[rajagopal]

I selected delete for TDSkiller filesystem during TDSkiller scan as said in the instructions..

Also ran adwcleaner...

About the remaining issues in my computer - I did not use my computer a lot except for listening songs from disk and running your fixes ... So, I will let you know by Friday or something if I am facing any remaining issues if it sounds good to you ? ..

Please see below for logs -

========================================================TDSKiller log=================================================================

00:04:18.0760 5164 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
00:04:19.0248 5164 ============================================================
00:04:19.0248 5164 Current date / time: 2012/08/16 00:04:19.0248
00:04:19.0248 5164 SystemInfo:
00:04:19.0248 5164
00:04:19.0248 5164 OS Version: 6.1.7600 ServicePack: 0.0
00:04:19.0248 5164 Product type: Workstation
00:04:19.0248 5164 ComputerName: RAJAGOPALKUMAR
00:04:19.0249 5164 UserName: Rajagopal Kumar
00:04:19.0249 5164 Windows directory: C:\windows
00:04:19.0249 5164 System windows directory: C:\windows
00:04:19.0249 5164 Running under WOW64
00:04:19.0249 5164 Processor architecture: Intel x64
00:04:19.0249 5164 Number of processors: 4
00:04:19.0249 5164 Page size: 0x1000
00:04:19.0249 5164 Boot type: Normal boot
00:04:19.0249 5164 ============================================================
00:04:19.0881 5164 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:04:19.0891 5164 ============================================================
00:04:19.0891 5164 \Device\Harddisk0\DR0:
00:04:19.0891 5164 MBR partitions:
00:04:19.0891 5164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:04:19.0891 5164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x34953000
00:04:19.0891 5164 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985800, BlocksNum 0x3C00000
00:04:19.0891 5164 ============================================================
00:04:19.0906 5164 C: <-> \Device\Harddisk0\DR0\Partition2
00:04:19.0946 5164 D: <-> \Device\Harddisk0\DR0\Partition3
00:04:19.0946 5164 ============================================================
00:04:19.0946 5164 Initialize success
00:04:19.0946 5164 ============================================================
00:04:25.0958 3948 ============================================================
00:04:25.0958 3948 Scan started
00:04:25.0958 3948 Mode: Manual; SigCheck; TDLFS;
00:04:25.0958 3948 ============================================================
00:04:26.0113 3948 ================ Scan services =============================
00:04:26.0288 3948 [ 0f348233bd4d326fa513cafb85a9306d ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
00:04:26.0468 3948 1394ohci - ok
00:04:26.0623 3948 [ 3044d0f3feb9ffe8bc953d8f34b5b504 ] A2DDA C:\Users\Rajagopal Kumar\Desktop\EmsisoftEmergencyKit\Run\a2ddax64.sys
00:04:26.0651 3948 A2DDA - ok
00:04:26.0747 3948 [ 5e8efeb338deb1f485420b090fe6c85e ] ac.sharedstore C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
00:04:26.0772 3948 ac.sharedstore - ok
00:04:26.0820 3948 [ b17fc92e0cbce7c0c3f657b866ec7704 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
00:04:26.0856 3948 ACPI - ok
00:04:26.0898 3948 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
00:04:26.0998 3948 AcpiPmi - ok
00:04:27.0039 3948 [ dc201246a14cb3b274df59faf539ab07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
00:04:27.0059 3948 ACPIVPC - ok
00:04:27.0221 3948 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:04:27.0242 3948 AdobeARMservice - ok
00:04:27.0393 3948 AdobeFlashPlayerUpdateSvc - ok
00:04:27.0449 3948 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
00:04:27.0490 3948 adp94xx - ok
00:04:27.0558 3948 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
00:04:27.0593 3948 adpahci - ok
00:04:27.0634 3948 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
00:04:27.0664 3948 adpu320 - ok
00:04:27.0708 3948 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
00:04:27.0908 3948 AeLookupSvc - ok
00:04:27.0968 3948 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\windows\system32\drivers\afd.sys
00:04:28.0058 3948 AFD - ok
00:04:28.0093 3948 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
00:04:28.0118 3948 agp440 - ok
00:04:28.0143 3948 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\windows\System32\alg.exe
00:04:28.0228 3948 ALG - ok
00:04:28.0273 3948 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
00:04:28.0298 3948 aliide - ok
00:04:28.0303 3948 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\windows\system32\DRIVERS\amdide.sys
00:04:28.0323 3948 amdide - ok
00:04:28.0363 3948 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
00:04:28.0433 3948 AmdK8 - ok
00:04:28.0453 3948 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
00:04:28.0503 3948 AmdPPM - ok
00:04:28.0553 3948 [ ec7ebab00a4d8448bab68d1e49b4beb9 ] amdsata C:\windows\system32\drivers\amdsata.sys
00:04:28.0578 3948 amdsata - ok
00:04:28.0623 3948 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
00:04:28.0653 3948 amdsbs - ok
00:04:28.0673 3948 [ db27766102c7bf7e95140a2aa81d042e ] amdxata C:\windows\system32\drivers\amdxata.sys
00:04:28.0695 3948 amdxata - ok
00:04:28.0733 3948 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\windows\system32\drivers\appid.sys
00:04:28.0853 3948 AppID - ok
00:04:28.0880 3948 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\windows\System32\appidsvc.dll
00:04:28.0988 3948 AppIDSvc - ok
00:04:29.0024 3948 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\windows\System32\appinfo.dll
00:04:29.0096 3948 Appinfo - ok
00:04:29.0151 3948 [ c484f8ceb1717c540242531db7845c4e ] arc C:\windows\system32\DRIVERS\arc.sys
00:04:29.0174 3948 arc - ok
00:04:29.0181 3948 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
00:04:29.0204 3948 arcsas - ok
00:04:29.0214 3948 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
00:04:29.0325 3948 AsyncMac - ok
00:04:29.0358 3948 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\windows\system32\DRIVERS\atapi.sys
00:04:29.0380 3948 atapi - ok
00:04:29.0431 3948 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
00:04:29.0533 3948 AudioEndpointBuilder - ok
00:04:29.0548 3948 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioSrv C:\windows\System32\Audiosrv.dll
00:04:29.0638 3948 AudioSrv - ok
00:04:29.0672 3948 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\windows\System32\AxInstSV.dll
00:04:29.0767 3948 AxInstSV - ok
00:04:29.0802 3948 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
00:04:29.0882 3948 b06bdrv - ok
00:04:29.0922 3948 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
00:04:29.0972 3948 b57nd60a - ok
00:04:30.0037 3948 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\windows\System32\bdesvc.dll
00:04:30.0107 3948 BDESVC - ok
00:04:30.0152 3948 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\windows\system32\drivers\Beep.sys
00:04:30.0262 3948 Beep - ok
00:04:30.0332 3948 [ 4992c609a6315671463e30f6512bc022 ] BFE C:\windows\System32\bfe.dll
00:04:30.0447 3948 BFE - ok
00:04:30.0666 3948 [ 82c695630676079f7ad68c85a5e662e5 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys
00:04:30.0721 3948 BHDrvx64 - ok
00:04:30.0771 3948 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
00:04:30.0820 3948 blbdrive - ok
00:04:30.0879 3948 [ 19d20159708e152267e53b66677a4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
00:04:30.0957 3948 bowser - ok
00:04:30.0999 3948 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
00:04:31.0052 3948 BrFiltLo - ok
00:04:31.0080 3948 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
00:04:31.0111 3948 BrFiltUp - ok
00:04:31.0145 3948 [ 34f786535f9245e4028c57b28248c9d8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys
00:04:31.0166 3948 Bridge0 - ok
00:04:31.0197 3948 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
00:04:31.0293 3948 BridgeMP - ok
00:04:31.0339 3948 [ 94fbc06f294d58d02361918418f996e3 ] Browser C:\windows\System32\browser.dll
00:04:31.0440 3948 Browser - ok
00:04:31.0470 3948 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\windows\System32\Drivers\Brserid.sys
00:04:31.0522 3948 Brserid - ok
00:04:31.0528 3948 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
00:04:31.0584 3948 BrSerWdm - ok
00:04:31.0590 3948 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
00:04:31.0634 3948 BrUsbMdm - ok
00:04:31.0641 3948 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
00:04:31.0672 3948 BrUsbSer - ok
00:04:31.0737 3948 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
00:04:31.0802 3948 BthEnum - ok
00:04:31.0837 3948 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
00:04:31.0892 3948 BTHMODEM - ok
00:04:31.0922 3948 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
00:04:31.0977 3948 BthPan - ok
00:04:32.0057 3948 [ 21084ceb85280468c9aca3c805c0f8cf ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
00:04:32.0127 3948 BTHPORT - ok
00:04:32.0162 3948 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\windows\system32\bthserv.dll
00:04:32.0257 3948 bthserv - ok
00:04:32.0297 3948 [ 8504842634dd144c075b6b0c982ccec4 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
00:04:32.0342 3948 BTHUSB - ok
00:04:32.0382 3948 [ d3466f77c2c49c6e393ba5fba963a33e ] btusbflt C:\windows\system32\drivers\btusbflt.sys
00:04:32.0402 3948 btusbflt - ok
00:04:32.0437 3948 [ a72a9101f9730db7332714e566614e4d ] btwaudio C:\windows\system32\drivers\btwaudio.sys
00:04:32.0462 3948 btwaudio - ok
00:04:32.0492 3948 [ 5ceec634b617525f2b6ad29f871033f7 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
00:04:32.0517 3948 btwavdt - ok
00:04:32.0627 3948 [ 1ba00f5a3012365cb5b1a5dbabc1943c ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
00:04:32.0677 3948 btwdins - ok
00:04:32.0709 3948 [ 6149301dc3f81d6f9667a3fbac410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
00:04:32.0725 3948 btwl2cap - ok
00:04:32.0768 3948 [ 2af5604d28bef77b7cf4b9d232fe7cd3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
00:04:32.0785 3948 btwrchid - ok
00:04:32.0827 3948 catchme - ok
00:04:32.0853 3948 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
00:04:32.0946 3948 cdfs - ok
00:04:32.0971 3948 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
00:04:33.0022 3948 cdrom - ok
00:04:33.0064 3948 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\windows\System32\certprop.dll
00:04:33.0172 3948 CertPropSvc - ok
00:04:33.0210 3948 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\windows\system32\DRIVERS\circlass.sys
00:04:33.0260 3948 circlass - ok
00:04:33.0314 3948 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\windows\system32\CLFS.sys
00:04:33.0349 3948 CLFS - ok
00:04:33.0417 3948 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:04:33.0440 3948 clr_optimization_v2.0.50727_32 - ok
00:04:33.0480 3948 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:04:33.0502 3948 clr_optimization_v2.0.50727_64 - ok
00:04:33.0571 3948 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:04:33.0595 3948 clr_optimization_v4.0.30319_32 - ok
00:04:33.0661 3948 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:04:33.0680 3948 clr_optimization_v4.0.30319_64 - ok
00:04:33.0705 3948 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
00:04:33.0750 3948 CmBatt - ok
00:04:33.0790 3948 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
00:04:33.0810 3948 cmdide - ok
00:04:33.0860 3948 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\windows\system32\Drivers\cng.sys
00:04:33.0910 3948 CNG - ok
00:04:33.0930 3948 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
00:04:33.0950 3948 Compbatt - ok
00:04:33.0995 3948 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
00:04:34.0045 3948 CompositeBus - ok
00:04:34.0070 3948 COMSysApp - ok
00:04:34.0105 3948 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
00:04:34.0125 3948 crcdisk - ok
00:04:34.0175 3948 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\windows\system32\cryptsvc.dll
00:04:34.0235 3948 CryptSvc - ok
00:04:34.0290 3948 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\windows\system32\rpcss.dll
00:04:34.0400 3948 DcomLaunch - ok
00:04:34.0445 3948 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\windows\System32\defragsvc.dll
00:04:34.0525 3948 defragsvc - ok
00:04:34.0580 3948 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
00:04:34.0650 3948 DfsC - ok
00:04:34.0671 3948 dgderdrv - ok
00:04:34.0710 3948 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\windows\system32\dhcpcore.dll
00:04:34.0820 3948 Dhcp - ok
00:04:34.0851 3948 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\windows\system32\drivers\discache.sys
00:04:34.0960 3948 discache - ok
00:04:35.0003 3948 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\windows\system32\DRIVERS\disk.sys
00:04:35.0027 3948 Disk - ok
00:04:35.0076 3948 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\windows\System32\dnsrslvr.dll
00:04:35.0144 3948 Dnscache - ok
00:04:35.0171 3948 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\windows\System32\dot3svc.dll
00:04:35.0268 3948 dot3svc - ok
00:04:35.0306 3948 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\windows\system32\dps.dll
00:04:35.0410 3948 DPS - ok
00:04:35.0459 3948 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
00:04:35.0487 3948 drmkaud - ok
00:04:35.0543 3948 [ 1633b9abf52784a1331476397a48cbef ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
00:04:35.0591 3948 DXGKrnl - ok
00:04:35.0629 3948 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\windows\System32\eapsvc.dll
00:04:35.0727 3948 EapHost - ok
00:04:35.0832 3948 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
00:04:35.0992 3948 ebdrv - ok
00:04:36.0077 3948 [ 5ccf1be80930aeb1cdebf561666325e8 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:04:36.0112 3948 eeCtrl - ok
00:04:36.0157 3948 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\windows\System32\lsass.exe
00:04:36.0212 3948 EFS - ok
00:04:36.0302 3948 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\windows\ehome\ehRecvr.exe
00:04:36.0382 3948 ehRecvr - ok
00:04:36.0422 3948 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\windows\ehome\ehsched.exe
00:04:36.0467 3948 ehSched - ok
00:04:36.0507 3948 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
00:04:36.0547 3948 elxstor - ok
00:04:36.0587 3948 [ 7a898e4a744621711be7e7b796c69876 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:04:36.0607 3948 EraserUtilRebootDrv - ok
00:04:36.0627 3948 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
00:04:36.0672 3948 ErrDev - ok
00:04:36.0724 3948 esgiguard - ok
00:04:36.0769 3948 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\windows\system32\es.dll
00:04:36.0873 3948 EventSystem - ok
00:04:36.0924 3948 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\windows\system32\drivers\exfat.sys
00:04:37.0026 3948 exfat - ok
00:04:37.0052 3948 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\windows\system32\drivers\fastfat.sys
00:04:37.0127 3948 fastfat - ok
00:04:37.0171 3948 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\windows\system32\fxssvc.exe
00:04:37.0251 3948 Fax - ok
00:04:37.0283 3948 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\windows\system32\DRIVERS\fdc.sys
00:04:37.0326 3948 fdc - ok
00:04:37.0376 3948 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\windows\system32\fdPHost.dll
00:04:37.0453 3948 fdPHost - ok
00:04:37.0470 3948 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\windows\system32\fdrespub.dll
00:04:37.0570 3948 FDResPub - ok
00:04:37.0612 3948 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
00:04:37.0637 3948 FileInfo - ok
00:04:37.0662 3948 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
00:04:37.0735 3948 Filetrace - ok
00:04:37.0755 3948 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
00:04:37.0780 3948 flpydisk - ok
00:04:37.0815 3948 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
00:04:37.0845 3948 FltMgr - ok
00:04:37.0905 3948 [ cb5e4b9c319e3c6bb363eb7e58a4a051 ] FontCache C:\windows\system32\FntCache.dll
00:04:38.0010 3948 FontCache - ok
00:04:38.0065 3948 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:04:38.0080 3948 FontCache3.0.0.0 - ok
00:04:38.0105 3948 [ d43703496149971890703b4b1b723eac ] FsDepends C:\windows\system32\drivers\FsDepends.sys
00:04:38.0125 3948 FsDepends - ok
00:04:38.0175 3948 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
00:04:38.0195 3948 Fs_Rec - ok
00:04:38.0225 3948 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
00:04:38.0260 3948 fvevol - ok
00:04:38.0305 3948 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
00:04:38.0330 3948 gagp30kx - ok
00:04:38.0380 3948 [ af4dee5531395dee72b35b36c9671fd0 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
00:04:38.0395 3948 GEARAspiWDM - ok
00:04:38.0455 3948 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\windows\System32\gpsvc.dll
00:04:38.0535 3948 gpsvc - ok
00:04:38.0610 3948 [ 1d19918788921253843f2b669f4c7f52 ] hcmon C:\windows\system32\drivers\hcmon.sys
00:04:38.0630 3948 hcmon - ok
00:04:38.0640 3948 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
00:04:38.0709 3948 hcw85cir - ok
00:04:38.0755 3948 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
00:04:38.0820 3948 HdAudAddService - ok
00:04:38.0861 3948 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
00:04:38.0913 3948 HDAudBus - ok
00:04:38.0958 3948 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
00:04:38.0976 3948 HECIx64 - ok
00:04:38.0998 3948 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
00:04:39.0022 3948 HidBatt - ok
00:04:39.0029 3948 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
00:04:39.0087 3948 HidBth - ok
00:04:39.0108 3948 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
00:04:39.0160 3948 HidIr - ok
00:04:39.0200 3948 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\windows\System32\hidserv.dll
00:04:39.0298 3948 hidserv - ok
00:04:39.0333 3948 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
00:04:39.0379 3948 HidUsb - ok
00:04:39.0424 3948 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
00:04:39.0522 3948 hkmsvc - ok
00:04:39.0554 3948 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
00:04:39.0627 3948 HomeGroupListener - ok
00:04:39.0646 3948 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\windows\system32\provsvc.dll
00:04:39.0687 3948 HomeGroupProvider - ok
00:04:39.0732 3948 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
00:04:39.0757 3948 HpSAMD - ok
00:04:39.0798 3948 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\windows\system32\drivers\HTTP.sys
00:04:39.0913 3948 HTTP - ok
00:04:39.0937 3948 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
00:04:39.0959 3948 hwpolicy - ok
00:04:39.0997 3948 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
00:04:40.0024 3948 i8042prt - ok
00:04:40.0063 3948 [ 42e00996dfc13c46366689c0ea8abc5e ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
00:04:40.0094 3948 iaStor - ok
00:04:40.0143 3948 [ 48362e5db5cb2c000c514ee1f3890acd ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:04:40.0160 3948 IAStorDataMgrSvc - ok
00:04:40.0193 3948 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\windows\system32\drivers\iaStorV.sys
00:04:40.0228 3948 iaStorV - ok
00:04:40.0279 3948 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:04:40.0335 3948 idsvc - ok
00:04:40.0420 3948 [ 0b97f1a640ad3d159a7b5d2164c42e50 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111223.001\IDSvia64.sys
00:04:40.0454 3948 IDSVia64 - ok
00:04:40.0704 3948 [ 898ab5bfed7040d7ab07af01885eb944 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
00:04:41.0120 3948 igfx - ok
00:04:41.0189 3948 [ d951d20153e51928f9db2227d6ff5c7a ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
00:04:41.0203 3948 IGRS - ok
00:04:41.0231 3948 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
00:04:41.0254 3948 iirsp - ok
00:04:41.0315 3948 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\windows\System32\ikeext.dll
00:04:41.0417 3948 IKEEXT - ok
00:04:41.0446 3948 [ 4b6363cd4610bb848531bb260b15dfcc ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
00:04:41.0474 3948 Impcd - ok
00:04:41.0570 3948 [ 0adf714079ae174a39d69036143e4c50 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
00:04:41.0663 3948 IntcAzAudAddService - ok
00:04:41.0683 3948 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\windows\system32\DRIVERS\intelide.sys
00:04:41.0708 3948 intelide - ok
00:04:41.0728 3948 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
00:04:41.0773 3948 intelppm - ok
00:04:41.0828 3948 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\windows\system32\ipbusenum.dll
00:04:41.0933 3948 IPBusEnum - ok
00:04:41.0968 3948 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
00:04:42.0049 3948 IpFilterDriver - ok
00:04:42.0107 3948 [ f8e058d17363ec580e4b7232778b6cb5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
00:04:42.0197 3948 iphlpsvc - ok
00:04:42.0225 3948 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
00:04:42.0266 3948 IPMIDRV - ok
00:04:42.0305 3948 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
00:04:42.0410 3948 IPNAT - ok
00:04:42.0437 3948 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\windows\system32\drivers\irenum.sys
00:04:42.0472 3948 IRENUM - ok
00:04:42.0482 3948 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
00:04:42.0506 3948 isapnp - ok
00:04:42.0528 3948 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
00:04:42.0558 3948 iScsiPrt - ok
00:04:42.0571 3948 [ 7dbafe10c1b777305c80bea42fbda710 ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
00:04:42.0619 3948 k57nd60a - ok
00:04:42.0653 3948 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
00:04:42.0676 3948 kbdclass - ok
00:04:42.0714 3948 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
00:04:42.0757 3948 kbdhid - ok
00:04:42.0791 3948 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\windows\system32\lsass.exe
00:04:42.0812 3948 KeyIso - ok
00:04:42.0852 3948 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
00:04:42.0877 3948 KSecDD - ok
00:04:42.0891 3948 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
00:04:42.0918 3948 KSecPkg - ok
00:04:42.0959 3948 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
00:04:43.0057 3948 ksthunk - ok
00:04:43.0095 3948 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\windows\system32\msdtckrm.dll
00:04:43.0204 3948 KtmRm - ok
00:04:43.0245 3948 [ 55480b9c63f3f91a8ebbadcbf28fe581 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
00:04:43.0265 3948 L1C - ok
00:04:43.0304 3948 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\windows\System32\srvsvc.dll
00:04:43.0377 3948 LanmanServer - ok
00:04:43.0402 3948 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\windows\System32\wkssvc.dll
00:04:43.0497 3948 LanmanWorkstation - ok
00:04:43.0570 3948 [ 4f83c51720243d6016e6ecd0f2e1b274 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
00:04:43.0601 3948 Lenovo ReadyComm AppSvc - ok
00:04:43.0626 3948 [ 56688ee2c359bb14479b89a50358faa2 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
00:04:43.0660 3948 Lenovo ReadyComm ConnSvc - ok
00:04:43.0683 3948 [ be166935083f9c38edfdc21b9a7a679b ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
00:04:43.0705 3948 LHDmgr - ok
00:04:43.0751 3948 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
00:04:43.0849 3948 lltdio - ok
00:04:43.0890 3948 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\windows\System32\lltdsvc.dll
00:04:43.0974 3948 lltdsvc - ok
00:04:44.0009 3948 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\windows\System32\lmhsvc.dll
00:04:44.0082 3948 lmhosts - ok
00:04:44.0130 3948 [ 1e2f802846eb944e0333efee7c9532a8 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:04:44.0154 3948 LMS - ok
00:04:44.0195 3948 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
00:04:44.0219 3948 LSI_FC - ok
00:04:44.0247 3948 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
00:04:44.0272 3948 LSI_SAS - ok
00:04:44.0292 3948 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
00:04:44.0317 3948 LSI_SAS2 - ok
00:04:44.0329 3948 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
00:04:44.0355 3948 LSI_SCSI - ok
00:04:44.0391 3948 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\windows\system32\drivers\luafv.sys
00:04:44.0491 3948 luafv - ok
00:04:44.0511 3948 MBAMProtector - ok
00:04:44.0537 3948 MBAMService - ok
00:04:44.0597 3948 [ f453d1e6d881e8f8717e20ccd4199e85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
00:04:44.0625 3948 McComponentHostService - ok
00:04:44.0673 3948 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
00:04:44.0720 3948 Mcx2Svc - ok
00:04:44.0751 3948 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
00:04:44.0774 3948 megasas - ok
00:04:44.0784 3948 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
00:04:44.0816 3948 MegaSR - ok
00:04:44.0841 3948 [ 088620da20b98578bfc4b97043f24042 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
00:04:44.0863 3948 mfeavfk - ok
00:04:44.0885 3948 [ 239e677e3e9047550c18b30c26c3ba3e ] mfehidk C:\windows\system32\drivers\mfehidk.sys
00:04:44.0913 3948 mfehidk - ok
00:04:44.0930 3948 [ bb6bdc9029ca71d652eadc40ff78f7cb ] mferkdk C:\windows\system32\drivers\mferkdk.sys
00:04:44.0950 3948 mferkdk - ok
00:04:44.0963 3948 [ 1f56e31db436287581cbe9a5c4c70e0e ] mfesmfk C:\windows\system32\drivers\mfesmfk.sys
00:04:44.0983 3948 mfesmfk - ok
00:04:45.0097 3948 [ 123271bd5237ab991dc5c21fdf8835eb ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:04:45.0117 3948 Microsoft Office Groove Audit Service - ok
00:04:45.0161 3948 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\windows\system32\mmcss.dll
00:04:45.0259 3948 MMCSS - ok
00:04:45.0304 3948 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\windows\system32\drivers\modem.sys
00:04:45.0398 3948 Modem - ok
00:04:45.0428 3948 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\windows\system32\DRIVERS\monitor.sys
00:04:45.0474 3948 monitor - ok
00:04:45.0529 3948 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
00:04:45.0551 3948 mouclass - ok
00:04:45.0591 3948 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
00:04:45.0641 3948 mouhid - ok
00:04:45.0698 3948 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
00:04:45.0718 3948 mountmgr - ok
00:04:45.0823 3948 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:04:45.0843 3948 MozillaMaintenance - ok
00:04:45.0918 3948 [ 94c66ededcdb6a126880472f9a704d8e ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
00:04:45.0948 3948 MpFilter - ok
00:04:45.0978 3948 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\windows\system32\DRIVERS\mpio.sys
00:04:46.0008 3948 mpio - ok
00:04:46.0028 3948 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
00:04:46.0108 3948 mpsdrv - ok
00:04:46.0168 3948 [ aecab449567d1846dad63ece49e893e3 ] MpsSvc C:\windows\system32\mpssvc.dll
00:04:46.0293 3948 MpsSvc - ok
00:04:46.0323 3948 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
00:04:46.0378 3948 MRxDAV - ok
00:04:46.0423 3948 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
00:04:46.0493 3948 mrxsmb - ok
00:04:46.0513 3948 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
00:04:46.0568 3948 mrxsmb10 - ok
00:04:46.0598 3948 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
00:04:46.0623 3948 mrxsmb20 - ok
00:04:46.0678 3948 [ 5c37497276e3b3a5488b23a326a754b7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
00:04:46.0704 3948 msahci - ok
00:04:46.0720 3948 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
00:04:46.0747 3948 msdsm - ok
00:04:46.0768 3948 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\windows\System32\msdtc.exe
00:04:46.0818 3948 MSDTC - ok
00:04:46.0847 3948 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\windows\system32\drivers\Msfs.sys
00:04:46.0925 3948 Msfs - ok
00:04:46.0937 3948 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
00:04:47.0030 3948 mshidkmdf - ok
00:04:47.0050 3948 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
00:04:47.0072 3948 msisadrv - ok
00:04:47.0122 3948 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
00:04:47.0224 3948 MSiSCSI - ok
00:04:47.0230 3948 msiserver - ok
00:04:47.0261 3948 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
00:04:47.0354 3948 MSKSSRV - ok
00:04:47.0395 3948 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
00:04:47.0497 3948 MSPCLOCK - ok
00:04:47.0519 3948 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
00:04:47.0614 3948 MSPQM - ok
00:04:47.0645 3948 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
00:04:47.0678 3948 MsRPC - ok
00:04:47.0700 3948 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
00:04:47.0721 3948 mssmbios - ok
00:04:47.0743 3948 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
00:04:47.0837 3948 MSTEE - ok
00:04:47.0867 3948 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
00:04:47.0916 3948 MTConfig - ok
00:04:47.0939 3948 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\windows\system32\Drivers\mup.sys
00:04:47.0963 3948 Mup - ok
00:04:48.0054 3948 [ e78a365cc3e0fbfc018a33dce01909f8 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
00:04:48.0077 3948 N360 - ok
00:04:48.0128 3948 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\windows\system32\qagentRT.dll
00:04:48.0215 3948 napagent - ok
00:04:48.0260 3948 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
00:04:48.0320 3948 NativeWifiP - ok
00:04:48.0405 3948 [ 2dbe90210de76be6e1653bb20ec70ec2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111224.017\ENG64.SYS
00:04:48.0425 3948 NAVENG - ok
00:04:48.0505 3948 [ 346da70e203b8e2c850277713de8f71b ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111224.017\EX64.SYS
00:04:48.0625 3948 NAVEX15 - ok
00:04:48.0694 3948 [ cad515dbd07d082bb317d9928ce8962c ] NDIS C:\windows\system32\drivers\ndis.sys
00:04:48.0770 3948 NDIS - ok
00:04:48.0808 3948 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
00:04:48.0903 3948 NdisCap - ok
00:04:48.0934 3948 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
00:04:49.0034 3948 NdisTapi - ok
00:04:49.0072 3948 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
00:04:49.0147 3948 Ndisuio - ok
00:04:49.0177 3948 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
00:04:49.0249 3948 NdisWan - ok
00:04:49.0261 3948 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\windows\system32\drivers\NDProxy.sys
00:04:49.0357 3948 NDProxy - ok
00:04:49.0387 3948 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
00:04:49.0486 3948 NetBIOS - ok
00:04:49.0513 3948 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\windows\system32\DRIVERS\netbt.sys
00:04:49.0615 3948 NetBT - ok
00:04:49.0646 3948 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\windows\system32\lsass.exe
00:04:49.0671 3948 Netlogon - ok
00:04:49.0698 3948 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\windows\System32\netman.dll
00:04:49.0803 3948 Netman - ok
00:04:49.0843 3948 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\windows\System32\netprofm.dll
00:04:49.0953 3948 netprofm - ok
00:04:49.0993 3948 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:04:50.0013 3948 NetTcpPortSharing - ok
00:04:50.0193 3948 [ 4d85a450edef10c38882182753a49aae ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
00:04:50.0478 3948 NETw5s64 - ok
00:04:50.0638 3948 [ 64428dfdaf6e88366cb51f45a79c5f69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
00:04:50.0907 3948 netw5v64 - ok
00:04:50.0965 3948 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
00:04:50.0989 3948 nfrd960 - ok
00:04:51.0026 3948 [ 91b4e0273d2f6c24ef845f2b41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
00:04:51.0048 3948 NisDrv - ok
00:04:51.0109 3948 [ 10a43829a9e606af3eef25a1c1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
00:04:51.0142 3948 NisSrv - ok
00:04:51.0226 3948 [ c9161bc998b33ca78a728c842ac6bdf6 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
00:04:51.0252 3948 NitroReaderDriverReadSpool2 - ok
00:04:51.0297 3948 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\windows\System32\nlasvc.dll
00:04:51.0381 3948 NlaSvc - ok
00:04:51.0400 3948 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\windows\system32\drivers\Npfs.sys
00:04:51.0496 3948 Npfs - ok
00:04:51.0516 3948 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\windows\system32\nsisvc.dll
00:04:51.0612 3948 nsi - ok
00:04:51.0647 3948 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
00:04:51.0741 3948 nsiproxy - ok
00:04:51.0806 3948 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\windows\system32\drivers\Ntfs.sys
00:04:51.0896 3948 Ntfs - ok
00:04:51.0911 3948 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\windows\system32\drivers\Null.sys
00:04:52.0006 3948 Null - ok
00:04:52.0051 3948 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\windows\system32\drivers\nvraid.sys
00:04:52.0076 3948 nvraid - ok
00:04:52.0121 3948 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\windows\system32\drivers\nvstor.sys
00:04:52.0146 3948 nvstor - ok
00:04:52.0186 3948 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
00:04:52.0211 3948 nv_agp - ok
00:04:52.0321 3948 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:04:52.0351 3948 odserv - ok
00:04:52.0361 3948 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
00:04:52.0406 3948 ohci1394 - ok
00:04:52.0471 3948 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:04:52.0496 3948 ose - ok
00:04:52.0541 3948 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\windows\system32\pnrpsvc.dll
00:04:52.0611 3948 p2pimsvc - ok
00:04:52.0641 3948 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\windows\system32\p2psvc.dll
00:04:52.0676 3948 p2psvc - ok
00:04:52.0710 3948 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
00:04:52.0737 3948 Parport - ok
00:04:52.0772 3948 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\windows\system32\drivers\partmgr.sys
00:04:52.0796 3948 partmgr - ok
00:04:52.0816 3948 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
00:04:52.0869 3948 PcaSvc - ok
00:04:52.0900 3948 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\windows\system32\DRIVERS\pci.sys
00:04:52.0930 3948 pci - ok
00:04:52.0943 3948 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\windows\system32\DRIVERS\pciide.sys
00:04:52.0966 3948 pciide - ok
00:04:52.0986 3948 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
00:04:53.0017 3948 pcmcia - ok
00:04:53.0041 3948 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\windows\system32\drivers\pcw.sys
00:04:53.0063 3948 pcw - ok
00:04:53.0089 3948 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\windows\system32\drivers\peauth.sys
00:04:53.0198 3948 PEAUTH - ok
00:04:53.0326 3948 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\windows\SysWow64\perfhost.exe
00:04:53.0369 3948 PerfHost - ok
00:04:53.0452 3948 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\windows\system32\pla.dll
00:04:53.0613 3948 pla - ok
00:04:53.0680 3948 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
00:04:53.0719 3948 PlugPlay - ok
00:04:53.0739 3948 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
00:04:53.0764 3948 PNRPAutoReg - ok
00:04:53.0789 3948 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\windows\system32\pnrpsvc.dll
00:04:53.0819 3948 PNRPsvc - ok
00:04:53.0854 3948 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
00:04:53.0974 3948 PolicyAgent - ok
00:04:54.0029 3948 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\windows\system32\umpo.dll
00:04:54.0124 3948 Power - ok
00:04:54.0164 3948 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
00:04:54.0264 3948 PptpMiniport - ok
00:04:54.0304 3948 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\windows\system32\DRIVERS\processr.sys
00:04:54.0354 3948 Processor - ok
00:04:54.0394 3948 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\windows\system32\profsvc.dll
00:04:54.0464 3948 ProfSvc - ok
00:04:54.0479 3948 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\windows\system32\lsass.exe
00:04:54.0504 3948 ProtectedStorage - ok
00:04:54.0529 3948 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
00:04:54.0609 3948 Psched - ok
00:04:54.0614 3948 PS_MDP - ok
00:04:54.0674 3948 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
00:04:54.0774 3948 ql2300 - ok
00:04:54.0801 3948 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
00:04:54.0829 3948 ql40xx - ok
00:04:54.0869 3948 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\windows\system32\qwave.dll
00:04:54.0911 3948 QWAVE - ok
00:04:54.0939 3948 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
00:04:54.0995 3948 QWAVEdrv - ok
00:04:55.0025 3948 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
00:04:55.0124 3948 RasAcd - ok
00:04:55.0163 3948 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
00:04:55.0239 3948 RasAgileVpn - ok
00:04:55.0273 3948 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\windows\System32\rasauto.dll
00:04:55.0360 3948 RasAuto - ok
00:04:55.0401 3948 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
00:04:55.0497 3948 Rasl2tp - ok
00:04:55.0525 3948 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\windows\System32\rasmans.dll
00:04:55.0628 3948 RasMan - ok
00:04:55.0655 3948 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
00:04:55.0746 3948 RasPppoe - ok
00:04:55.0771 3948 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
00:04:55.0876 3948 RasSstp - ok
00:04:55.0906 3948 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
00:04:56.0006 3948 rdbss - ok
00:04:56.0051 3948 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
00:04:56.0096 3948 rdpbus - ok
00:04:56.0131 3948 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
00:04:56.0196 3948 RDPCDD - ok
00:04:56.0211 3948 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
00:04:56.0306 3948 RDPENCDD - ok
00:04:56.0356 3948 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
00:04:56.0431 3948 RDPREFMP - ok
00:04:56.0476 3948 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
00:04:56.0536 3948 RDPWD - ok
00:04:56.0571 3948 [ 634b9a2181d98f15941236886164ec8b ] rdyboost C:\windows\system32\drivers\rdyboost.sys
00:04:56.0601 3948 rdyboost - ok
00:04:56.0606 3948 ReadyComm.DirectRouter - ok
00:04:56.0656 3948 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\windows\System32\mprdim.dll
00:04:56.0754 3948 RemoteAccess - ok
00:04:56.0777 3948 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
00:04:56.0876 3948 RemoteRegistry - ok
00:04:56.0927 3948 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
00:04:56.0982 3948 RFCOMM - ok
00:04:57.0020 3948 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
00:04:57.0118 3948 RpcEptMapper - ok
00:04:57.0163 3948 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\windows\system32\locator.exe
00:04:57.0205 3948 RpcLocator - ok
00:04:57.0236 3948 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\windows\System32\rpcss.dll
00:04:57.0322 3948 RpcSs - ok
00:04:57.0359 3948 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
00:04:57.0457 3948 rspndr - ok
00:04:57.0506 3948 [ 5aab4808e8ccae8c2ecda5b791260616 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
00:04:57.0532 3948 RSUSBSTOR - ok
00:04:57.0546 3948 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\windows\system32\lsass.exe
00:04:57.0573 3948 SamSs - ok
00:04:57.0608 3948 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
00:04:57.0634 3948 sbp2port - ok
00:04:57.0667 3948 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\windows\System32\SCardSvr.dll
00:04:57.0770 3948 SCardSvr - ok
00:04:57.0800 3948 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
00:04:57.0900 3948 scfilter - ok
00:04:57.0955 3948 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\windows\system32\schedsvc.dll
00:04:58.0065 3948 Schedule - ok
00:04:58.0095 3948 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\windows\System32\certprop.dll
00:04:58.0170 3948 SCPolicySvc - ok
00:04:58.0195 3948 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\windows\System32\SDRSVC.dll
00:04:58.0270 3948 SDRSVC - ok
00:04:58.0315 3948 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
00:04:58.0405 3948 secdrv - ok
00:04:58.0430 3948 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\windows\system32\seclogon.dll
00:04:58.0525 3948 seclogon - ok
00:04:58.0550 3948 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\windows\system32\sens.dll
00:04:58.0645 3948 SENS - ok
00:04:58.0675 3948 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\windows\system32\sensrsvc.dll
00:04:58.0739 3948 SensrSvc - ok
00:04:58.0771 3948 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\windows\system32\DRIVERS\serenum.sys
00:04:58.0812 3948 Serenum - ok
00:04:58.0849 3948 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\windows\system32\DRIVERS\serial.sys
00:04:58.0875 3948 Serial - ok
00:04:58.0920 3948 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
00:04:58.0969 3948 sermouse - ok
00:04:59.0026 3948 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\windows\system32\sessenv.dll
00:04:59.0106 3948 SessionEnv - ok
00:04:59.0121 3948 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
00:04:59.0166 3948 sffdisk - ok
00:04:59.0202 3948 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
00:04:59.0254 3948 sffp_mmc - ok
00:04:59.0283 3948 [ 5588b8c6193eb1522490c122eb94dffa ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
00:04:59.0314 3948 sffp_sd - ok
00:04:59.0320 3948 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
00:04:59.0345 3948 sfloppy - ok
00:04:59.0412 3948 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\windows\System32\ipnathlp.dll
00:04:59.0511 3948 SharedAccess - ok
00:04:59.0559 3948 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\windows\System32\shsvcs.dll
00:04:59.0619 3948 ShellHWDetection - ok
00:04:59.0657 3948 [ d5429a7ad73cc9ed8559754038d4e575 ] Shockprf C:\windows\system32\DRIVERS\Apsx64.sys
00:04:59.0676 3948 Shockprf - ok
00:04:59.0707 3948 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
00:04:59.0727 3948 SiSRaid2 - ok
00:04:59.0747 3948 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
00:04:59.0767 3948 SiSRaid4 - ok
00:04:59.0822 3948 [ 6128e98eaaed364ed1a32708d2fd22cb ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:04:59.0842 3948 SkypeUpdate - ok
00:04:59.0852 3948 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\windows\system32\DRIVERS\smb.sys
00:04:59.0937 3948 Smb - ok
00:04:59.0992 3948 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\windows\System32\snmptrap.exe
00:05:00.0037 3948 SNMPTRAP - ok
00:05:00.0062 3948 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\windows\system32\drivers\spldr.sys
00:05:00.0087 3948 spldr - ok
00:05:00.0137 3948 [ f8e1fa03cb70d54a9892ac88b91d1e7b ] Spooler C:\windows\System32\spoolsv.exe
00:05:00.0212 3948 Spooler - ok
00:05:00.0312 3948 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\windows\system32\sppsvc.exe
00:05:00.0462 3948 sppsvc - ok
00:05:00.0487 3948 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\windows\system32\sppuinotify.dll
00:05:00.0582 3948 sppuinotify - ok
00:05:00.0667 3948 [ 90ef30c3867bcde4579c01a6d6e75a7a ] SRTSP C:\windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
00:05:00.0720 3948 SRTSP - ok
00:05:00.0744 3948 [ c513e8a5e7978da49077f5484344ee1b ] SRTSPX C:\windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
00:05:00.0764 3948 SRTSPX - ok
00:05:00.0818 3948 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\windows\system32\DRIVERS\srv.sys
00:05:00.0888 3948 srv - ok
00:05:00.0936 3948 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
00:05:00.0968 3948 srv2 - ok
00:05:01.0008 3948 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
00:05:01.0055 3948 srvnet - ok
00:05:01.0090 3948 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
00:05:01.0187 3948 SSDPSRV - ok
00:05:01.0212 3948 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\windows\system32\sstpsvc.dll
00:05:01.0286 3948 SstpSvc - ok
00:05:01.0315 3948 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
00:05:01.0337 3948 stexstor - ok
00:05:01.0370 3948 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\windows\System32\wiaservc.dll
00:05:01.0435 3948 stisvc - ok
00:05:01.0457 3948 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
00:05:01.0478 3948 swenum - ok
00:05:01.0509 3948 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\windows\System32\swprv.dll
00:05:01.0615 3948 swprv - ok
00:05:01.0659 3948 [ 6160145c7a87fc7672e8e3b886888176 ] SymDS C:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
00:05:01.0689 3948 SymDS - ok
00:05:01.0715 3948 [ 96aeed40d4d3521568b42027687e69e0 ] SymEFA C:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
00:05:01.0765 3948 SymEFA - ok
00:05:01.0815 3948 [ 21a1c2d694c3cf962d31f5e873ab3d6f ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
00:05:01.0835 3948 SymEvent - ok
00:05:01.0875 3948 [ bd0d711d8cbfcaa19ca123306eaf53a5 ] SymIRON C:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
00:05:01.0900 3948 SymIRON - ok
00:05:01.0925 3948 [ a6adb3d83023f8daa0f7b6fda785d83b ] SymNetS C:\windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
00:05:01.0955 3948 SymNetS - ok
00:05:02.0015 3948 [ 05ac84ed54dd46092c045f6fbb8c5d3c ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
00:05:02.0040 3948 SynTP - ok
00:05:02.0100 3948 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\windows\system32\sysmain.dll
00:05:02.0220 3948 SysMain - ok
00:05:02.0245 3948 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\windows\System32\TabSvc.dll
00:05:02.0280 3948 TabletInputService - ok
00:05:02.0305 3948 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\windows\System32\tapisrv.dll
00:05:02.0415 3948 TapiSrv - ok
00:05:02.0480 3948 [ 927d0cdb3f96efc1e98fb1a2c9fb67ad ] tapoas C:\windows\system32\DRIVERS\tapoas.sys
00:05:02.0540 3948 tapoas - ok
00:05:02.0560 3948 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\windows\System32\tbssvc.dll
00:05:02.0640 3948 TBS - ok
00:05:02.0712 3948 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
00:05:02.0793 3948 Tcpip - ok
00:05:02.0857 3948 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
00:05:02.0939 3948 TCPIP6 - ok
00:05:02.0969 3948 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
00:05:03.0044 3948 tcpipreg - ok
00:05:03.0078 3948 [ ccf4225a78d2ca2983c38d60cffbadc8 ] TcUsb C:\windows\system32\Drivers\tcusb.sys
00:05:03.0097 3948 TcUsb - ok
00:05:03.0117 3948 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
00:05:03.0186 3948 TDPIPE - ok
00:05:03.0220 3948 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
00:05:03.0251 3948 TDTCP - ok
00:05:03.0274 3948 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\windows\system32\DRIVERS\tdx.sys
00:05:03.0367 3948 tdx - ok
00:05:03.0522 3948 [ 3e85bdd019e3db66d9471dad7fd6a887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
00:05:03.0632 3948 TeamViewer7 - ok
00:05:03.0671 3948 [ c448651339196c0e869a355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
00:05:03.0695 3948 TermDD - ok
00:05:03.0741 3948 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\windows\System32\termsrv.dll
00:05:03.0851 3948 TermService - ok
00:05:03.0881 3948 [ f0344071948d1a1fa732231785a0664c ] Themes C:\windows\system32\themeservice.dll
00:05:03.0936 3948 Themes - ok
00:05:03.0971 3948 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\windows\system32\mmcss.dll
00:05:04.0046 3948 THREADORDER - ok
00:05:04.0056 3948 [ 184feded95761e9f3c63d20fb829e998 ] TPDIGIMN C:\windows\system32\DRIVERS\ApsHM64.sys
00:05:04.0076 3948 TPDIGIMN - ok
00:05:04.0101 3948 [ a882d31edd28315a8a0ee47f74af15c1 ] TPHDEXLGSVC C:\windows\system32\TPHDEXLG64.exe
00:05:04.0121 3948 TPHDEXLGSVC - ok
00:05:04.0146 3948 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\windows\System32\trkwks.dll
00:05:04.0241 3948 TrkWks - ok
00:05:04.0296 3948 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
00:05:04.0326 3948 TrustedInstaller - ok
00:05:04.0341 3948 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
00:05:04.0431 3948 tssecsrv - ok
00:05:04.0486 3948 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
00:05:04.0581 3948 tunnel - ok
00:05:04.0611 3948 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
00:05:04.0631 3948 uagp35 - ok
00:05:04.0646 3948 [ d47baead86c65d4f4069d7ce0a4edceb ] udfs C:\windows\system32\DRIVERS\udfs.sys
00:05:04.0746 3948 udfs - ok
00:05:04.0786 3948 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\windows\system32\UI0Detect.exe
00:05:04.0815 3948 UI0Detect - ok
00:05:04.0830 3948 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
00:05:04.0853 3948 uliagpkx - ok
00:05:04.0891 3948 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
00:05:04.0935 3948 umbus - ok
00:05:04.0965 3948 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\windows\system32\DRIVERS\umpass.sys
00:05:05.0013 3948 UmPass - ok
00:05:05.0117 3948 [ af905f4966cfc8b973623ab150cd4b2b ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:05:05.0206 3948 UNS - ok
00:05:05.0263 3948 [ e25cfda008ed0c45c1134568e51f9dc4 ] UpekSrvc C:\Program Files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe
00:05:05.0280 3948 UpekSrvc - ok
00:05:05.0317 3948 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\windows\System32\upnphost.dll
00:05:05.0419 3948 upnphost - ok
00:05:05.0481 3948 [ 77b01bc848298223a95d4ec23e1785a1 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
00:05:05.0537 3948 usbaudio - ok
00:05:05.0577 3948 [ 537a4e03d7103c12d42dfd8ffdb5bdc9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
00:05:05.0639 3948 usbccgp - ok
00:05:05.0683 3948 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
00:05:05.0733 3948 usbcir - ok
00:05:05.0773 3948 [ fbb21ebe49f6d560db37ac25fbc68e66 ] usbehci C:\windows\system32\drivers\usbehci.sys
00:05:05.0793 3948 usbehci - ok
00:05:05.0818 3948 [ 6b7a8a99c4a459e73c286a6763ea24cc ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
00:05:05.0848 3948 usbhub - ok
00:05:05.0868 3948 [ 8c88aa7617b4cbc2e4bed61d26b33a27 ] usbohci C:\windows\system32\drivers\usbohci.sys
00:05:05.0913 3948 usbohci - ok
00:05:05.0948 3948 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
00:05:06.0003 3948 usbprint - ok
00:05:06.0043 3948 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
00:05:06.0103 3948 USBSTOR - ok
00:05:06.0133 3948 [ 0b5b3b2df3fd1709618acfa50b8392b0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
00:05:06.0178 3948 usbuhci - ok
00:05:06.0228 3948 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
00:05:06.0293 3948 usbvideo - ok
00:05:06.0323 3948 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\windows\System32\uxsms.dll
00:05:06.0417 3948 UxSms - ok
00:05:06.0447 3948 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\windows\system32\lsass.exe
00:05:06.0472 3948 VaultSvc - ok
00:05:06.0561 3948 [ ed492636ee26ec43daa4baa7ef0da7ad ] VBoxDrv C:\windows\system32\DRIVERS\VBoxDrv.sys
00:05:06.0588 3948 VBoxDrv - ok
00:05:06.0608 3948 [ 58e2365e7fd880624f648c63c5d22009 ] VBoxNetAdp C:\windows\system32\DRIVERS\VBoxNetAdp.sys
00:05:06.0632 3948 VBoxNetAdp - ok
00:05:06.0672 3948 [ 5160910ce602710d7e87f1b35487e7db ] VBoxNetFlt C:\windows\system32\DRIVERS\VBoxNetFlt.sys
00:05:06.0694 3948 VBoxNetFlt - ok
00:05:06.0778 3948 [ 99906a079a6c24d4b8b0dbed02b7869b ] VBoxUSBMon C:\windows\system32\DRIVERS\VBoxUSBMon.sys
00:05:06.0800 3948 VBoxUSBMon - ok
00:05:06.0831 3948 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
00:05:06.0853 3948 vdrvroot - ok
00:05:06.0884 3948 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\windows\System32\vds.exe
00:05:06.0945 3948 vds - ok
00:05:06.0973 3948 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\windows\system32\DRIVERS\vgapnp.sys
00:05:07.0004 3948 vga - ok
00:05:07.0027 3948 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\windows\System32\drivers\vga.sys
00:05:07.0125 3948 VgaSave - ok
00:05:07.0151 3948 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
00:05:07.0181 3948 vhdmp - ok
00:05:07.0201 3948 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
00:05:07.0224 3948 viaide - ok
00:05:07.0264 3948 [ c49ff968cf459dbe57cfadbc36988aae ] vm331avs C:\windows\system32\Drivers\vm331avs.sys
00:05:07.0303 3948 vm331avs - ok
00:05:07.0361 3948 [ 6c551c8b0672c926b80fa8199c8682e7 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
00:05:07.0398 3948 VMUSBArbService - ok
00:05:07.0441 3948 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
00:05:07.0465 3948 volmgr - ok
00:05:07.0487 3948 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\windows\system32\drivers\volmgrx.sys
00:05:07.0522 3948 volmgrx - ok
00:05:07.0541 3948 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
00:05:07.0574 3948 volsnap - ok
00:05:07.0605 3948 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
00:05:07.0633 3948 vsmraid - ok
00:05:07.0708 3948 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\windows\system32\vssvc.exe
00:05:07.0791 3948 VSS - ok
00:05:07.0806 3948 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
00:05:07.0851 3948 vwifibus - ok
00:05:07.0881 3948 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
00:05:07.0916 3948 vwififlt - ok
00:05:07.0961 3948 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\windows\system32\w32time.dll
00:05:08.0046 3948 W32Time - ok
00:05:08.0071 3948 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
00:05:08.0111 3948 WacomPen - ok
00:05:08.0146 3948 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
00:05:08.0226 3948 WANARP - ok
00:05:08.0231 3948 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
00:05:08.0306 3948 Wanarpv6 - ok
00:05:08.0396 3948 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
00:05:08.0496 3948 WatAdminSvc - ok
00:05:08.0561 3948 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\windows\system32\wbengine.exe
00:05:08.0651 3948 wbengine - ok
00:05:08.0671 3948 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
00:05:08.0711 3948 WbioSrvc - ok
00:05:08.0758 3948 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\windows\System32\wcncsvc.dll
00:05:08.0832 3948 wcncsvc - ok
00:05:08.0856 3948 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
00:05:08.0893 3948 WcsPlugInService - ok
00:05:08.0925 3948 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\windows\system32\DRIVERS\wd.sys
00:05:08.0948 3948 Wd - ok
00:05:08.0979 3948 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
00:05:09.0025 3948 Wdf01000 - ok
00:05:09.0037 3948 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\windows\system32\wdi.dll
00:05:09.0093 3948 WdiServiceHost - ok
00:05:09.0098 3948 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\windows\system32\wdi.dll
00:05:09.0137 3948 WdiSystemHost - ok
00:05:09.0178 3948 [ 2a444acf7dd446505bcc801f8f6ae5fd ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys
00:05:09.0196 3948 wdmirror - ok
00:05:09.0251 3948 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\windows\System32\webclnt.dll
00:05:09.0322 3948 WebClient - ok
00:05:09.0348 3948 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\windows\system32\wecsvc.dll
00:05:09.0449 3948 Wecsvc - ok
00:05:09.0472 3948 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\windows\System32\wercplsupport.dll
00:05:09.0551 3948 wercplsupport - ok
00:05:09.0575 3948 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\windows\System32\WerSvc.dll
00:05:09.0654 3948 WerSvc - ok
00:05:09.0682 3948 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
00:05:09.0749 3948 WfpLwf - ok
00:05:09.0779 3948 [ b14ef15bd757fa488f9c970eee9c0d35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
00:05:09.0804 3948 WimFltr - ok
00:05:09.0839 3948 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\windows\system32\drivers\wimmount.sys
00:05:09.0864 3948 WIMMount - ok
00:05:09.0879 3948 WinDefend - ok
00:05:09.0889 3948 WinHttpAutoProxySvc - ok
00:05:09.0949 3948 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
00:05:10.0029 3948 Winmgmt - ok
00:05:10.0099 3948 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\windows\system32\WsmSvc.dll
00:05:10.0279 3948 WinRM - ok
00:05:10.0354 3948 [ 4d52c872018af7e18d078978dcc3f6f2 ] WinUsb C:\windows\system32\DRIVERS\WinUSB.sys
00:05:10.0404 3948 WinUsb - ok
00:05:10.0469 3948 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\windows\System32\wlansvc.dll
00:05:10.0539 3948 Wlansvc - ok
00:05:10.0579 3948 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
00:05:10.0604 3948 WmiAcpi - ok
00:05:10.0634 3948 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
00:05:10.0679 3948 wmiApSrv - ok
00:05:10.0749 3948 WMPNetworkSvc - ok
00:05:10.0783 3948 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\windows\System32\wpcsvc.dll
00:05:10.0822 3948 WPCSvc - ok
00:05:10.0868 3948 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
00:05:10.0913 3948 WPDBusEnum - ok
00:05:10.0969 3948 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
00:05:11.0059 3948 ws2ifsl - ok
00:05:11.0113 3948 [ 8f9f3969933c02da96eb0f84576db43e ] wscsvc C:\windows\system32\wscsvc.dll
00:05:11.0177 3948 wscsvc - ok
00:05:11.0182 3948 WSearch - ok
00:05:11.0209 3948 [ 83575c43b2bfe9ab0661a7f957e843c0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
00:05:11.0232 3948 wsvd - ok
00:05:11.0329 3948 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\windows\system32\wuaueng.dll
00:05:11.0461 3948 wuauserv - ok
00:05:11.0487 3948 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
00:05:11.0590 3948 WudfPf - ok
00:05:11.0621 3948 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
00:05:11.0725 3948 WUDFRd - ok
00:05:11.0752 3948 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\windows\System32\WUDFSvc.dll
00:05:11.0827 3948 wudfsvc - ok
00:05:11.0847 3948 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\windows\System32\wwansvc.dll
00:05:11.0907 3948 WwanSvc - ok
00:05:11.0942 3948 ================ Scan global ===============================
00:05:11.0962 3948 (ba0cd8c393e8c9f83354106093832c7b) C:\windows\system32\basesrv.dll
00:05:12.0002 3948 (0cb6ebf4b461a6043353c570bd72a1e1) C:\windows\system32\winsrv.dll
00:05:12.0012 3948 (0cb6ebf4b461a6043353c570bd72a1e1) C:\windows\system32\winsrv.dll
00:05:12.0042 3948 (d6160f9d869ba3af0b787f971db56368) C:\windows\system32\sxssrv.dll
00:05:12.0082 3948 (24acb7e5be595468e3b9aa488b9b4fcb) C:\windows\system32\services.exe
00:05:12.0087 3948 [Global] - ok
00:05:12.0092 3948 ================ Scan MBR ==================================
00:05:12.0102 3948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:05:12.0492 3948 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:05:12.0492 3948 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:05:12.0492 3948 ================ Scan VBR ==================================
00:05:12.0497 3948 Boot (0x1200) (398a85cda189961c55b8d8817541a83b) \Device\Harddisk0\DR0\Partition1
00:05:12.0502 3948 \Device\Harddisk0\DR0\Partition1 - ok
00:05:12.0527 3948 Boot (0x1200) (1d5c57c67de88a10c06774b509c3a53b) \Device\Harddisk0\DR0\Partition2
00:05:12.0532 3948 \Device\Harddisk0\DR0\Partition2 - ok
00:05:12.0567 3948 Boot (0x1200) (ae294672728b479564e0ac9f5485b316) \Device\Harddisk0\DR0\Partition3
00:05:12.0567 3948 \Device\Harddisk0\DR0\Partition3 - ok
00:05:12.0567 3948 ============================================================
00:05:12.0567 3948 Scan finished
00:05:12.0567 3948 ============================================================
00:05:12.0582 5176 Detected object count: 1
00:05:12.0582 5176 Actual detected object count: 1
00:05:21.0873 5176 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
00:05:21.0878 5176 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
00:05:21.0883 5176 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
00:05:21.0893 5176 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
00:05:21.0913 5176 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
00:05:21.0958 5176 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
00:05:21.0963 5176 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
00:05:21.0963 5176 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
00:05:21.0968 5176 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
00:05:21.0973 5176 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:05:21.0973 5176 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:05:21.0978 5176 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
00:05:21.0978 5176 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
00:05:21.0983 5176 \Device\Harddisk0\DR0\TDLFS - deleted
00:05:21.0983 5176 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete


=======================================================================================================================================

===================================================Adwcleaner log======================================================================


# AdwCleaner v1.801 - Logfile created 08/16/2012 at 00:09:37
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Rajagopal Kumar - RAJAGOPALKUMAR
# Boot Mode : Normal
# Running from : C:\Users\Rajagopal Kumar\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Rajagopal Kumar\AppData\Local\Babylon
Folder Found : C:\Users\Rajagopal Kumar\AppData\Local\Conduit
Folder Found : C:\Users\Rajagopal Kumar\AppData\LocalLow\Conduit
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\user.js

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdate
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Rajagopal Kumar\AppData\Roaming\Mozilla\Firefox\Profiles\u8k2wabt.default\prefs.js

Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "tt=090212_noffx");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "f2f8102e000000000000000000000000");
Found : user_pref("extensions.BabylonToolbar_i.id", "f2f8102e000000000000000000000000");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15386");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:38:15");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.enabledAddons", "[email protected]:2.0.2.039,{972ce4c6-7e08-4474-a285-320[...]

-\\ Google Chrome v21.0.1180.79

File : C:\Users\Rajagopal Kumar\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "homepage": "hxxp://search.babylon.com/?AF=100486&tt=090212_noffx&babsrc=HP_ss&mntrId=f2f8102e[...]
Found : "description": "The fastest way to search the web.",
Found : "homepage": "hxxp://search.babylon.com/?AF=100486&tt=090212_noffx&babsrc=HP_ss&mntrId=f2f8102e000[...]

*************************

AdwCleaner[R1].txt - [6221 octets] - [16/08/2012 00:09:37]

########## EOF - C:\AdwCleaner[R1].txt - [6349 octets] ##########


=======================================================================================================================================

[Advertisements]

Thanks for the update. Friday is fine but in the mean time please re run AdwCleaner and select delete this time. Please post the log it produces.

[CompCav]

Thanks for the update. Friday is fine but in the mean time please re run AdwCleaner and select delete this time. Please post the log it produces.

[rajagopal]

Ran Adwcleaner - please see below for logs -


# AdwCleaner v1.801 - Logfile created 08/16/2012 at 22:13:38
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Rajagopal Kumar - RAJAGOPALKUMAR
# Boot Mode : Normal
# Running from : C:\Users\Rajagopal Kumar\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Rajagopal Kumar\AppData\Local\Babylon
Folder Deleted : C:\Users\Rajagopal Kumar\AppData\Local\Conduit
Folder Deleted : C:\Users\Rajagopal Kumar\AppData\LocalLow\Conduit
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\user.js

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Rajagopal Kumar\AppData\Roaming\Mozilla\Firefox\Profiles\u8k2wabt.default\prefs.js

C:\Users\Rajagopal Kumar\AppData\Roaming\Mozilla\Firefox\Profiles\u8k2wabt.default\user.js ... Deleted !

Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "tt=090212_noffx");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "f2f8102e000000000000000000000000");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "f2f8102e000000000000000000000000");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15386");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:38:15");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.enabledAddons", "[email protected]:2.0.2.039,{972ce4c6-7e08-4474-a285-320[...]

-\\ Google Chrome v21.0.1180.79

File : C:\Users\Rajagopal Kumar\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "homepage": "hxxp://search.babylon.com/?AF=100486&tt=090212_noffx&babsrc=HP_ss&mntrId=f2f8102e[...]
Deleted : "description": "The fastest way to search the web.",
Deleted : "homepage": "hxxp://search.babylon.com/?AF=100486&tt=090212_noffx&babsrc=HP_ss&mntrId=f2f8102e000[...]

*************************

AdwCleaner[R1].txt - [6318 octets] - [16/08/2012 00:09:37]
AdwCleaner[S1].txt - [5359 octets] - [16/08/2012 22:13:38]

########## EOF - C:\AdwCleaner[S1].txt - [5487 octets] ##########

[CompCav]

Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on:

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow Add-On/Active X to install.
• Make sure that the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
  
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log

Please give me an update on how your computer is doing!

[rajagopal]

Hi Compcav,

Sorry for not updating this yesterday....
With regards to other issues in my computer - I
don't see anymore from what I have seen in
the past couple of days...

Please see below for the logs you asked -

=========================malware bytes====================================================

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.19.01

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Rajagopal Kumar :: RAJAGOPALKUMAR [administrator]

8/18/2012 11:27:11 PM
mbam-log-2012-08-18 (23-27-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 197133
Time elapsed: 3 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
==================================================================================================


================================ESET logs==========================================================


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2a166c27d30aa3498b92d4f7a0513fd5
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-08-19 08:32:44
# local_time=2012-08-19 01:32:44 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=3589 16777213 80 80 289672 95934440 0 0
# compatibility_mode=5893 16776574 66 85 96886877 96901794 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=232592
# found=15
# cleaned=15
# scan_time=6820
C:\FRST\Quarantine\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\n Win64/Sirefef.W trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\00000008.@ Win64/Agent.BA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\000000cb.@ Win64/Conedex.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\80000000.@ Win64/Sirefef.AP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\80000032.@ a variant of Win32/Sirefef.FD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\16.08.2012_00.04.19\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Rajagopal Kumar\Downloads\InternationalPrimoPDF.exe Win32/OpenCandy application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Rajagopal Kumar\Downloads\VeohWebPlayerSetup_eng.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C





==================================================================================================================


=========================================checkup.txt logs=========================================================





Results of screen317's Security Check version 0.99.46
Windows 7 x64 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Security Suite
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 31
Java version out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (14.0.1)
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.79
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbam.exe
ESET ESET Online Scanner OnlineScannerApp.exe
ESET ESET Online Scanner OnlineCmdLineScanner.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````




===================================================================================================================

[CompCav]

Please go to windows updates and install SP1.

[rajagopal]

Hello Compcav..Sorry about the delay in reply.. Been a really busy week at office and did not get a chance to touch my personal computer..

There were seventeen updates showing up and I installed just SP1 and disregarded the others.. do you want me to go ahead and install other updates too?

[CompCav]

Yes please do now that you have SP1 installed.

[rajagopal]

I tried to install other updates..everything except for one update(microsoft office file validation add in) failed to install -

error code : 80246008

Do you want the list of updates that failed? There are like 20 of them i think

[CompCav]

Do you want the list of updates that failed?

Hold off on sending the list. Please run the following scan and post the log for me:

Download farbar service scanner to your desktop and then run it.



Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply

[rajagopal]

pls see below for the logs --

Farbar Service Scanner Version: 06-08-2012
Ran by Rajagopal Kumar (administrator) on 25-08-2012 at 15:04:07
Running from "C:\Users\Rajagopal Kumar\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

[CompCav]

Download the following .REG file to your desktop:
 BITS.reg   6.14KB   371 downloads



Execute the following command from an elevated command prompt :

Go Start > >All Programs >> Accessories
Right click command prompt and select run as administrator
In the black box type the following :

sc delete bits

Reboot and then right click on the BITS.reg file and select merge the registry file you downloaded previously .

Then reboot and you can finish your updates.

[rajagopal]

hi,

I downloaded the REG file and then went to command prompt

C:\Users\Rajagopal Kumar> sc delete bits

[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.

I downloaded the REG file to desktop.. Do you want me to run the command from the location where the REG file is downloaded to? Let me knw if I am doing something wrong here,.

[CompCav]

I downloaded the REG file to desktop.

Right click on the BITS.reg file and select merge the registry file you downloaded previously .

Then reboot and you can finish your updates.

[rajagopal]

successfully installed updates !