856 viaide - ok
13:37:19.0834 4856 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\Windows\system32\DRIVERS\VNUSB.sys
13:37:19.0834 4856 VNUSB - ok
13:37:19.0849 4856 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:37:19.0865 4856 volmgr - ok
13:37:19.0896 4856 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
13:37:19.0912 4856 volmgrx - ok
13:37:19.0927 4856 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
13:37:19.0927 4856 volsnap - ok
13:37:20.0005 4856 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:37:20.0021 4856 vsmraid - ok
13:37:20.0083 4856 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
13:37:20.0114 4856 VSS - ok
13:37:20.0146 4856 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
13:37:20.0146 4856 W32Time - ok
13:37:20.0192 4856 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:37:20.0192 4856 WacomPen - ok
13:37:20.0208 4856 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:37:20.0208 4856 Wanarp - ok
13:37:20.0224 4856 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:37:20.0224 4856 Wanarpv6 - ok
13:37:20.0270 4856 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
13:37:20.0302 4856 wcncsvc - ok
13:37:20.0317 4856 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:37:20.0317 4856 WcsPlugInService - ok
13:37:20.0364 4856 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:37:20.0426 4856 Wd - ok
13:37:20.0458 4856 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:37:20.0473 4856 Wdf01000 - ok
13:37:20.0489 4856 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:37:20.0504 4856 WdiServiceHost - ok
13:37:20.0504 4856 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:37:20.0504 4856 WdiSystemHost - ok
13:37:20.0551 4856 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
13:37:20.0551 4856 WebClient - ok
13:37:20.0645 4856 WebDictateService (f62901ad90cf2069ff3529b6c50aafd9) C:\Program Files\NCH Swift Sound\WebDictate\webdictate.exe
13:37:20.0676 4856 WebDictateService - ok
13:37:20.0707 4856 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
13:37:20.0707 4856 Wecsvc - ok
13:37:20.0754 4856 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:37:20.0785 4856 wercplsupport - ok
13:37:20.0816 4856 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
13:37:20.0816 4856 WerSvc - ok
13:37:20.0910 4856 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
13:37:21.0004 4856 WinDefend - ok
13:37:21.0004 4856 WinHttpAutoProxySvc - ok
13:37:21.0082 4856 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
13:37:21.0097 4856 Winmgmt - ok
13:37:21.0144 4856 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
13:37:21.0160 4856 WinRM - ok
13:37:21.0206 4856 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
13:37:21.0222 4856 Wlansvc - ok
13:37:21.0284 4856 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
13:37:21.0362 4856 WmiAcpi - ok
13:37:21.0425 4856 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
13:37:21.0456 4856 wmiApSrv - ok
13:37:21.0550 4856 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:37:21.0596 4856 WMPNetworkSvc - ok
13:37:21.0628 4856 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
13:37:21.0628 4856 WPCSvc - ok
13:37:21.0674 4856 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
13:37:21.0674 4856 WPDBusEnum - ok
13:37:21.0721 4856 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
13:37:21.0752 4856 WpdUsb - ok
13:37:21.0877 4856 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:37:21.0877 4856 WPFFontCache_v0400 - ok
13:37:21.0924 4856 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:37:21.0940 4856 ws2ifsl - ok
13:37:21.0971 4856 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
13:37:21.0971 4856 wscsvc - ok
13:37:21.0986 4856 WSearch - ok
13:37:22.0423 4856 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
13:37:22.0470 4856 wuauserv - ok
13:37:22.0610 4856 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:22.0610 4856 WUDFRd - ok
13:37:22.0642 4856 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
13:37:22.0642 4856 wudfsvc - ok
13:37:22.0673 4856 MBR (0x1B8) (8c9f9e03865c35f0f3829a23cda42f5d) \Device\Harddisk0\DR0
13:37:26.0074 4856 \Device\Harddisk0\DR0 - ok
13:37:26.0105 4856 Boot (0x1200) (4eceb69f07d61343f8ce194208bc7937) \Device\Harddisk0\DR0\Partition0
13:37:26.0120 4856 \Device\Harddisk0\DR0\Partition0 - ok
13:37:26.0120 4856 ============================================================
13:37:26.0120 4856 Scan finished
13:37:26.0120 4856 ============================================================
13:37:26.0136 5568 Detected object count: 0
13:37:26.0136 5568 Actual detected object count: 0
13:37:52.0422 4960 ============================================================
13:37:52.0422 4960 Scan started
13:37:52.0422 4960 Mode: Manual; SigCheck; TDLFS;
13:37:52.0422 4960 ============================================================
13:37:52.0656 4960 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
13:37:52.0781 4960 ACPI - ok
13:37:52.0828 4960 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:37:52.0906 4960 AdobeFlashPlayerUpdateSvc - ok
13:37:52.0937 4960 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:37:52.0999 4960 adp94xx - ok
13:37:53.0062 4960 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:37:53.0093 4960 adpahci - ok
13:37:53.0140 4960 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:37:53.0155 4960 adpu160m - ok
13:37:53.0186 4960 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:37:53.0218 4960 adpu320 - ok
13:37:53.0249 4960 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:37:53.0280 4960 AeLookupSvc - ok
13:37:53.0311 4960 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
13:37:53.0358 4960 AFD - ok
13:37:53.0374 4960 AgereModemAudio (8ed60797908fd394eee0d6949f493224) C:\Windows\system32\agrsmsvc.exe
13:37:53.0467 4960 AgereModemAudio - ok
13:37:53.0545 4960 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
13:37:53.0654 4960 AgereSoftModem - ok
13:37:53.0686 4960 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:37:53.0701 4960 agp440 - ok
13:37:53.0732 4960 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:37:53.0748 4960 aic78xx - ok
13:37:53.0779 4960 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:37:53.0842 4960 ALG - ok
13:37:53.0873 4960 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:37:53.0888 4960 aliide - ok
13:37:53.0935 4960 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:37:53.0951 4960 amdagp - ok
13:37:53.0982 4960 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:37:53.0998 4960 amdide - ok
13:37:54.0044 4960 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:37:54.0122 4960 AmdK7 - ok
13:37:54.0154 4960 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
13:37:54.0200 4960 AmdK8 - ok
13:37:54.0247 4960 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:37:54.0310 4960 Appinfo - ok
13:37:54.0388 4960 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:37:54.0434 4960 Apple Mobile Device - ok
13:37:54.0481 4960 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:37:54.0497 4960 arc - ok
13:37:54.0544 4960 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:37:54.0559 4960 arcsas - ok
13:37:54.0575 4960 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:37:54.0606 4960 AsyncMac - ok
13:37:54.0622 4960 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
13:37:54.0637 4960 atapi - ok
13:37:54.0684 4960 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
13:37:54.0746 4960 AudioEndpointBuilder - ok
13:37:54.0762 4960 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
13:37:54.0793 4960 Audiosrv - ok
13:37:54.0840 4960 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:37:54.0871 4960 Beep - ok
13:37:54.0887 4960 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
13:37:54.0949 4960 BFE - ok
13:37:55.0105 4960 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120711.002\BHDrvx86.sys
13:37:55.0214 4960 BHDrvx86 - ok
13:37:55.0277 4960 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
13:37:55.0355 4960 BITS - ok
13:37:55.0417 4960 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:37:55.0480 4960 blbdrive - ok
13:37:55.0573 4960 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
13:37:55.0620 4960 Bonjour Service - ok
13:37:55.0651 4960 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
13:37:55.0729 4960 bowser - ok
13:37:55.0776 4960 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:37:55.0807 4960 BrFiltLo - ok
13:37:55.0823 4960 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:37:55.0854 4960 BrFiltUp - ok
13:37:55.0870 4960 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:37:55.0901 4960 Browser - ok
13:37:55.0932 4960 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:37:55.0994 4960 Brserid - ok
13:37:56.0088 4960 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:37:56.0166 4960 BrSerWdm - ok
13:37:56.0213 4960 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:37:56.0260 4960 BrUsbMdm - ok
13:37:56.0275 4960 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:37:56.0353 4960 BrUsbSer - ok
13:37:56.0384 4960 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:37:56.0478 4960 BTHMODEM - ok
13:37:56.0509 4960 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
13:37:56.0540 4960 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
13:37:56.0540 4960 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
13:37:56.0665 4960 catchme - ok
13:37:56.0728 4960 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
13:37:56.0790 4960 ccHP - ok
13:37:56.0806 4960 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:37:56.0852 4960 cdfs - ok
13:37:56.0899 4960 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
13:37:56.0993 4960 cdrom - ok
13:37:57.0040 4960 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
13:37:57.0086 4960 CertPropSvc - ok
13:37:57.0118 4960 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:37:57.0180 4960 circlass - ok
13:37:57.0211 4960 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
13:37:57.0258 4960 CLFS - ok
13:37:57.0336 4960 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:57.0383 4960 clr_optimization_v2.0.50727_32 - ok
13:37:57.0445 4960 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:57.0508 4960 clr_optimization_v4.0.30319_32 - ok
13:37:57.0523 4960 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:37:57.0554 4960 cmdide - ok
13:37:57.0570 4960 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
13:37:57.0586 4960 Compbatt - ok
13:37:57.0586 4960 COMSysApp - ok
13:37:57.0601 4960 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:37:57.0617 4960 crcdisk - ok
13:37:57.0648 4960 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:37:57.0695 4960 Crusoe - ok
13:37:57.0742 4960 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
13:37:57.0773 4960 CryptSvc - ok
13:37:57.0820 4960 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
13:37:57.0882 4960 DcomLaunch - ok
13:37:58.0038 4960 DeviceMonitorService (0259948ffe5f7e69cd1d8a8e74e0547c) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
13:37:58.0069 4960 DeviceMonitorService - ok
13:37:58.0100 4960 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
13:37:58.0163 4960 DfsC - ok
13:37:58.0272 4960 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
13:37:58.0366 4960 DFSR - ok
13:37:58.0459 4960 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
13:37:58.0506 4960 Dhcp - ok
13:37:58.0553 4960 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
13:37:58.0584 4960 disk - ok
13:37:58.0600 4960 Dnscache (f5a0f1da1ed8b429597e71d27d976e31) C:\Windows\System32\dnsrslvr.dll
13:37:58.0646 4960 Dnscache - ok
13:37:58.0662 4960 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
13:37:58.0693 4960 dot3svc - ok
13:37:58.0724 4960 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:37:58.0771 4960 Dot4 - ok
13:37:58.0787 4960 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:37:58.0834 4960 Dot4Print - ok
13:37:58.0849 4960 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:37:58.0927 4960 dot4usb - ok
13:37:58.0958 4960 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:37:59.0021 4960 DPS - ok
13:37:59.0083 4960 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:37:59.0114 4960 drmkaud - ok
13:37:59.0161 4960 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
13:37:59.0255 4960 DXGKrnl - ok
13:37:59.0286 4960 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:37:59.0317 4960 E1G60 - ok
13:37:59.0348 4960 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:37:59.0380 4960 EapHost - ok
13:37:59.0395 4960 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
13:37:59.0426 4960 Ecache - ok
13:37:59.0489 4960 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:37:59.0567 4960 eeCtrl - ok
13:37:59.0629 4960 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:37:59.0707 4960 ehRecvr - ok
13:37:59.0723 4960 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:37:59.0801 4960 ehSched - ok
13:37:59.0816 4960 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:37:59.0863 4960 ehstart - ok
13:37:59.0910 4960 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:37:59.0972 4960 elxstor - ok
13:38:00.0113 4960 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
13:38:00.0191 4960 EMDMgmt - ok
13:38:00.0300 4960 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:38:00.0316 4960 EraserUtilRebootDrv - ok
13:38:00.0362 4960 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:38:00.0394 4960 ErrDev - ok
13:38:00.0456 4960 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
13:38:00.0472 4960 ETService ( UnsignedFile.Multi.Generic ) - warning
13:38:00.0472 4960 ETService - detected UnsignedFile.Multi.Generic (1)
13:38:00.0503 4960 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
13:38:00.0534 4960 EventSystem - ok
13:38:00.0550 4960 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
13:38:00.0596 4960 exfat - ok
13:38:00.0628 4960 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
13:38:00.0690 4960 fastfat - ok
13:38:00.0752 4960 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:38:00.0799 4960 fdc - ok
13:38:00.0830 4960 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:38:00.0877 4960 fdPHost - ok
13:38:00.0877 4960 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:38:00.0940 4960 FDResPub - ok
13:38:00.0971 4960 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:38:00.0986 4960 FileInfo - ok
13:38:01.0018 4960 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:38:01.0080 4960 Filetrace - ok
13:38:01.0111 4960 FixZeroAccess (d75afe00f1a248d52ab72c991048105c) C:\Windows\system32\drivers\FixZeroAccess.sys
13:38:01.0127 4960 FixZeroAccess - ok
13:38:01.0189 4960 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:38:01.0220 4960 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:38:01.0220 4960 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:38:01.0283 4960 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:38:01.0330 4960 flpydisk - ok
13:38:01.0345 4960 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
13:38:01.0376 4960 FltMgr - ok
13:38:01.0423 4960 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:38:01.0454 4960 FontCache3.0.0.0 - ok
13:38:01.0517 4960 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:38:01.0564 4960 Fs_Rec - ok
13:38:01.0595 4960 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:38:01.0626 4960 gagp30kx - ok
13:38:01.0673 4960 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
13:38:01.0704 4960 GameConsoleService - ok
13:38:01.0720 4960 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
13:38:01.0751 4960 GEARAspiWDM - ok
13:38:01.0766 4960 GIDv2 (20f6c49e2c410fcd32d781f521579bf5) C:\Windows\system32\drivers\GIDv2.sys
13:38:01.0798 4960 GIDv2 - ok
13:38:01.0829 4960 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
13:38:01.0954 4960 gpsvc - ok
13:38:02.0016 4960 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:38:02.0047 4960 gupdate - ok
13:38:02.0063 4960 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:38:02.0094 4960 gupdatem - ok
13:38:02.0125 4960 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:38:02.0156 4960 gusvc - ok
13:38:02.0188 4960 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
13:38:02.0250 4960 HdAudAddService - ok
13:38:02.0266 4960 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:38:02.0312 4960 HDAudBus - ok
13:38:02.0344 4960 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:38:02.0437 4960 HidBth - ok
13:38:02.0453 4960 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:38:02.0531 4960 HidIr - ok
13:38:02.0562 4960 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
13:38:02.0624 4960 hidserv - ok
13:38:02.0656 4960 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
13:38:02.0702 4960 HidUsb - ok
13:38:02.0734 4960 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:38:02.0765 4960 hkmsvc - ok
13:38:02.0812 4960 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:38:02.0843 4960 HpCISSs - ok
13:38:02.0936 4960 hpqcxs08 (a30e97371e38ef45b0757561b2796733) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:38:02.0952 4960 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:38:02.0952 4960 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:38:03.0014 4960 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
13:38:03.0092 4960 HTTP - ok
13:38:03.0170 4960 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:38:03.0186 4960 i2omp - ok
13:38:03.0280 4960 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:38:03.0358 4960 i8042prt - ok
13:38:03.0389 4960 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:38:03.0420 4960 iaStorV - ok
13:38:03.0514 4960 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:38:03.0576 4960 idsvc - ok
13:38:03.0701 4960 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120724.001\IDSvix86.sys
13:38:03.0732 4960 IDSVix86 - ok
13:38:03.0857 4960 IDVaultSvc (a744324e96d6c12a007a4a11e910afdb) C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
13:38:03.0872 4960 IDVaultSvc - ok
13:38:03.0982 4960 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:38:03.0997 4960 iirsp - ok
13:38:04.0060 4960 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
13:38:04.0122 4960 IKEEXT - ok
13:38:04.0138 4960 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
13:38:04.0153 4960 int15 - ok
13:38:04.0247 4960 IntcAzAudAddService (23ebcee9aaa4d6c88728791fab462456) C:\Windows\system32\drivers\RTKVHDA.sys
13:38:04.0309 4960 IntcAzAudAddService - ok
13:38:04.0403 4960 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:38:04.0418 4960 intelide - ok
13:38:04.0434 4960 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:38:04.0481 4960 intelppm - ok
13:38:04.0512 4960 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:38:04.0574 4960 IPBusEnum - ok
13:38:04.0606 4960 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:38:04.0652 4960 IpFilterDriver - ok
13:38:04.0684 4960 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
13:38:04.0715 4960 iphlpsvc - ok
13:38:04.0715 4960 IpInIp - ok
13:38:04.0746 4960 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:38:04.0808 4960 IPMIDRV - ok
13:38:04.0840 4960 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:38:04.0871 4960 IPNAT - ok
13:38:04.0933 4960 iPod Service (6e27978a4755f4789f912f5f49392f7c) C:\Program Files\iPod\bin\iPodService.exe
13:38:05.0027 4960 iPod Service - ok
13:38:05.0105 4960 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:38:05.0136 4960 IRENUM - ok
13:38:05.0183 4960 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:38:05.0198 4960 isapnp - ok
13:38:05.0230 4960 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
13:38:05.0292 4960 iScsiPrt - ok
13:38:05.0323 4960 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:38:05.0370 4960 iteatapi - ok
13:38:05.0401 4960 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:38:05.0417 4960 iteraid - ok
13:38:05.0432 4960 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:38:05.0448 4960 kbdclass - ok
13:38:05.0479 4960 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
13:38:05.0542 4960 kbdhid - ok
13:38:05.0588 4960 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:38:05.0620 4960 KeyIso - ok
13:38:05.0666 4960 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
13:38:05.0698 4960 KSecDD - ok
13:38:05.0760 4960 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:38:05.0854 4960 KtmRm - ok
13:38:05.0947 4960 LanmanServer (05ce901a4472b3fbf9407c94ad1db693) C:\Windows\System32\srvsvc.dll
13:38:06.0041 4960 LanmanServer - ok
13:38:06.0088 4960 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
13:38:06.0119 4960 LanmanWorkstation - ok
13:38:06.0150 4960 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:38:06.0181 4960 lltdio - ok
13:38:06.0212 4960 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:38:06.0275 4960 lltdsvc - ok
13:38:06.0290 4960 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:38:06.0353 4960 lmhosts - ok
13:38:06.0384 4960 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:38:06.0400 4960 LSI_FC - ok
13:38:06.0431 4960 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:38:06.0446 4960 LSI_SAS - ok
13:38:06.0478 4960 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:38:06.0493 4960 LSI_SCSI - ok
13:38:06.0524 4960 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:38:06.0556 4960 luafv - ok
13:38:06.0634 4960 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
13:38:06.0680 4960 McComponentHostService - ok
13:38:06.0712 4960 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:38:06.0758 4960 Mcx2Svc - ok
13:38:06.0821 4960 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:38:06.0836 4960 megasas - ok
13:38:06.0868 4960 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:38:06.0899 4960 MegaSR - ok
13:38:07.0008 4960 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:38:07.0039 4960 Microsoft Office Groove Audit Service - ok
13:38:07.0070 4960 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:38:07.0117 4960 MMCSS - ok
13:38:07.0117 4960 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:38:07.0164 4960 Modem - ok
13:38:07.0195 4960 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:38:07.0242 4960 monitor - ok
13:38:07.0289 4960 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
13:38:07.0336 4960 MotoHelper - ok
13:38:07.0336 4960 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:38:07.0367 4960 mouclass - ok
13:38:07.0367 4960 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:38:07.0398 4960 mouhid - ok
13:38:07.0414 4960 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:38:07.0445 4960 MountMgr - ok
13:38:07.0476 4960 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:38:07.0492 4960 mpio - ok
13:38:07.0538 4960 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:38:07.0616 4960 mpsdrv - ok
13:38:07.0648 4960 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
13:38:07.0726 4960 MpsSvc - ok
13:38:07.0772 4960 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:38:07.0788 4960 Mraid35x - ok
13:38:07.0819 4960 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
13:38:07.0866 4960 MRxDAV - ok
13:38:07.0913 4960 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:38:07.0928 4960 mrxsmb - ok
13:38:07.0944 4960 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:38:07.0991 4960 mrxsmb10 - ok
13:38:08.0022 4960 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:38:08.0100 4960 mrxsmb20 - ok
13:38:08.0147 4960 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
13:38:08.0162 4960 msahci - ok
13:38:08.0178 4960 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:38:08.0209 4960 msdsm - ok
13:38:08.0256 4960 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:38:08.0334 4960 MSDTC - ok
13:38:08.0381 4960 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:38:08.0443 4960 Msfs - ok
13:38:08.0490 4960 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:38:08.0506 4960 msisadrv - ok
13:38:08.0552 4960 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:38:08.0584 4960 MSiSCSI - ok
13:38:08.0599 4960 msiserver - ok
13:38:08.0630 4960 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:38:08.0693 4960 MSKSSRV - ok
13:38:08.0708 4960 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:38:08.0771 4960 MSPCLOCK - ok
13:38:08.0786 4960 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:38:08.0818 4960 MSPQM - ok
13:38:08.0833 4960 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
13:38:08.0849 4960 MsRPC - ok
13:38:08.0864 4960 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:38:08.0896 4960 mssmbios - ok
13:38:08.0942 4960 MSSQL$QSRNVIVO9 - ok
13:38:08.0989 4960 MSSQLServerADHelper100 (8e8e74c953eb0c4f8828d99d6f27fd6f) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:38:09.0020 4960 MSSQLServerADHelper100 - ok
13:38:09.0052 4960 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:38:09.0083 4960 MSTEE - ok
13:38:09.0114 4960 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
13:38:09.0130 4960 Mup - ok
13:38:09.0176 4960 N360 (b4187346f54e362daffe647b25a58d50) C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
13:38:09.0239 4960 N360 - ok
13:38:09.0270 4960 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
13:38:09.0332 4960 napagent - ok
13:38:09.0395 4960 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
13:38:09.0426 4960 NativeWifiP - ok
13:38:09.0535 4960 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120724.033\NAVENG.SYS
13:38:09.0551 4960 NAVENG - ok
13:38:09.0613 4960 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120724.033\NAVEX15.SYS
13:38:09.0738 4960 NAVEX15 - ok
13:38:09.0863 4960 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
13:38:09.0910 4960 NDIS - ok
13:38:09.0925 4960 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:38:09.0956 4960 NdisTapi - ok
13:38:09.0988 4960 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:38:10.0019 4960 Ndisuio - ok
13:38:10.0034 4960 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
13:38:10.0097 4960 NdisWan - ok
13:38:10.0128 4960 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:38:10.0175 4960 NDProxy - ok
13:38:10.0284 4960 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
13:38:10.0300 4960 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:38:10.0300 4960 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:38:10.0331 4960 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:38:10.0378 4960 NetBIOS - ok
13:38:10.0393 4960 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
13:38:10.0456 4960 netbt - ok
13:38:10.0471 4960 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:38:10.0518 4960 Netlogon - ok
13:38:10.0549 4960 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:38:10.0580 4960 Netman - ok
13:38:10.0596 4960 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:38:10.0658 4960 netprofm - ok
13:38:10.0721 4960 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:38:10.0768 4960 NetTcpPortSharing - ok
13:38:10.0830 4960 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:38:10.0846 4960 nfrd960 - ok
13:38:10.0877 4960 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:38:10.0924 4960 NlaSvc - ok
13:38:10.0939 4960 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
13:38:10.0986 4960 Npfs - ok
13:38:10.0986 4960 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:38:11.0033 4960 nsi - ok
13:38:11.0048 4960 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:38:11.0080 4960 nsiproxy - ok
13:38:11.0126 4960 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
13:38:11.0173 4960 Ntfs - ok
13:38:11.0189 4960 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:38:11.0251 4960 ntrigdigi - ok
13:38:11.0267 4960 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:38:11.0298 4960 Null - ok
13:38:11.0360 4960 NVENETFD (c39ad3b818502edfa4b819148b72a0e3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
13:38:11.0407 4960 NVENETFD - ok
13:38:11.0688 4960 nvlddmkm (69d60d2ecd43d0f9f3accc16926e9128) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:38:12.0390 4960 nvlddmkm - ok
13:38:12.0655 4960 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:38:12.0686 4960 nvraid - ok
13:38:12.0718 4960 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:38:12.0733 4960 nvstor - ok
13:38:12.0764 4960 nvstor32 (fa7b8eca6e845b244b7e30a9dcd82c6c) C:\Windows\system32\DRIVERS\nvstor32.sys
13:38:12.0796 4960 nvstor32 - ok
13:38:12.0811 4960 nvsvc (f397a6fa4b83d243ad25a1dc401237a0) C:\Windows\system32\nvvsvc.exe
13:38:12.0874 4960 nvsvc - ok
13:38:12.0905 4960 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:38:12.0920 4960 nv_agp - ok
13:38:12.0936 4960 NwlnkFlt - ok
13:38:12.0936 4960 NwlnkFwd - ok
13:38:13.0061 4960 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:38:13.0123 4960 odserv - ok
13:38:13.0170 4960 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:38:13.0217 4960 ohci1394 - ok
13:38:13.0310 4960 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:38:13.0404 4960 ose - ok
13:38:13.0466 4960 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:38:13.0544 4960 p2pimsvc - ok
13:38:13.0560 4960 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:38:13.0591 4960 p2psvc - ok
13:38:13.0654 4960 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:38:13.0732 4960 Parport - ok
13:38:13.0763 4960 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
13:38:13.0778 4960 partmgr - ok
13:38:13.0794 4960 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:38:13.0841 4960 Parvdm - ok
13:38:13.0872 4960 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:38:13.0903 4960 PcaSvc - ok
13:38:13.0934 4960 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
13:38:13.0950 4960 pci - ok
13:38:13.0966 4960 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
13:38:13.0981 4960 pciide - ok
13:38:14.0012 4960 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:38:14.0028 4960 pcmcia - ok
13:38:14.0090 4960 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:38:14.0184 4960 PEAUTH - ok
13:38:14.0262 4960 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:38:14.0356 4960 pla - ok
13:38:14.0449 4960 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
13:38:14.0496 4960 PlugPlay - ok
13:38:14.0543 4960 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
13:38:14.0574 4960 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:38:14.0574 4960 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:38:14.0636 4960 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:38:14.0668 4960 PNRPAutoReg - ok
13:38:14.0683 4960 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
13:38:14.0714 4960 PNRPsvc - ok
13:38:14.0777 4960 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
13:38:14.0855 4960 PolicyAgent - ok
13:38:14.0933 4960 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:38:14.0980 4960 PptpMiniport - ok
13:38:14.0995 4960 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:38:15.0058 4960 Processor - ok
13:38:15.0089 4960 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
13:38:15.0136 4960 ProfSvc - ok
13:38:15.0167 4960 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:38:15.0198 4960 ProtectedStorage - ok
13:38:15.0229 4960 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
13:38:15.0276 4960 PSched - ok
13:38:15.0323 4960 PxHelp20 (5491e4e7d93804f43abe8ce3c39f5a86) C:\Windows\system32\Drivers\PxHelp20.sys
13:38:15.0338 4960 PxHelp20 - ok
13:38:15.0401 4960 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:38:15.0557 4960 ql2300 - ok
13:38:15.0588 4960 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:38:15.0619 4960 ql40xx - ok
13:38:15.0666 4960 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:38:15.0697 4960 QWAVE - ok
13:38:15.0713 4960 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:38:15.0744 4960 QWAVEdrv - ok
13:38:15.0760 4960 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:38:15.0791 4960 RasAcd - ok
13:38:15.0806 4960 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:38:15.0853 4960 RasAuto - ok
13:38:15.0869 4960 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:38:15.0931 4960 Rasl2tp - ok
13:38:15.0962 4960 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
13:38:16.0056 4960 RasMan - ok
13:38:16.0087 4960 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
13:38:16.0134 4960 RasPppoe - ok
13:38:16.0134 4960 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
13:38:16.0196 4960 RasSstp - ok
13:38:16.0243 4960 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
13:38:16.0290 4960 rdbss - ok
13:38:16.0306 4960 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:38:16.0337 4960 RDPCDD - ok
13:38:16.0384 4960 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:38:16.0415 4960 rdpdr - ok
13:38:16.0430 4960 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:38:16.0524 4960 RDPENCDD - ok
13:38:16.0555 4960 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
13:38:16.0602 4960 RDPWD - ok
13:38:16.0633 4960 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:38:16.0680 4960 RemoteAccess - ok
13:38:16.0711 4960 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
13:38:16.0742 4960 RemoteRegistry - ok
13:38:16.0774 4960 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
13:38:16.0789 4960 RimUsb - ok
13:38:16.0805 4960 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:38:16.0836 4960 RpcLocator - ok
13:38:16.0883 4960 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\System32\rpcss.dll
13:38:16.0930 4960 RpcSs - ok
13:38:17.0023 4960 RsFx0151 (66a54bf20084400a7dd5e3b69e008799) C:\Windows\system32\DRIVERS\RsFx0151.sys
13:38:17.0086 4960 RsFx0151 - ok
13:38:17.0117 4960 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:38:17.0179 4960 rspndr - ok
13:38:17.0210 4960 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
13:38:17.0242 4960 SamSs - ok
13:38:17.0273 4960 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:38:17.0288 4960 sbp2port - ok
13:38:17.0320 4960 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
13:38:17.0366 4960 SCardSvr - ok
13:38:17.0398 4960 Schedule (1d5e99db3c10f4fa034010dc49043ca4) C:\Windows\system32\schedsvc.dll
13:38:17.0460 4960 Schedule - ok
13:38:17.0522 4960 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
13:38:17.0554 4960 SCPolicySvc - ok
13:38:17.0600 4960 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:38:17.0632 4960 SDRSVC - ok
13:38:17.0647 4960 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:38:17.0725 4960 secdrv - ok
13:38:17.0772 4960 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:38:17.0803 4960 seclogon - ok
13:38:17.0819 4960 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
13:38:17.0866 4960 SENS - ok
13:38:17.0897 4960 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:38:17.0944 4960 Serenum - ok
13:38:18.0006 4960 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:38:18.0084 4960 Serial - ok
13:38:18.0131 4960 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:38:18.0162 4960 sermouse - ok
13:38:18.0224 4960 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:38:18.0256 4960 SessionEnv - ok
13:38:18.0287 4960 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
13:38:18.0334 4960 sffdisk - ok
13:38:18.0365 4960 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:38:18.0396 4960 sffp_mmc - ok
13:38:18.0412 4960 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
13:38:18.0458 4960 sffp_sd - ok
13:38:18.0474 4960 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:38:18.0536 4960 sfloppy - ok
13:38:18.0583 4960 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:38:18.0646 4960 SharedAccess - ok
13:38:18.0677 4960 ShellHWDetection (27f10f348e508243f6254846f8370d0d) C:\Windows\System32\shsvcs.dll
13:38:18.0724 4960 ShellHWDetection - ok
13:38:18.0724 4960 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:38:18.0755 4960 sisagp - ok
13:38:18.0786 4960 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:38:18.0817 4960 SiSRaid2 - ok
13:38:18.0833 4960 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:38:18.0848 4960 SiSRaid4 - ok
13:38:18.0973 4960 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
13:38:19.0192 4960 slsvc - ok
13:38:19.0270 4960 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
13:38:19.0301 4960 SLUINotify - ok
13:38:19.0332 4960 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
13:38:19.0379 4960 Smb - ok
13:38:19.0410 4960 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:38:19.0441 4960 SNMPTRAP - ok
13:38:19.0457 4960 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:38:19.0472 4960 spldr - ok
13:38:19.0488 4960 Spooler (846cdf9a3cf4da9b306adfb7d55ee4c2) C:\Windows\System32\spoolsv.exe
13:38:19.0566 4960 Spooler - ok
13:38:19.0628 4960 sprtsvc_ddoctorv2 (c3716ec0d36ad924b6888d794563e647) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
13:38:19.0660 4960 sprtsvc_ddoctorv2 - ok
13:38:19.0722 4960 SQLAgent$QSRNVIVO9 (230c6aa1091190d2fdb40766cbd3dbbd) c:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE
13:38:19.0831 4960 SQLAgent$QSRNVIVO9 - ok
13:38:19.0972 4960 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:38:20.0034 4960 SQLBrowser - ok
13:38:20.0065 4960 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:38:20.0081 4960 SQLWriter - ok
13:38:20.0143 4960 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
13:38:20.0159 4960 SRTSP - ok
13:38:20.0174 4960 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
13:38:20.0190 4960 SRTSPX - ok
13:38:20.0237 4960 srv (8e5fc19b3b38364c5f44ccecec5248e9) C:\Windows\system32\DRIVERS\srv.sys
13:38:20.0252 4960 srv - ok
13:38:20.0284 4960 srv2 (4ceeb95e0b79e48b81f2da0a6c24c64b) C:\Windows\system32\DRIVERS\srv2.sys
13:38:20.0315 4960 srv2 - ok
13:38:20.0330 4960 srvnet (f9c65e1e00a6bbf7c57d9b8ea068c525) C:\Windows\system32\DRIVERS\srvnet.sys
13:38:20.0362 4960 srvnet - ok
13:38:20.0377 4960 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:38:20.0424 4960 SSDPSRV - ok
13:38:20.0455 4960 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:38:20.0486 4960 SstpSvc - ok
13:38:20.0518 4960 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
13:38:20.0564 4960 stisvc - ok
13:38:20.0674 4960 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:38:20.0689 4960 swenum - ok
13:38:20.0767 4960 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
13:38:20.0845 4960 swprv - ok
13:38:20.0876 4960 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:38:20.0892 4960 Symc8xx - ok
13:38:20.0954 4960 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
13:38:20.0970 4960 SymDS - ok
13:38:21.0001 4960 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
13:38:21.0032 4960 SymEFA - ok
13:38:21.0064 4960 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:38:21.0079 4960 SymEvent - ok
13:38:21.0095 4960 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
13:38:21.0126 4960 SymIRON - ok
13:38:21.0142 4960 SYMTDIv (b501d61792d8355eae7eb4f7449a9d99) C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
13:38:21.0173 4960 SYMTDIv - ok
13:38:21.0220 4960 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:38:21.0266 4960 Sym_hi - ok
13:38:21.0298 4960 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:38:21.0313 4960 Sym_u3 - ok
13:38:21.0360 4960 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
13:38:21.0438 4960 SysMain - ok
13:38:21.0500 4960 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:38:21.0532 4960 TabletInputService - ok
13:38:21.0563 4960 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
13:38:21.0610 4960 TapiSrv - ok
13:38:21.0625 4960 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:38:21.0672 4960 TBS - ok
13:38:21.0734 4960 Tcpip (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\drivers\tcpip.sys
13:38:21.0781 4960 Tcpip - ok
13:38:21.0797 4960 Tcpip6 (2eae4500984c2f8dacfb977060300a15) C:\Windows\system32\DRIVERS\tcpip.sys
13:38:21.0859 4960 Tcpip6 - ok
13:38:21.0968 4960 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
13:38:22.0031 4960 tcpipreg - ok
13:38:22.0078 4960 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:38:22.0140 4960 TDPIPE - ok
13:38:22.0171 4960 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:38:22.0202 4960 TDTCP - ok
13:38:22.0218 4960 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
13:38:22.0249 4960 tdx - ok
13:38:22.0265 4960 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
13:38:22.0280 4960 TermDD - ok
13:38:22.0327 4960 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
13:38:22.0390 4960 TermService - ok
13:38:22.0499 4960 Themes (27f10f348e508243f6254846f8370d0d) C:\Windows\system32\shsvcs.dll
13:38:22.0530 4960 Themes - ok
13:38:22.0624 4960 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:38:22.0655 4960 THREADORDER - ok
13:38:22.0670 4960 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:38:22.0717 4960 TrkWks - ok
13:38:22.0748 4960 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
13:38:22.0795 4960 TrustedInstaller - ok
13:38:22.0826 4960 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:38:22.0873 4960 tssecsrv - ok
13:38:22.0889 4960 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:38:22.0936 4960 tunmp - ok
13:38:22.0967 4960 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
13:38:22.0998 4960 tunnel - ok
13:38:23.0014 4960 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:38:23.0029 4960 uagp35 - ok
13:38:23.0076 4960 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
13:38:23.0123 4960 udfs - ok
13:38:23.0170 4960 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:38:23.0216 4960 UI0Detect - ok
13:38:23.0232 4960 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:38:23.0248 4960 uliagpkx - ok
13:38:23.0294 4960 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:38:23.0310 4960 uliahci - ok
13:38:23.0341 4960 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:38:23.0372 4960 UlSata - ok
13:38:23.0404 4960 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:38:23.0419 4960 ulsata2 - ok
13:38:23.0435 4960 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:38:23.0497 4960 umbus - ok
13:38:23.0544 4960 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:38:23.0591 4960 upnphost - ok
13:38:23.0622 4960 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
13:38:23.0653 4960 USBAAPL - ok
13:38:23.0669 4960 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
13:38:23.0747 4960 usbaudio - ok
13:38:23.0809 4960 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:38:23.0856 4960 usbccgp - ok
13:38:23.0903 4960 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:38:23.0965 4960 usbcir - ok
13:38:24.0012 4960 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
13:38:24.0059 4960 usbehci - ok
13:38:24.0106 4960 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
13:38:24.0137 4960 usbhub - ok
13:38:24.0152 4960 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
13:38:24.0184 4960 usbohci - ok
13:38:24.0215 4960 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:38:24.0262 4960 usbprint - ok
13:38:24.0324 4960 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:38:24.0355 4960 usbscan - ok
13:38:24.0386 4960 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:38:24.0449 4960 USBSTOR - ok
13:38:24.0496 4960 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:38:24.0527 4960 usbuhci - ok
13:38:24.0558 4960 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
13:38:24.0605 4960 UxSms - ok
13:38:24.0636 4960 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
13:38:24.0714 4960 vds - ok
13:38:24.0761 4960 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:38:24.0808 4960 vga - ok
13:38:24.0823 4960 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:38:24.0854 4960 VgaSave - ok
13:38:24.0886 4960 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:38:24.0901 4960 viaagp - ok
13:38:24.0917 4960 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:38:24.0948 4960 ViaC7 - ok
13:38:24.0979 4960 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:38:24.0995 4960 viaide - ok
13:38:25.0026 4960 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\Windows\system32\DRIVERS\VNUSB.sys
13:38:25.0057 4960 VNUSB ( UnsignedFile.Multi.Generic ) - warning
13:38:25.0057 4960 VNUSB - detected UnsignedFile.Multi.Generic (1)
13:38:25.0057 4960 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:38:25.0088 4960 volmgr - ok
13:38:25.0104 4960 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
13:38:25.0135 4960 volmgrx - ok
13:38:25.0151 4960 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
13:38:25.0198 4960 volsnap - ok
13:38:25.0229 4960 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:38:25.0244 4960 vsmraid - ok
13:38:25.0322 4960 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
13:38:25.0478 4960 VSS - ok
13:38:25.0510 4960 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
13:38:25.0556 4960 W32Time - ok
13:38:25.0603 4960 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:38:25.0650 4960 WacomPen - ok
13:38:25.0681 4960 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:38:25.0728 4960 Wanarp - ok
13:38:25.0728 4960 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:38:25.0759 4960 Wanarpv6 - ok
13:38:25.0806 4960 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
13:38:25.0853 4960 wcncsvc - ok
13:38:25.0915 4960 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:38:25.0946 4960 WcsPlugInService - ok
13:38:25.0978 4960 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:38:25.0993 4960 Wd - ok
13:38:26.0040 4960 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:38:26.0118 4960 Wdf01000 - ok
13:38:26.0165 4960 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:38:26.0227 4960 WdiServiceHost - ok
13:38:26.0243 4960 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:38:26.0274 4960 WdiSystemHost - ok
13:38:26.0321 4960 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
13:38:26.0383 4960 WebClient - ok
13:38:26.0492 4960 WebDictateService (f62901ad90cf2069ff3529b6c50aafd9) C:\Program Files\NCH Swift Sound\WebDictate\webdictate.exe
13:38:26.0665 4960 WebDictateService ( UnsignedFile.Multi.Generic ) - warning
13:38:26.0665 4960 WebDictateService - detected UnsignedFile.Multi.Generic (1)
13:38:26.0696 4960 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
13:38:26.0743 4960 Wecsvc - ok
13:38:26.0759 4960 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:38:26.0790 4960 wercplsupport - ok
13:38:26.0852 4960 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
13:38:26.0883 4960 WerSvc - ok
13:38:26.0930 4960 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
13:38:26.0977 4960 WinDefend - ok
13:38:26.0977 4960 WinHttpAutoProxySvc - ok
13:38:27.0039 4960 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
13:38:27.0086 4960 Winmgmt - ok
13:38:27.0133 4960 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
13:38:27.0195 4960 WinRM - ok
13:38:27.0258 4960 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
13:38:27.0336 4960 Wlansvc - ok
13:38:27.0414 4960 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
13:38:27.0445 4960 WmiAcpi - ok
13:38:27.0507 4960 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
13:38:27.0587 4960 wmiApSrv - ok
13:38:27.0665 4960 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:38:27.0712 4960 WMPNetworkSvc - ok
13:38:27.0743 4960 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
13:38:27.0775 4960 WPCSvc - ok
13:38:27.0790 4960 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
13:38:27.0806 4960 WPDBusEnum - ok
13:38:27.0853 4960 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
13:38:27.0884 4960 WpdUsb - ok
13:38:27.0977 4960 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:38:28.0055 4960 WPFFontCache_v0400 - ok
13:38:28.0087 4960 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:38:28.0133 4960 ws2ifsl - ok
13:38:28.0165 4960 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
13:38:28.0180 4960 wscsvc - ok
13:38:28.0196 4960 WSearch - ok
13:38:28.0289 4960 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
13:38:28.0508 4960 wuauserv - ok
13:38:28.0804 4960 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:38:28.0835 4960 WUDFRd - ok
13:38:28.0867 4960 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
13:38:28.0898 4960 wudfsvc - ok
13:38:28.0929 4960 MBR (0x1B8) (8c9f9e03865c35f0f3829a23cda42f5d) \Device\Harddisk0\DR0
13:38:33.0515 4960 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:38:33.0515 4960 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:38:33.0547 4960 Boot (0x1200) (4eceb69f07d61343f8ce194208bc7937) \Device\Harddisk0\DR0\Partition0
13:38:33.0547 4960 \Device\Harddisk0\DR0\Partition0 - ok
13:38:33.0547 4960 ============================================================
13:38:33.0547 4960 Scan finished
13:38:33.0547 4960 ============================================================
13:38:33.0562 4952 Detected object count: 9
13:38:33.0562 4952 Actual detected object count: 9
13:39:02.0750 4952 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0750 4952 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0750 4952 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0750 4952 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0765 4952 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0765 4952 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0765 4952 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0765 4952 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0765 4952 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0765 4952 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0765 4952 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0765 4952 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0765 4952 VNUSB ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0765 4952 VNUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0781 4952 WebDictateService ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0781 4952 WebDictateService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:02.0797 4952 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
13:39:02.0812 4952 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
13:39:02.0828 4952 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
13:39:02.0828 4952 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
13:39:02.0843 4952 \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
13:39:03.0031 4952 \Device\Harddisk0\DR0\TDLFS\bwbp.tmp - copied to quarantine
13:39:03.0046 4952 \Device\Harddisk0\DR0\TDLFS\nryd.tmp - copied to quarantine
13:39:03.0046 4952 \Device\Harddisk0\DR0\TDLFS - deleted
13:39:03.0046 4952 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
13:39:20.0549 5280 Deinitialize success
  • 0

#10
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Before we continue can you test your system. Current problems?
  • 0

#11
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Ok. I turned my Norton back on and ran the scan and it says no spy or malware detected. Since I've been on the computer, I do not see any threats dialogue boxes popping up. The computer runs a little slow, but definitely nothing to major from my perspective. Is there something else I should be looking for?

Sydneedshelp
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
That's great news. We need to do standard antivirus scan with Kaspersky VRT. It can take some time to finish (2h - 4h) so please be patient.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#13
sydneedshelp

sydneedshelp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Status: Deleted (events: 2)
7/26/2012 11:07:53 AM Deleted Trojan program Backdoor.Win32.IRCNite.cbq C:\Documents and Settings\All Users\View22\version_4\ilut.dll High
7/26/2012 1:59:52 PM Deleted virus Virus.Win32.ZAccess.m C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir High
  • 0

#14
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi sydneedshelp,

Your logs and system are clean now. I'm glad we fix up your computer.

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Step 2

We need to clean up your PC from programs we used.

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end.

In case that any of the software we used in this fix still remains on your system please delete it manually (Right click on it and select Delete).

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Something to read

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

2. Make Backups of Important Files

Please read this article Home Computer Data Backup.

3. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0

#15
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP