Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Need help with laptop kdcom.dll corrupt [Solved]

Started by recsite , Aug 20 2012 07:53 PM

This topic is locked

#16
Dakeyras

Posted 24 August 2012 - 05:40 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

I will follow up with any symptoms, etc. after I have used the computer for a while.

OK, in the meantime I will review the logs posted.

#17
Dakeyras

Posted 24 August 2012 - 06:07 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

After a review of the logs posted, the situation appears far better than I was anticipating. So you can view this as a positive sign. However we are not quite out of the woods yet so to speak...

Rebuild BITS Service:

Please download BITs.reg and save to the desktop. <-- Ensure it is saved to the desktop.

Now right-click on BITS.reg >> select Merge >> follow the prompts.

Next:

Out of date Adobe and Java installations pose a security risk. They can be used by malware as a means to infect a computer and or re-infect. We will update both in due course.

Now please go to Start(Windows 7 Orb) >> Control Panel >> Programs and Features and remove the following (if present):

Adobe Reader 9.1
Conduit Engine
Java™ 6 Update 32
Java™ 6 Update 23 (64-bit)
Java™ SE Development Kit 6 Update 27
Pando Media Booster <-- Does not actually improve anything and can be somewhat dubious/bandwidth hog as a whole. Your choice to leave installed or not, though I do advise remove.

To do so click once on each of the above to highlight, then click on Uninstall/Change and follow the prompts.

Next:

Post both a new FSS and OTL log for myself to review and you can also provide myself with the requested update etc.

#18
recsite

Posted 24 August 2012 - 06:28 PM

Member

Topic Starter
Member
50 posts

I will perform the recommended scans shortly. I just want you to know that Norton 360 no longer starts on bootup, nor will it start manually. I don't know if this is a result of anything I did or not. (I discovered it when I went to disable it for the combofix scan and found it not in the tray or running).

#19
Dakeyras

Posted 24 August 2012 - 06:36 PM

Anti-Malware Mammoth

Expert
9,772 posts

OK, noted.

#20
recsite

Posted 24 August 2012 - 06:55 PM

Member

Topic Starter
Member
50 posts

Farbar Service Scanner Version: 06-08-2012
Ran by Marissa (administrator) on 24-08-2012 at 20:42:24
Running from "C:\Users\Marissa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

OTL logfile created on: 8/24/2012 8:46:15 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Marissa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.80 Gb Total Physical Memory | 3.12 Gb Available Physical Memory | 53.83% Memory free
11.61 Gb Paging File | 8.87 Gb Available in Paging File | 76.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 468.40 Gb Free Space | 80.56% Space Free | Partition Type: NTFS

Computer Name: MARISSA-PC | User Name: Marissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Marissa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - \\.\globalroot\systemroot\svchost.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe (Symantec Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (NAT) -- C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe (Symantec Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (NSL) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Symantec Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (SMR310) -- C:\Windows\SysNative\drivers\SMR310.SYS (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NST) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\eng64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120810.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120804.001\BHDrvx64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Marissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPlgn\ [2012/08/24 08:39:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\coFFPlgn\ [2012/08/24 08:39:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 17:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 07:55:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 17:03:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 07:55:50 | 000,000,000 | ---D | M]

[2011/07/20 21:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Extensions
[2012/08/24 08:08:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\d8mmjjj8.default\extensions
[2012/08/19 20:16:33 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\d8mmjjj8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/29 21:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/02 00:20:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[1832/11/29 00:44:26 | 000,004,804 | ---- | M] () (No name found) -- C:\USERS\MARISSA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D8MMJJJ8.DEFAULT\EXTENSIONS\[email protected]
[2012/08/24 17:03:34 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/06 10:50:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/06 10:50:33 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Marissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Extension = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
CHR - Extension: Gmail = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/24 18:52:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files\HP\HP LaserJet Professional CM1410 Series\Fax Driver\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..\Run: [Facebook Update] C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A38C2B-4AD4-4C9D-B912-36D8FD3A644A}: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A38C2B-4AD4-4C9D-B912-36D8FD3A644A}: NameServer = 198.153.192.50,198.153.194.50
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/24 20:36:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/24 20:20:37 | 000,095,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR310.SYS
[2012/08/24 20:02:20 | 000,000,000 | ---D | C] -- C:\Users\Marissa\Desktop\nortonpowereraserwebsite
[2012/08/24 20:00:54 | 002,892,816 | ---- | C] (Symantec Corporation) -- C:\Users\Marissa\Desktop\NPE (1).exe
[2012/08/24 19:36:05 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Marissa\Desktop\FSS.exe
[2012/08/24 19:22:48 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
[2012/08/24 18:52:14 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/24 18:34:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/24 18:34:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/24 18:34:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/24 18:34:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/24 18:33:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/24 18:33:06 | 004,737,458 | R--- | C] (Swearware) -- C:\Users\Marissa\Desktop\ComboFix.exe
[2012/08/24 17:07:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/24 17:05:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Marissa\Desktop\OTL.exe
[2012/08/24 17:05:09 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Marissa\Desktop\aswMBR.exe
[2012/08/24 08:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/24 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/08/24 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/24 07:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/08/24 07:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/24 07:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/08/05 21:10:35 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/05 16:03:56 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.sys
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Anti-Theft
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Anti-Theft
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NATx64
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NATx64\0105000.024
[2012/08/05 15:17:01 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012/08/05 15:05:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2012/08/04 22:24:07 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Local\NPE
[2012/08/04 22:05:37 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/04 22:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/08/04 22:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/04 22:05:24 | 001,092,728 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA64.sys
[2012/08/04 22:05:24 | 000,737,912 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.sys
[2012/08/04 22:05:24 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS64.sys
[2012/08/04 22:05:24 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnets.sys
[2012/08/04 22:05:24 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Ironx64.sys
[2012/08/04 22:05:24 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccSetx64.sys
[2012/08/04 22:05:24 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.sys
[2012/08/04 22:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2012/08/04 22:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0602010.005
[2012/08/04 22:05:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2012/08/04 22:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2012/08/04 21:53:38 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012/08/04 21:23:32 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Local\LogMeIn Rescue Applet
[2012/08/04 20:38:28 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Safe Web Lite
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010
[2012/08/03 16:07:13 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

========== Files - Modified Within 30 Days ==========

[2012/08/24 20:33:29 | 000,006,288 | ---- | M] () -- C:\Users\Marissa\Desktop\BITS.reg
[2012/08/24 20:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/24 20:26:29 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/24 20:26:29 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/24 20:23:51 | 000,727,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/24 20:23:51 | 000,624,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/24 20:23:51 | 000,106,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/24 20:20:44 | 000,000,020 | ---- | M] () -- C:\Windows\SysNative\drivers\SMR310.dat
[2012/08/24 20:20:37 | 000,095,392 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR310.SYS
[2012/08/24 20:19:19 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/24 20:18:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/24 20:18:48 | 378,548,223 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/24 20:14:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-957519283-3269216495-3174932433-1001UA.job
[2012/08/24 20:14:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-957519283-3269216495-3174932433-1001Core.job
[2012/08/24 20:02:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/24 20:00:25 | 002,892,816 | ---- | M] (Symantec Corporation) -- C:\Users\Marissa\Desktop\NPE (1).exe
[2012/08/24 19:36:05 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Marissa\Desktop\FSS.exe
[2012/08/24 18:52:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/24 18:33:06 | 004,737,458 | R--- | M] (Swearware) -- C:\Users\Marissa\Desktop\ComboFix.exe
[2012/08/24 17:05:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marissa\Desktop\OTL.exe
[2012/08/24 17:05:24 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Marissa\Desktop\aswMBR.exe
[2012/08/24 13:55:28 | 700,109,546 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/24 08:02:29 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/24 08:00:00 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/24 07:57:02 | 002,221,839 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Cat.DB
[2012/08/24 07:55:45 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/22 10:37:57 | 000,000,512 | ---- | M] () -- C:\Users\Marissa\Desktop\MBR.dat
[2012/08/19 20:27:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/19 20:27:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/06 22:13:34 | 000,127,537 | ---- | M] () -- C:\Users\Marissa\Documents\Common Application.pdf
[2012/08/06 22:13:34 | 000,001,416 | ---- | M] () -- C:\Users\Marissa\Documents\Einstein.html
[2012/08/06 22:13:34 | 000,001,153 | ---- | M] () -- C:\Users\Marissa\Documents\hi.html
[2012/08/06 22:12:25 | 000,023,047 | ---- | M] () -- C:\Users\Marissa\Documents\RichardStocktonSupplements.pdf
[2012/08/06 22:12:24 | 000,037,068 | ---- | M] () -- C:\Users\Marissa\Documents\SetonHallSuplements.pdf
[2012/08/06 22:12:23 | 000,002,141 | ---- | M] () -- C:\Users\Marissa\Documents\Snowman.html
[2012/08/06 22:12:23 | 000,000,259 | ---- | M] () -- C:\Users\Marissa\Documents\Snoopy.html
[2012/08/06 21:54:54 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\My Identity Protection.url
[2012/08/06 17:26:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/08/06 17:26:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/08/05 16:03:56 | 000,002,450 | ---- | M] () -- C:\Users\Public\Desktop\Norton Anti-Theft.lnk
[2012/08/05 16:02:57 | 000,001,285 | ---- | M] () -- C:\Users\Marissa\Desktop\Norton Installation Files.lnk
[2012/08/05 01:06:00 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\VT20120410.034
[2012/08/04 22:05:37 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/04 22:05:37 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/04 22:05:37 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/04 22:05:34 | 000,002,373 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/07/29 21:12:23 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/26 17:50:22 | 000,000,456 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Marissa.job

========== Files Created - No Company Name ==========

[2012/08/24 20:33:29 | 000,006,288 | ---- | C] () -- C:\Users\Marissa\Desktop\BITS.reg
[2012/08/24 20:20:38 | 000,000,020 | ---- | C] () -- C:\Windows\SysNative\drivers\SMR310.dat
[2012/08/24 18:34:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/24 18:34:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/24 18:34:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/24 18:34:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/24 18:34:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/24 08:00:00 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/24 07:55:45 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/22 10:37:57 | 000,000,512 | ---- | C] () -- C:\Users\Marissa\Desktop\MBR.dat
[2012/08/06 17:26:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/08/06 17:26:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/08/05 16:03:56 | 000,002,450 | ---- | C] () -- C:\Users\Public\Desktop\Norton Anti-Theft.lnk
[2012/08/05 16:03:54 | 000,007,468 | R--- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.cat
[2012/08/05 16:03:54 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.inf
[2012/08/05 16:03:54 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\isolate.ini
[2012/08/05 01:06:07 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\VT20120410.034
[2012/08/04 22:05:39 | 002,221,839 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Cat.DB
[2012/08/04 22:05:37 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/04 22:05:37 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/04 22:05:34 | 000,002,373 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/08/04 22:05:19 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS64.cat
[2012/08/04 22:05:19 | 000,007,468 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccsetx64.cat
[2012/08/04 22:05:19 | 000,007,462 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.cat
[2012/08/04 22:05:19 | 000,007,460 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA64.cat
[2012/08/04 22:05:19 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnet64.cat
[2012/08/04 22:05:19 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.cat
[2012/08/04 22:05:19 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\iron.cat
[2012/08/04 22:05:19 | 000,004,782 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymVTcer.dat
[2012/08/04 22:05:19 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA.inf
[2012/08/04 22:05:19 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS.inf
[2012/08/04 22:05:19 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymNet.inf
[2012/08/04 22:05:19 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.inf
[2012/08/04 22:05:19 | 000,001,419 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.inf
[2012/08/04 22:05:19 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccSetx64.inf
[2012/08/04 22:05:19 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Iron.inf
[2012/08/04 22:05:19 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\isolate.ini
[2012/08/04 21:53:38 | 000,001,285 | ---- | C] () -- C:\Users\Marissa\Desktop\Norton Installation Files.lnk
[2012/08/04 20:38:27 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.cat
[2012/08/04 20:38:27 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.inf
[2012/08/04 20:38:27 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\isolate.ini
[2012/08/03 16:01:49 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L\00000004.@
[2012/01/10 23:42:09 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
[2012/01/10 23:42:09 | 000,002,048 | -HS- | C] () -- C:\Users\Marissa\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
[2012/01/10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/03 21:22:41 | 000,003,584 | ---- | C] () -- C:\Users\Marissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/02 20:44:30 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/11/02 19:13:13 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/03 20:28:17 | 000,000,145 | ---- | C] () -- C:\Users\Marissa\.appletviewer
[2011/09/24 19:18:54 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2011/08/04 09:49:45 | 000,011,702 | -HS- | C] () -- C:\Users\Marissa\AppData\Local\jkc80qem5smc266
[2011/08/04 09:49:45 | 000,011,702 | -HS- | C] () -- C:\ProgramData\jkc80qem5smc266
[2011/06/21 12:32:03 | 000,000,498 | ---- | C] () -- C:\Windows\eReg.dat
[2011/03/28 08:04:54 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/03/28 08:04:52 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/03/28 08:04:52 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/03/28 08:04:52 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/03/28 08:04:52 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/03/28 08:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/03/28 08:04:52 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/03/28 05:44:55 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/12/09 20:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini

< End of report >

#21
recsite

Posted 24 August 2012 - 07:05 PM

Member

Topic Starter
Member
50 posts

Did you want the "extras" text posted?

#22
Dakeyras

Posted 25 August 2012 - 06:07 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Did you want the "extras" text posted?

No need at this time.

Going back to the Norton 360 problem you mentioned, is the subscription still active?

Next:

Click on Start(Windows 7 Orb) >> Run...(or launch the Run Box via depressing both the Windows key and R together).
Cut and paste in the following:-

services.msc

Click on OK >> the Services window should now appear.
Locate then right-click on the Background Intelligent Transfer Service and select Properties.
On the General tab, next to Startup type:, ensure that Automatic (Delayed Start) is selected(if it is not) >> click on Apply then OK.
Close the Services window. Then reboot(restart) the machine.

Malwarebytes Anti-Malware:

Note: Remember to right click MBAM and select Run As Administrator.

Launch the application, Check for Updates >> Perform quick scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Scan with TDSSKiller:

Please download TDSSKiller.zip and extract (unzip) it to your Desktop.

Right-click on TDSSKiller.exe and select Run As Administrator to launch it.
When the window opens, click on Change Parameters
Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
Click on Start Scan, the scan will run.
When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
A Report will have been created by TDSSKiller in your root directory C:\
To find the log go to Start(Windows 7 Orb) > Computer > C:
Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!

When completed the above, please post back the following in the order asked for:

How is your computer performing now, any further symptoms and or problems encountered?
Answer to my Norton 360 query
Malwarebytes Anti-Malware Log.
TDSSKiller Log.
A new set of both FSS and OTL Logs.

#23
recsite

Posted 25 August 2012 - 08:04 AM

Member

Topic Starter
Member
50 posts

I right clicked MBAM, run as administrator, and got a popup saying the database and files were missing or corrupt, do I want to download a new copy. said yes and blue screened after file downloaded. Was able to see message on blue screen "Bad_Pool_File" or something similar. Rebooted, went through windows repair popup then it came back normally. The Norton 360 subscription is still active, I just started it about 3 weeks ago. Will post results shortly.

#24
Dakeyras

Posted 25 August 2012 - 08:22 AM

Anti-Malware Mammoth

Expert
9,772 posts

Acknowledged.

#25
recsite

Posted 25 August 2012 - 08:38 AM

Member

Topic Starter
Member
50 posts

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.25.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Marissa :: MARISSA-PC [administrator]

8/25/2012 10:01:50 AM
mbam-log-2012-08-25 (10-01-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204792
Time elapsed: 4 minute(s), 1 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 4952 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\Users\Marissa\Downloads\7zip_installer_1650.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\digitaldj(1).exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\digitaldj(2).exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\digitaldj.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\mplayer_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\musicoasis.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.
C:\Users\Marissa\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

10:22:57.0697 8844 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:22:58.0049 8844 ============================================================
10:22:58.0049 8844 Current date / time: 2012/08/25 10:22:58.0049
10:22:58.0049 8844 SystemInfo:
10:22:58.0049 8844
10:22:58.0049 8844 OS Version: 6.1.7601 ServicePack: 1.0
10:22:58.0049 8844 Product type: Workstation
10:22:58.0049 8844 ComputerName: MARISSA-PC
10:22:58.0050 8844 UserName: Marissa
10:22:58.0050 8844 Windows directory: C:\Windows
10:22:58.0050 8844 System windows directory: C:\Windows
10:22:58.0050 8844 Running under WOW64
10:22:58.0050 8844 Processor architecture: Intel x64
10:22:58.0050 8844 Number of processors: 4
10:22:58.0050 8844 Page size: 0x1000
10:22:58.0050 8844 Boot type: Normal boot
10:22:58.0050 8844 ============================================================
10:22:58.0601 8844 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:22:58.0606 8844 ============================================================
10:22:58.0606 8844 \Device\Harddisk0\DR0:
10:22:58.0606 8844 MBR partitions:
10:22:58.0606 8844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
10:22:58.0606 8844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
10:22:58.0606 8844 ============================================================
10:22:58.0632 8844 C: <-> \Device\Harddisk0\DR0\Partition2
10:22:58.0632 8844 ============================================================
10:22:58.0632 8844 Initialize success
10:22:58.0632 8844 ============================================================
10:23:35.0944 7904 ============================================================
10:23:35.0944 7904 Scan started
10:23:35.0944 7904 Mode: Manual; SigCheck; TDLFS;
10:23:35.0944 7904 ============================================================
10:23:40.0249 7904 ================ Scan system memory ========================
10:23:40.0249 7904 System memory - ok
10:23:40.0249 7904 ================ Scan services =============================
10:23:40.0438 7904 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:23:40.0536 7904 1394ohci - ok
10:23:40.0574 7904 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:23:40.0594 7904 ACPI - ok
10:23:40.0632 7904 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:23:40.0712 7904 AcpiPmi - ok
10:23:40.0870 7904 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:23:40.0885 7904 AdobeFlashPlayerUpdateSvc - ok
10:23:40.0942 7904 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:23:40.0963 7904 adp94xx - ok
10:23:41.0001 7904 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:23:41.0023 7904 adpahci - ok
10:23:41.0035 7904 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:23:41.0053 7904 adpu320 - ok
10:23:41.0079 7904 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:23:41.0213 7904 AeLookupSvc - ok
10:23:41.0332 7904 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:23:41.0483 7904 AESTFilters - ok
10:23:41.0535 7904 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:23:41.0608 7904 AFD - ok
10:23:41.0647 7904 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:23:41.0661 7904 agp440 - ok
10:23:41.0711 7904 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:23:41.0879 7904 ALG - ok
10:23:41.0928 7904 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:23:41.0938 7904 aliide - ok
10:23:41.0949 7904 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:23:41.0962 7904 amdide - ok
10:23:42.0001 7904 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:23:42.0062 7904 AmdK8 - ok
10:23:42.0081 7904 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:23:42.0119 7904 AmdPPM - ok
10:23:42.0170 7904 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:23:42.0185 7904 amdsata - ok
10:23:42.0219 7904 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:23:42.0237 7904 amdsbs - ok
10:23:42.0252 7904 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:23:42.0265 7904 amdxata - ok
10:23:42.0322 7904 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:23:42.0506 7904 AppID - ok
10:23:42.0524 7904 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:23:42.0587 7904 AppIDSvc - ok
10:23:42.0649 7904 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:23:42.0719 7904 Appinfo - ok
10:23:42.0860 7904 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:23:42.0870 7904 Apple Mobile Device - ok
10:23:42.0935 7904 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:23:42.0950 7904 arc - ok
10:23:42.0957 7904 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:23:42.0972 7904 arcsas - ok
10:23:43.0008 7904 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:23:43.0091 7904 AsyncMac - ok
10:23:43.0150 7904 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:23:43.0162 7904 atapi - ok
10:23:43.0213 7904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:23:43.0306 7904 AudioEndpointBuilder - ok
10:23:43.0336 7904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:23:43.0392 7904 AudioSrv - ok
10:23:43.0462 7904 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:23:43.0573 7904 AxInstSV - ok
10:23:43.0621 7904 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:23:43.0686 7904 b06bdrv - ok
10:23:43.0731 7904 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:23:43.0792 7904 b57nd60a - ok
10:23:44.0004 7904 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
10:23:44.0023 7904 BBSvc - ok
10:23:44.0062 7904 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
10:23:44.0080 7904 BBUpdate - ok
10:23:44.0100 7904 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:23:44.0127 7904 BDESVC - ok
10:23:44.0168 7904 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:23:44.0243 7904 Beep - ok
10:23:44.0335 7904 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:23:44.0437 7904 BFE - ok
10:23:44.0687 7904 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
10:23:44.0725 7904 BHDrvx64 - ok
10:23:44.0814 7904 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:23:44.0920 7904 BITS - ok
10:23:44.0978 7904 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:23:45.0013 7904 blbdrive - ok
10:23:45.0072 7904 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:23:45.0089 7904 Bonjour Service - ok
10:23:45.0137 7904 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:23:45.0159 7904 bowser - ok
10:23:45.0204 7904 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:23:45.0495 7904 BrFiltLo - ok
10:23:45.0521 7904 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:23:45.0543 7904 BrFiltUp - ok
10:23:45.0614 7904 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:23:45.0666 7904 BridgeMP - ok
10:23:45.0704 7904 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
10:23:45.0813 7904 Browser - ok
10:23:45.0927 7904 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:23:46.0094 7904 Brserid - ok
10:23:46.0106 7904 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:23:46.0148 7904 BrSerWdm - ok
10:23:46.0189 7904 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:23:46.0224 7904 BrUsbMdm - ok
10:23:46.0264 7904 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:23:46.0295 7904 BrUsbSer - ok
10:23:46.0368 7904 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:23:46.0417 7904 BthEnum - ok
10:23:46.0458 7904 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:23:46.0499 7904 BTHMODEM - ok
10:23:46.0580 7904 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:23:46.0618 7904 BthPan - ok
10:23:46.0679 7904 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:23:46.0759 7904 BTHPORT - ok
10:23:46.0795 7904 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:23:46.0858 7904 bthserv - ok
10:23:46.0926 7904 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:23:46.0971 7904 BTHUSB - ok
10:23:47.0010 7904 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
10:23:47.0020 7904 btusbflt - ok
10:23:47.0067 7904 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
10:23:47.0078 7904 btwaudio - ok
10:23:47.0091 7904 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
10:23:47.0102 7904 btwavdt - ok
10:23:47.0176 7904 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:23:47.0204 7904 btwdins - ok
10:23:47.0240 7904 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
10:23:47.0248 7904 btwl2cap - ok
10:23:47.0267 7904 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
10:23:47.0276 7904 btwrchid - ok
10:23:47.0321 7904 catchme - ok
10:23:47.0393 7904 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
10:23:47.0405 7904 ccSet_N360 - ok
10:23:47.0465 7904 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_NAT C:\Windows\system32\drivers\NATx64\0105000.024\ccSetx64.sys
10:23:47.0477 7904 ccSet_NAT - ok
10:23:47.0536 7904 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
10:23:47.0548 7904 ccSet_NST - ok
10:23:47.0594 7904 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:23:47.0667 7904 cdfs - ok
10:23:47.0714 7904 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:23:47.0764 7904 cdrom - ok
10:23:47.0929 7904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:23:48.0012 7904 CertPropSvc - ok
10:23:48.0058 7904 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:23:48.0100 7904 circlass - ok
10:23:48.0134 7904 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:23:48.0155 7904 CLFS - ok
10:23:48.0211 7904 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:23:48.0223 7904 clr_optimization_v2.0.50727_32 - ok
10:23:48.0249 7904 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:23:48.0262 7904 clr_optimization_v2.0.50727_64 - ok
10:23:48.0316 7904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:23:48.0331 7904 clr_optimization_v4.0.30319_32 - ok
10:23:48.0355 7904 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:23:48.0370 7904 clr_optimization_v4.0.30319_64 - ok
10:23:48.0413 7904 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:23:48.0445 7904 CmBatt - ok
10:23:48.0497 7904 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:23:48.0509 7904 cmdide - ok
10:23:48.0549 7904 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:23:48.0581 7904 CNG - ok
10:23:48.0620 7904 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:23:48.0629 7904 Compbatt - ok
10:23:48.0673 7904 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:23:48.0714 7904 CompositeBus - ok
10:23:48.0732 7904 COMSysApp - ok
10:23:48.0752 7904 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:23:48.0765 7904 crcdisk - ok
10:23:48.0810 7904 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:23:48.0837 7904 CryptSvc - ok
10:23:48.0878 7904 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:23:48.0936 7904 CtClsFlt - ok
10:23:49.0051 7904 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:23:49.0081 7904 cvhsvc - ok
10:23:49.0134 7904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:23:49.0208 7904 DcomLaunch - ok
10:23:49.0271 7904 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:23:49.0349 7904 defragsvc - ok
10:23:49.0392 7904 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:23:49.0464 7904 DfsC - ok
10:23:49.0532 7904 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:23:49.0608 7904 Dhcp - ok
10:23:49.0684 7904 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:23:49.0777 7904 discache - ok
10:23:49.0942 7904 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:23:49.0957 7904 Disk - ok
10:23:50.0006 7904 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:23:50.0023 7904 Dnscache - ok
10:23:50.0057 7904 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:23:50.0133 7904 dot3svc - ok
10:23:50.0165 7904 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:23:50.0241 7904 DPS - ok
10:23:50.0281 7904 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:23:50.0327 7904 drmkaud - ok
10:23:50.0380 7904 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:23:50.0416 7904 DXGKrnl - ok
10:23:50.0449 7904 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:23:50.0521 7904 EapHost - ok
10:23:50.0606 7904 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:23:50.0749 7904 ebdrv - ok
10:23:50.0829 7904 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:23:50.0848 7904 eeCtrl - ok
10:23:50.0885 7904 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:23:50.0926 7904 EFS - ok
10:23:51.0008 7904 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:23:51.0076 7904 ehRecvr - ok
10:23:51.0107 7904 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:23:51.0175 7904 ehSched - ok
10:23:51.0241 7904 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:23:51.0267 7904 elxstor - ok
10:23:51.0352 7904 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:23:51.0365 7904 EraserUtilRebootDrv - ok
10:23:51.0379 7904 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:23:51.0414 7904 ErrDev - ok
10:23:51.0463 7904 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:23:51.0539 7904 EventSystem - ok
10:23:51.0613 7904 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:23:51.0650 7904 EvtEng - ok
10:23:51.0666 7904 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:23:51.0744 7904 exfat - ok
10:23:52.0025 7904 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:23:52.0095 7904 fastfat - ok
10:23:52.0159 7904 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:23:52.0340 7904 Fax - ok
10:23:52.0400 7904 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:23:52.0440 7904 fdc - ok
10:23:52.0484 7904 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:23:52.0572 7904 fdPHost - ok
10:23:52.0615 7904 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:23:52.0660 7904 FDResPub - ok
10:23:52.0707 7904 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:23:52.0720 7904 FileInfo - ok
10:23:52.0741 7904 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:23:52.0823 7904 Filetrace - ok
10:23:52.0854 7904 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:23:52.0873 7904 flpydisk - ok
10:23:52.0902 7904 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:23:52.0921 7904 FltMgr - ok
10:23:52.0963 7904 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:23:53.0032 7904 FontCache - ok
10:23:53.0093 7904 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:23:53.0104 7904 FontCache3.0.0.0 - ok
10:23:53.0128 7904 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:23:53.0142 7904 FsDepends - ok
10:23:53.0164 7904 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:23:53.0175 7904 Fs_Rec - ok
10:23:53.0216 7904 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:23:53.0237 7904 fvevol - ok
10:23:53.0265 7904 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:23:53.0278 7904 gagp30kx - ok
10:23:53.0377 7904 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
10:23:53.0395 7904 GameConsoleService - ok
10:23:53.0422 7904 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:23:53.0429 7904 GEARAspiWDM - ok
10:23:53.0471 7904 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
10:23:53.0481 7904 GoToAssist - ok
10:23:53.0523 7904 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:23:53.0615 7904 gpsvc - ok
10:23:53.0708 7904 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:23:53.0726 7904 gupdate - ok
10:23:54.0404 7904 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:23:54.0413 7904 gupdatem - ok
10:23:54.0481 7904 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:23:54.0495 7904 gusvc - ok
10:23:54.0526 7904 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:23:54.0563 7904 hcw85cir - ok
10:23:54.0643 7904 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:23:54.0695 7904 HdAudAddService - ok
10:23:54.0747 7904 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:23:54.0783 7904 HDAudBus - ok
10:23:54.0827 7904 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:23:54.0837 7904 HECIx64 - ok
10:23:54.0856 7904 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:23:54.0890 7904 HidBatt - ok
10:23:54.0940 7904 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:23:54.0972 7904 HidBth - ok
10:23:55.0002 7904 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:23:55.0034 7904 HidIr - ok
10:23:55.0063 7904 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:23:55.0132 7904 hidserv - ok
10:23:55.0203 7904 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:23:55.0219 7904 HidUsb - ok
10:23:55.0260 7904 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:23:55.0334 7904 hkmsvc - ok
10:23:55.0362 7904 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:23:55.0397 7904 HomeGroupListener - ok
10:23:55.0438 7904 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:23:55.0474 7904 HomeGroupProvider - ok
10:23:55.0575 7904 [ 16959F84844DC9B2CEF0D5B1A412370F ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
10:23:55.0581 7904 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
10:23:55.0581 7904 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
10:23:55.0650 7904 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:23:55.0668 7904 HpSAMD - ok
10:23:56.0304 7904 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:23:56.0925 7904 HTTP - ok
10:23:56.0994 7904 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:23:57.0011 7904 hwpolicy - ok
10:23:57.0061 7904 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:23:57.0086 7904 i8042prt - ok
10:23:57.0193 7904 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:23:57.0210 7904 iaStor - ok
10:23:57.0352 7904 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:23:57.0362 7904 IAStorDataMgrSvc - ok
10:23:57.0489 7904 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:23:57.0511 7904 iaStorV - ok
10:23:57.0726 7904 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:23:58.0193 7904 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:23:58.0193 7904 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:23:58.0849 7904 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:23:58.0902 7904 idsvc - ok
10:23:59.0070 7904 [ CE0BF35C79E03BB89DA6B14FAC838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120810.001\IDSvia64.sys
10:23:59.0088 7904 IDSVia64 - ok
10:24:01.0077 7904 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:24:01.0538 7904 igfx - ok
10:24:01.0633 7904 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:24:01.0652 7904 iirsp - ok
10:24:01.0782 7904 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:24:02.0318 7904 IKEEXT - ok
10:24:02.0401 7904 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:24:02.0473 7904 Impcd - ok
10:24:02.0543 7904 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:24:02.0601 7904 IntcDAud - ok
10:24:02.0615 7904 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:24:02.0638 7904 intelide - ok
10:24:02.0692 7904 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:24:02.0766 7904 intelppm - ok
10:24:02.0810 7904 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:24:02.0884 7904 IPBusEnum - ok
10:24:02.0959 7904 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:24:03.0044 7904 IpFilterDriver - ok
10:24:03.0284 7904 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:24:03.0445 7904 iphlpsvc - ok
10:24:03.0497 7904 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:24:03.0611 7904 IPMIDRV - ok
10:24:03.0717 7904 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:24:04.0238 7904 IPNAT - ok
10:24:04.0494 7904 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:24:04.0521 7904 iPod Service - ok
10:24:04.0593 7904 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:24:04.0871 7904 IRENUM - ok
10:24:04.0924 7904 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:24:04.0941 7904 isapnp - ok
10:24:05.0016 7904 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:24:05.0050 7904 iScsiPrt - ok
10:24:05.0079 7904 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:24:05.0091 7904 kbdclass - ok
10:24:05.0140 7904 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:24:05.0202 7904 kbdhid - ok
10:24:05.0219 7904 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:24:05.0231 7904 KeyIso - ok
10:24:05.0267 7904 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:24:05.0290 7904 KSecDD - ok
10:24:05.0354 7904 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:24:05.0384 7904 KSecPkg - ok
10:24:05.0458 7904 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:24:05.0529 7904 ksthunk - ok
10:24:05.0605 7904 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:24:05.0710 7904 KtmRm - ok
10:24:05.0816 7904 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:24:05.0904 7904 LanmanServer - ok
10:24:05.0958 7904 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:24:06.0038 7904 LanmanWorkstation - ok
10:24:06.0085 7904 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:24:06.0175 7904 lltdio - ok
10:24:06.0241 7904 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:24:06.0311 7904 lltdsvc - ok
10:24:06.0327 7904 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:24:06.0376 7904 lmhosts - ok
10:24:06.0505 7904 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:24:06.0518 7904 LMS - ok
10:24:06.0582 7904 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:24:06.0602 7904 LSI_FC - ok
10:24:06.0608 7904 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:24:06.0624 7904 LSI_SAS - ok
10:24:06.0631 7904 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:24:06.0646 7904 LSI_SAS2 - ok
10:24:06.0667 7904 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:24:06.0683 7904 LSI_SCSI - ok
10:24:06.0718 7904 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:24:06.0793 7904 luafv - ok
10:24:06.0906 7904 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:24:06.0965 7904 Mcx2Svc - ok
10:24:06.0993 7904 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:24:07.0006 7904 megasas - ok
10:24:07.0063 7904 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:24:07.0096 7904 MegaSR - ok
10:24:07.0276 7904 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:24:07.0294 7904 Microsoft Office Groove Audit Service - ok
10:24:07.0351 7904 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:24:07.0437 7904 MMCSS - ok
10:24:07.0448 7904 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:24:07.0547 7904 Modem - ok
10:24:07.0616 7904 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:24:07.0806 7904 monitor - ok
10:24:07.0893 7904 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:24:07.0905 7904 mouclass - ok
10:24:07.0957 7904 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:24:07.0990 7904 mouhid - ok
10:24:08.0029 7904 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:24:08.0051 7904 mountmgr - ok
10:24:08.0206 7904 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:24:08.0225 7904 MozillaMaintenance - ok
10:24:08.0245 7904 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:24:08.0262 7904 mpio - ok
10:24:08.0296 7904 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:24:08.0391 7904 mpsdrv - ok
10:24:08.0605 7904 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:24:08.0720 7904 MpsSvc - ok
10:24:08.0762 7904 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:24:08.0808 7904 MRxDAV - ok
10:24:08.0852 7904 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:24:08.0911 7904 mrxsmb - ok
10:24:08.0967 7904 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:24:09.0029 7904 mrxsmb10 - ok
10:24:09.0065 7904 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:24:09.0079 7904 mrxsmb20 - ok
10:24:09.0213 7904 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:24:09.0224 7904 msahci - ok
10:24:09.0268 7904 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:24:09.0283 7904 msdsm - ok
10:24:09.0306 7904 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:24:09.0388 7904 MSDTC - ok
10:24:09.0428 7904 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:24:09.0472 7904 Msfs - ok
10:24:09.0530 7904 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:24:09.0612 7904 mshidkmdf - ok
10:24:09.0665 7904 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:24:09.0676 7904 msisadrv - ok
10:24:09.0726 7904 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:24:09.0809 7904 MSiSCSI - ok
10:24:09.0814 7904 msiserver - ok
10:24:10.0000 7904 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:24:10.0099 7904 MSKSSRV - ok
10:24:10.0124 7904 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:24:10.0305 7904 MSPCLOCK - ok
10:24:10.0360 7904 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:24:10.0431 7904 MSPQM - ok
10:24:10.0508 7904 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:24:10.0544 7904 MsRPC - ok
10:24:10.0582 7904 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:24:10.0594 7904 mssmbios - ok
10:24:10.0668 7904 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:24:10.0733 7904 MSTEE - ok
10:24:10.0738 7904 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:24:10.0750 7904 MTConfig - ok
10:24:10.0815 7904 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:24:10.0828 7904 Mup - ok
10:24:10.0887 7904 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:24:10.0904 7904 MyWiFiDHCPDNS - ok
10:24:11.0058 7904 [ C6948F034D7EDABCFA2234D399FC78BC ] N360 C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
10:24:11.0072 7904 N360 - ok
10:24:11.0165 7904 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:24:11.0247 7904 napagent - ok
10:24:11.0323 7904 [ 9D0F43B1D0434B44183D4795E89F6C14 ] NAT C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe
10:24:11.0334 7904 NAT - ok
10:24:11.0371 7904 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:24:11.0414 7904 NativeWifiP - ok
10:24:11.0499 7904 [ 8043D41F881D6ACE40B854AD6E32217F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\ENG64.SYS
10:24:11.0511 7904 NAVENG - ok
10:24:11.0577 7904 [ 9A9AB2FC45D701DAED465D14980F1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\EX64.SYS
10:24:11.0658 7904 NAVEX15 - ok
10:24:11.0728 7904 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:24:11.0929 7904 NDIS - ok
10:24:11.0955 7904 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:24:12.0024 7904 NdisCap - ok
10:24:12.0083 7904 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:24:12.0152 7904 NdisTapi - ok
10:24:12.0189 7904 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:24:12.0257 7904 Ndisuio - ok
10:24:12.0296 7904 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:24:12.0363 7904 NdisWan - ok
10:24:12.0398 7904 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:24:12.0442 7904 NDProxy - ok
10:24:12.0497 7904 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:24:12.0528 7904 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:24:12.0528 7904 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:24:12.0564 7904 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:24:12.0616 7904 NetBIOS - ok
10:24:12.0662 7904 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:24:12.0736 7904 NetBT - ok
10:24:12.0761 7904 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:24:12.0774 7904 Netlogon - ok
10:24:12.0830 7904 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:24:12.0909 7904 Netman - ok
10:24:12.0937 7904 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:24:13.0023 7904 netprofm - ok
10:24:13.0089 7904 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:24:13.0101 7904 NetTcpPortSharing - ok
10:24:13.0246 7904 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
10:24:13.0480 7904 NETw5s64 - ok
10:24:13.0520 7904 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:24:13.0533 7904 nfrd960 - ok
10:24:13.0584 7904 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:24:13.0659 7904 NlaSvc - ok
10:24:14.0055 7904 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
10:24:14.0160 7904 NOBU - ok
10:24:14.0203 7904 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:24:14.0260 7904 Npfs - ok
10:24:14.0322 7904 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:24:14.0391 7904 nsi - ok
10:24:14.0420 7904 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:24:14.0468 7904 nsiproxy - ok
10:24:14.0549 7904 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
10:24:14.0560 7904 NSL - ok
10:24:14.0624 7904 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:24:14.0692 7904 Ntfs - ok
10:24:14.0719 7904 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:24:14.0766 7904 Null - ok
10:24:14.0805 7904 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:24:14.0822 7904 nvraid - ok
10:24:14.0853 7904 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:24:14.0872 7904 nvstor - ok
10:24:14.0913 7904 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:24:14.0925 7904 nv_agp - ok
10:24:14.0989 7904 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:24:15.0013 7904 odserv - ok
10:24:15.0057 7904 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:24:15.0097 7904 ohci1394 - ok
10:24:15.0166 7904 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:24:15.0181 7904 ose - ok
10:24:15.0348 7904 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:24:15.0538 7904 osppsvc - ok
10:24:15.0617 7904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:24:15.0749 7904 p2pimsvc - ok
10:24:15.0825 7904 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:24:15.0877 7904 p2psvc - ok
10:24:15.0903 7904 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:24:15.0922 7904 Parport - ok
10:24:15.0956 7904 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:24:15.0971 7904 partmgr - ok
10:24:16.0006 7904 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:24:16.0049 7904 PcaSvc - ok
10:24:16.0077 7904 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:24:16.0092 7904 pci - ok
10:24:16.0121 7904 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:24:16.0134 7904 pciide - ok
10:24:16.0167 7904 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:24:16.0181 7904 pcmcia - ok
10:24:16.0205 7904 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:24:16.0218 7904 pcw - ok
10:24:16.0241 7904 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:24:16.0316 7904 PEAUTH - ok
10:24:16.0390 7904 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:24:16.0429 7904 PerfHost - ok
10:24:16.0499 7904 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:24:16.0609 7904 pla - ok
10:24:16.0669 7904 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:24:16.0715 7904 PlugPlay - ok
10:24:16.0773 7904 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:24:16.0779 7904 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:24:16.0779 7904 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:24:16.0800 7904 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:24:16.0833 7904 PNRPAutoReg - ok
10:24:16.0860 7904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:24:16.0877 7904 PNRPsvc - ok
10:24:16.0916 7904 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:24:16.0993 7904 PolicyAgent - ok
10:24:17.0024 7904 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:24:17.0096 7904 Power - ok
10:24:17.0139 7904 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:24:17.0208 7904 PptpMiniport - ok
10:24:17.0246 7904 [ 0264B15F628C8C7DBF439FD7AB4108F5 ] Printer Control C:\Windows\system32\PrintCtrl.exe
10:24:17.0276 7904 Printer Control ( UnsignedFile.Multi.Generic ) - warning
10:24:17.0276 7904 Printer Control - detected UnsignedFile.Multi.Generic (1)
10:24:17.0317 7904 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:24:17.0349 7904 Processor - ok
10:24:17.0396 7904 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:24:17.0435 7904 ProfSvc - ok
10:24:17.0457 7904 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:24:17.0470 7904 ProtectedStorage - ok
10:24:17.0513 7904 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:24:17.0584 7904 Psched - ok
10:24:17.0635 7904 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:24:17.0645 7904 PxHlpa64 - ok
10:24:17.0687 7904 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:24:17.0772 7904 ql2300 - ok
10:24:17.0861 7904 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:24:17.0878 7904 ql40xx - ok
10:24:18.0298 7904 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:24:18.0413 7904 QWAVE - ok
10:24:18.0446 7904 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:24:18.0488 7904 QWAVEdrv - ok
10:24:18.0538 7904 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:24:18.0592 7904 RasAcd - ok
10:24:18.0635 7904 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:24:18.0676 7904 RasAgileVpn - ok
10:24:18.0702 7904 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:24:18.0771 7904 RasAuto - ok
10:24:18.0809 7904 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:24:18.0880 7904 Rasl2tp - ok
10:24:18.0921 7904 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:24:18.0977 7904 RasMan - ok
10:24:19.0013 7904 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:24:19.0085 7904 RasPppoe - ok
10:24:19.0123 7904 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:24:19.0198 7904 RasSstp - ok
10:24:19.0240 7904 [ 81DDBF4FE998EF1F4BA230F7E8D8C67E ] Razerlow C:\Windows\system32\drivers\DB3G.sys
10:24:19.0273 7904 Razerlow - ok
10:24:19.0315 7904 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:24:19.0384 7904 rdbss - ok
10:24:19.0417 7904 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:24:19.0458 7904 rdpbus - ok
10:24:19.0486 7904 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:24:19.0562 7904 RDPCDD - ok
10:24:19.0589 7904 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:24:19.0660 7904 RDPENCDD - ok
10:24:19.0691 7904 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:24:19.0745 7904 RDPREFMP - ok
10:24:20.0018 7904 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:24:20.0159 7904 RDPWD - ok
10:24:20.0256 7904 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:24:20.0276 7904 rdyboost - ok
10:24:20.0333 7904 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:24:20.0375 7904 RegSrvc - ok
10:24:20.0423 7904 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:24:20.0569 7904 RemoteAccess - ok
10:24:20.0607 7904 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:24:20.0658 7904 RemoteRegistry - ok
10:24:20.0685 7904 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:24:20.0732 7904 RFCOMM - ok
10:24:20.0839 7904 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
10:24:20.0897 7904 RoxMediaDB12OEM - ok
10:24:20.0926 7904 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
10:24:20.0943 7904 RoxWatch12 - ok
10:24:20.0967 7904 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:24:21.0046 7904 RpcEptMapper - ok
10:24:21.0083 7904 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:24:21.0120 7904 RpcLocator - ok
10:24:21.0164 7904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:24:21.0223 7904 RpcSs - ok
10:24:21.0277 7904 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:24:21.0316 7904 rspndr - ok
10:24:21.0375 7904 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:24:21.0394 7904 RSUSBSTOR - ok
10:24:21.0431 7904 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:24:21.0448 7904 RTL8167 - ok
10:24:21.0465 7904 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:24:21.0478 7904 SamSs - ok
10:24:21.0521 7904 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:24:21.0537 7904 sbp2port - ok
10:24:21.0565 7904 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:24:21.0619 7904 SCardSvr - ok
10:24:21.0654 7904 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:24:21.0719 7904 scfilter - ok
10:24:21.0789 7904 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:24:21.0872 7904 Schedule - ok
10:24:21.0910 7904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:24:21.0964 7904 SCPolicySvc - ok
10:24:22.0006 7904 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:24:22.0070 7904 SDRSVC - ok
10:24:22.0101 7904 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:24:22.0152 7904 secdrv - ok
10:24:22.0193 7904 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:24:22.0266 7904 seclogon - ok
10:24:22.0317 7904 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:24:22.0394 7904 SENS - ok
10:24:22.0416 7904 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:24:22.0440 7904 SensrSvc - ok
10:24:22.0493 7904 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:24:22.0526 7904 Serenum - ok
10:24:22.0567 7904 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:24:22.0583 7904 Serial - ok
10:24:22.0615 7904 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:24:22.0653 7904 sermouse - ok
10:24:22.0706 7904 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:24:22.0780 7904 SessionEnv - ok
10:24:22.0827 7904 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:24:22.0857 7904 sffdisk - ok
10:24:22.0899 7904 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:24:22.0931 7904 sffp_mmc - ok
10:24:22.0956 7904 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:24:22.0994 7904 sffp_sd - ok
10:24:23.0041 7904 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:24:23.0055 7904 sfloppy - ok
10:24:23.0108 7904 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:24:23.0134 7904 Sftfs - ok
10:24:23.0244 7904 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:24:23.0267 7904 sftlist - ok
10:24:23.0287 7904 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:24:23.0303 7904 Sftplay - ok
10:24:23.0313 7904 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:24:23.0323 7904 Sftredir - ok
10:24:23.0399 7904 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:24:23.0467 7904 SftService - ok
10:24:23.0508 7904 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:24:23.0518 7904 Sftvol - ok
10:24:23.0558 7904 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:24:23.0574 7904 sftvsa - ok
10:24:23.0653 7904 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:24:23.0737 7904 SharedAccess - ok
10:24:23.0902 7904 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:24:23.0975 7904 ShellHWDetection - ok
10:24:24.0014 7904 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:24:24.0029 7904 SiSRaid2 - ok
10:24:24.0042 7904 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:24:24.0058 7904 SiSRaid4 - ok
10:24:24.0163 7904 [ DB0405D9AAD62F0762E0876AC142B7E1 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:24:24.0177 7904 SkypeUpdate - ok
10:24:24.0210 7904 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:24:24.0266 7904 Smb - ok
10:24:24.0331 7904 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:24:24.0367 7904 SNMPTRAP - ok
10:24:24.0394 7904 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:24:24.0403 7904 spldr - ok
10:24:24.0445 7904 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
10:24:24.0484 7904 Spooler - ok
10:24:24.0577 7904 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:24:24.0721 7904 sppsvc - ok
10:24:24.0756 7904 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:24:24.0804 7904 sppuinotify - ok
10:24:24.0889 7904 [ 06B9A7BA94356EC5207C5DDB59540378 ] SRTSP C:\Windows\system32\drivers\N360x64\0602010.005\SRTSP64.SYS
10:24:24.0916 7904 SRTSP - ok
10:24:24.0929 7904 [ FBB8945A61E55A2345D12487C74A9D76 ] SRTSPX C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
10:24:24.0937 7904 SRTSPX - ok
10:24:24.0977 7904 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:24:25.0046 7904 srv - ok
10:24:25.0065 7904 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:24:25.0085 7904 srv2 - ok
10:24:25.0098 7904 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:24:25.0113 7904 srvnet - ok
10:24:25.0157 7904 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:24:25.0230 7904 SSDPSRV - ok
10:24:25.0256 7904 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:24:25.0306 7904 SstpSvc - ok
10:24:25.0363 7904 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
10:24:25.0402 7904 STacSV - ok
10:24:25.0444 7904 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:24:25.0454 7904 stexstor - ok
10:24:25.0503 7904 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
10:24:25.0550 7904 STHDA - ok
10:24:25.0600 7904 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:24:25.0636 7904 StillCam - ok
10:24:25.0678 7904 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:24:25.0729 7904 stisvc - ok
10:24:25.0779 7904 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:24:25.0788 7904 stllssvr - ok
10:24:25.0954 7904 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:24:25.0965 7904 swenum - ok
10:24:26.0044 7904 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:24:26.0113 7904 swprv - ok
10:24:26.0409 7904 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
10:24:26.0425 7904 SymDS - ok
10:24:26.0456 7904 [ F90C7A190399165D3AB2245048D34786 ] SymEFA C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
10:24:26.0503 7904 SymEFA - ok
10:24:26.0550 7904 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:24:26.0565 7904 SymEvent - ok
10:24:26.0612 7904 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
10:24:26.0628 7904 SymIRON - ok
10:24:26.0659 7904 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS
10:24:26.0675 7904 SymNetS - ok
10:24:26.0721 7904 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:24:26.0815 7904 SysMain - ok
10:24:26.0862 7904 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:24:26.0877 7904 TabletInputService - ok
10:24:26.0940 7904 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:24:27.0002 7904 TapiSrv - ok
10:24:27.0049 7904 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:24:27.0111 7904 TBS - ok
10:24:27.0205 7904 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:24:27.0267 7904 Tcpip - ok
10:24:27.0333 7904 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:24:27.0373 7904 TCPIP6 - ok
10:24:27.0403 7904 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:24:27.0463 7904 tcpipreg - ok
10:24:27.0503 7904 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:24:27.0553 7904 TDPIPE - ok
10:24:27.0583 7904 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:24:27.0633 7904 TDTCP - ok
10:24:27.0673 7904 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:24:27.0713 7904 tdx - ok
10:24:27.0773 7904 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:24:27.0793 7904 TermDD - ok
10:24:27.0843 7904 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:24:27.0933 7904 TermService - ok
10:24:27.0973 7904 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:24:28.0013 7904 Themes - ok
10:24:28.0043 7904 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:24:28.0073 7904 THREADORDER - ok
10:24:28.0093 7904 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:24:28.0163 7904 TrkWks - ok
10:24:28.0233 7904 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:24:28.0293 7904 TrustedInstaller - ok
10:24:28.0333 7904 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:24:28.0403 7904 tssecsrv - ok
10:24:28.0443 7904 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:24:28.0503 7904 TsUsbFlt - ok
10:24:28.0543 7904 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:24:28.0603 7904 tunnel - ok
10:24:28.0673 7904 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
10:24:28.0683 7904 TurboB - ok
10:24:28.0743 7904 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:24:28.0753 7904 TurboBoost - ok
10:24:28.0773 7904 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:24:28.0793 7904 uagp35 - ok
10:24:28.0823 7904 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:24:28.0883 7904 udfs - ok
10:24:28.0923 7904 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:24:28.0933 7904 UI0Detect - ok
10:24:28.0973 7904 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:24:29.0003 7904 uliagpkx - ok
10:24:29.0053 7904 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:24:29.0063 7904 umbus - ok
10:24:29.0083 7904 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:24:29.0123 7904 UmPass - ok
10:24:29.0253 7904 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:24:29.0343 7904 UNS - ok
10:24:29.0393 7904 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:24:29.0463 7904 upnphost - ok
10:24:29.0503 7904 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:24:29.0523 7904 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:24:29.0523 7904 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
10:24:29.0573 7904 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:24:29.0603 7904 usbccgp - ok
10:24:29.0663 7904 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:24:29.0673 7904 usbcir - ok
10:24:29.0703 7904 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:24:29.0743 7904 usbehci - ok
10:24:29.0783 7904 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:24:29.0813 7904 usbhub - ok
10:24:29.0853 7904 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:24:29.0873 7904 usbohci - ok
10:24:29.0913 7904 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:24:29.0953 7904 usbprint - ok
10:24:29.0993 7904 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:24:30.0023 7904 USBSTOR - ok
10:24:30.0053 7904 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:24:30.0093 7904 usbuhci - ok
10:24:30.0143 7904 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:24:30.0163 7904 usbvideo - ok
10:24:30.0183 7904 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:24:30.0243 7904 UxSms - ok
10:24:30.0263 7904 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:24:30.0273 7904 VaultSvc - ok
10:24:30.0313 7904 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:24:30.0333 7904 vdrvroot - ok
10:24:30.0393 7904 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:24:30.0453 7904 vds - ok
10:24:30.0473 7904 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:24:30.0493 7904 vga - ok
10:24:30.0503 7904 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:24:30.0573 7904 VgaSave - ok
10:24:30.0643 7904 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:24:30.0663 7904 vhdmp - ok
10:24:30.0673 7904 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:24:30.0683 7904 viaide - ok
10:24:30.0703 7904 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:24:30.0713 7904 volmgr - ok
10:24:30.0753 7904 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:24:30.0773 7904 volmgrx - ok
10:24:30.0783 7904 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:24:30.0803 7904 volsnap - ok
10:24:30.0833 7904 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:24:30.0853 7904 vsmraid - ok
10:24:30.0913 7904 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:24:31.0003 7904 VSS - ok
10:24:31.0033 7904 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:24:31.0083 7904 vwifibus - ok
10:24:31.0113 7904 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:24:31.0153 7904 vwififlt - ok
10:24:31.0183 7904 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:24:31.0193 7904 vwifimp - ok
10:24:31.0223 7904 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:24:31.0263 7904 W32Time - ok
10:24:31.0283 7904 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:24:31.0323 7904 WacomPen - ok
10:24:31.0373 7904 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:24:31.0423 7904 WANARP - ok
10:24:31.0443 7904 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:24:31.0473 7904 Wanarpv6 - ok
10:24:31.0533 7904 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:24:31.0583 7904 WatAdminSvc - ok
10:24:31.0663 7904 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:24:31.0713 7904 wbengine - ok
10:24:31.0753 7904 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:24:31.0783 7904 WbioSrvc - ok
10:24:31.0833 7904 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:24:31.0893 7904 wcncsvc - ok
10:24:31.0923 7904 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:24:31.0973 7904 WcsPlugInService - ok
10:24:31.0993 7904 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:24:32.0003 7904 Wd - ok
10:24:32.0043 7904 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
10:24:32.0053 7904 WDC_SAM - ok
10:24:32.0083 7904 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:24:32.0113 7904 Wdf01000 - ok
10:24:32.0143 7904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:24:32.0163 7904 WdiServiceHost - ok
10:24:32.0163 7904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:24:32.0183 7904 WdiSystemHost - ok
10:24:32.0233 7904 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:24:32.0283 7904 WebClient - ok
10:24:32.0323 7904 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:24:32.0403 7904 Wecsvc - ok
10:24:32.0433 7904 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:24:32.0483 7904 wercplsupport - ok
10:24:32.0523 7904 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:24:32.0553 7904 WerSvc - ok
10:24:32.0583 7904 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:24:32.0643 7904 WfpLwf - ok
10:24:32.0673 7904 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:24:32.0683 7904 WimFltr - ok
10:24:32.0703 7904 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:24:32.0714 7904 WIMMount - ok
10:24:32.0744 7904 WinDefend - ok
10:24:32.0744 7904 WinHttpAutoProxySvc - ok
10:24:32.0804 7904 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:24:32.0844 7904 Winmgmt - ok
10:24:32.0904 7904 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:24:33.0044 7904 WinRM - ok
10:24:33.0114 7904 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
10:24:33.0154 7904 WinUSB - ok
10:24:33.0204 7904 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:24:33.0284 7904 Wlansvc - ok
10:24:33.0334 7904 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:24:33.0344 7904 wlcrasvc - ok
10:24:33.0424 7904 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:24:33.0504 7904 wlidsvc - ok
10:24:33.0544 7904 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:24:33.0574 7904 WmiAcpi - ok
10:24:33.0614 7904 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:24:33.0664 7904 wmiApSrv - ok
10:24:33.0714 7904 WMPNetworkSvc - ok
10:24:33.0794 7904 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
10:24:33.0824 7904 WMZuneComm - ok
10:24:33.0854 7904 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:24:33.0884 7904 WPCSvc - ok
10:24:33.0914 7904 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:24:33.0934 7904 WPDBusEnum - ok
10:24:33.0954 7904 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:24:34.0004 7904 ws2ifsl - ok
10:24:34.0094 7904 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:24:34.0134 7904 wscsvc - ok
10:24:34.0134 7904 WSearch - ok
10:24:34.0244 7904 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:24:34.0354 7904 wuauserv - ok
10:24:34.0374 7904 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:24:34.0434 7904 WudfPf - ok
10:24:34.0494 7904 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:24:34.0554 7904 WUDFRd - ok
10:24:34.0584 7904 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:24:34.0614 7904 wudfsvc - ok
10:24:34.0644 7904 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:24:34.0684 7904 WwanSvc - ok
10:24:34.0734 7904 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
10:24:34.0754 7904 yukonw7 - ok
10:24:35.0984 7904 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
10:24:36.0264 7904 ZuneNetworkSvc - ok
10:24:36.0364 7904 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:24:36.0394 7904 ZuneWlanCfgSvc - ok
10:24:36.0424 7904 ================ Scan global ===============================
10:24:36.0464 7904 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:24:36.0504 7904 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:24:36.0514 7904 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:24:36.0564 7904 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:24:36.0644 7904 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:24:36.0644 7904 [Global] - ok
10:24:36.0644 7904 ================ Scan MBR ==================================
10:24:36.0704 7904 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
10:24:36.0704 7904 Suspicious mbr (Forged): \Device\Harddisk0\DR0
10:24:36.0774 7904 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
10:24:36.0774 7904 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
10:24:36.0864 7904 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:24:36.0864 7904 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:24:36.0864 7904 ================ Scan VBR ==================================
10:24:36.0874 7904 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
10:24:36.0874 7904 \Device\Harddisk0\DR0\Partition1 - ok
10:24:36.0894 7904 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
10:24:36.0894 7904 \Device\Harddisk0\DR0\Partition2 - ok
10:24:36.0894 7904 ============================================================
10:24:36.0894 7904 Scan finished
10:24:36.0894 7904 ============================================================
10:24:36.0904 5248 Detected object count: 8
10:24:36.0904 5248 Actual detected object count: 8

Farbar Service Scanner Version: 06-08-2012
Ran by Marissa (administrator) on 25-08-2012 at 10:27:46
Running from "C:\Users\Marissa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

OTL logfile created on: 8/25/2012 10:28:39 AM - Run 2
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Marissa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.80 Gb Total Physical Memory | 2.81 Gb Available Physical Memory | 48.43% Memory free
11.61 Gb Paging File | 8.37 Gb Available in Paging File | 72.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 466.79 Gb Free Space | 80.28% Space Free | Partition Type: NTFS

Computer Name: MARISSA-PC | User Name: Marissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Marissa\Desktop\tdsskiller\TDSSKiller.exe (Kaspersky Lab ZAO)
PRC - C:\Users\Marissa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - \\.\globalroot\systemroot\svchost.exe ()
PRC - \\.\globalroot\systemroot\svchost.exe ()
PRC - \\.\globalroot\systemroot\svchost.exe ()
PRC - \\.\globalroot\systemroot\svchost.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe (Symantec Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (NAT) -- C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe (Symantec Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (NSL) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Symantec Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NST) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\eng64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120810.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120804.001\BHDrvx64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Marissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPlgn\ [2012/08/24 08:39:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\coFFPlgn\ [2012/08/24 08:39:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 17:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 07:55:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 17:03:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 07:55:50 | 000,000,000 | ---D | M]

[2011/07/20 21:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Extensions
[2012/08/24 08:08:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\d8mmjjj8.default\extensions
[2012/08/19 20:16:33 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\d8mmjjj8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/29 21:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/02 00:20:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[1832/11/29 00:44:26 | 000,004,804 | ---- | M] () (No name found) -- C:\USERS\MARISSA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D8MMJJJ8.DEFAULT\EXTENSIONS\[email protected]
[2012/08/24 17:03:34 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/06 10:50:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/06 10:50:33 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Marissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Extension = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
CHR - Extension: Gmail = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/24 18:52:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files\HP\HP LaserJet Professional CM1410 Series\Fax Driver\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..\Run: [Facebook Update] C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A38C2B-4AD4-4C9D-B912-36D8FD3A644A}: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A38C2B-4AD4-4C9D-B912-36D8FD3A644A}: NameServer = 198.153.192.50,198.153.194.50
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/25 10:22:11 | 000,000,000 | ---D | C] -- C:\Users\Marissa\Desktop\tdsskiller
[2012/08/25 10:11:26 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
[2012/08/24 20:36:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/24 20:02:20 | 000,000,000 | ---D | C] -- C:\Users\Marissa\Desktop\nortonpowereraserwebsite
[2012/08/24 20:00:54 | 002,892,816 | ---- | C] (Symantec Corporation) -- C:\Users\Marissa\Desktop\NPE (1).exe
[2012/08/24 19:36:05 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Marissa\Desktop\FSS.exe
[2012/08/24 18:52:14 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/24 18:34:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/24 18:34:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/24 18:34:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/24 18:34:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/24 18:33:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/24 18:33:06 | 004,737,458 | R--- | C] (Swearware) -- C:\Users\Marissa\Desktop\ComboFix.exe
[2012/08/24 17:07:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/24 17:05:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Marissa\Desktop\OTL.exe
[2012/08/24 17:05:09 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Marissa\Desktop\aswMBR.exe
[2012/08/24 08:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/24 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/08/24 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/24 07:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/08/24 07:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/24 07:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/08/05 21:10:35 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/05 16:03:56 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.sys
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Anti-Theft
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Anti-Theft
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NATx64
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NATx64\0105000.024
[2012/08/05 15:17:01 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012/08/05 15:05:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2012/08/04 22:24:07 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Local\NPE
[2012/08/04 22:05:37 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/04 22:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/08/04 22:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/04 22:05:24 | 001,092,728 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA64.sys
[2012/08/04 22:05:24 | 000,737,912 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.sys
[2012/08/04 22:05:24 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS64.sys
[2012/08/04 22:05:24 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnets.sys
[2012/08/04 22:05:24 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Ironx64.sys
[2012/08/04 22:05:24 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccSetx64.sys
[2012/08/04 22:05:24 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.sys
[2012/08/04 22:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2012/08/04 22:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0602010.005
[2012/08/04 22:05:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2012/08/04 22:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2012/08/04 21:53:38 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012/08/04 21:23:32 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Local\LogMeIn Rescue Applet
[2012/08/04 20:38:28 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Safe Web Lite
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010
[2012/08/03 16:07:13 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

========== Files - Modified Within 30 Days ==========

[2012/08/25 10:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/25 10:21:11 | 002,193,184 | ---- | M] () -- C:\Users\Marissa\Desktop\tdsskiller.zip
[2012/08/25 10:18:39 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/25 10:18:39 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/25 10:15:29 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/25 10:15:29 | 000,624,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/25 10:15:29 | 000,106,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/25 10:11:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/25 10:10:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/25 10:10:16 | 378,548,223 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/25 10:02:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/25 09:51:39 | 539,660,446 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/25 08:14:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-957519283-3269216495-3174932433-1001UA.job
[2012/08/24 20:33:29 | 000,006,288 | ---- | M] () -- C:\Users\Marissa\Desktop\BITS.reg
[2012/08/24 20:14:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-957519283-3269216495-3174932433-1001Core.job
[2012/08/24 20:00:25 | 002,892,816 | ---- | M] (Symantec Corporation) -- C:\Users\Marissa\Desktop\NPE (1).exe
[2012/08/24 19:36:05 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Marissa\Desktop\FSS.exe
[2012/08/24 18:52:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/24 18:33:06 | 004,737,458 | R--- | M] (Swearware) -- C:\Users\Marissa\Desktop\ComboFix.exe
[2012/08/24 17:05:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marissa\Desktop\OTL.exe
[2012/08/24 17:05:24 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Marissa\Desktop\aswMBR.exe
[2012/08/24 08:02:29 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/24 08:00:00 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/24 07:57:02 | 002,221,839 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Cat.DB
[2012/08/24 07:55:45 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/22 10:37:57 | 000,000,512 | ---- | M] () -- C:\Users\Marissa\Desktop\MBR.dat
[2012/08/19 20:27:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/19 20:27:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/06 22:13:34 | 000,127,537 | ---- | M] () -- C:\Users\Marissa\Documents\Common Application.pdf
[2012/08/06 22:13:34 | 000,001,416 | ---- | M] () -- C:\Users\Marissa\Documents\Einstein.html
[2012/08/06 22:13:34 | 000,001,153 | ---- | M] () -- C:\Users\Marissa\Documents\hi.html
[2012/08/06 22:12:25 | 000,023,047 | ---- | M] () -- C:\Users\Marissa\Documents\RichardStocktonSupplements.pdf
[2012/08/06 22:12:24 | 000,037,068 | ---- | M] () -- C:\Users\Marissa\Documents\SetonHallSuplements.pdf
[2012/08/06 22:12:23 | 000,002,141 | ---- | M] () -- C:\Users\Marissa\Documents\Snowman.html
[2012/08/06 22:12:23 | 000,000,259 | ---- | M] () -- C:\Users\Marissa\Documents\Snoopy.html
[2012/08/06 21:54:54 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\My Identity Protection.url
[2012/08/06 17:26:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/08/06 17:26:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/08/05 16:03:56 | 000,002,450 | ---- | M] () -- C:\Users\Public\Desktop\Norton Anti-Theft.lnk
[2012/08/05 16:02:57 | 000,001,285 | ---- | M] () -- C:\Users\Marissa\Desktop\Norton Installation Files.lnk
[2012/08/05 01:06:00 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\VT20120410.034
[2012/08/04 22:05:37 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/04 22:05:37 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/04 22:05:37 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/04 22:05:34 | 000,002,373 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/07/29 21:12:23 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/26 17:50:22 | 000,000,456 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Marissa.job

========== Files Created - No Company Name ==========

[2012/08/25 10:21:09 | 002,193,184 | ---- | C] () -- C:\Users\Marissa\Desktop\tdsskiller.zip
[2012/08/24 20:33:29 | 000,006,288 | ---- | C] () -- C:\Users\Marissa\Desktop\BITS.reg
[2012/08/24 18:34:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/24 18:34:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/24 18:34:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/24 18:34:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/24 18:34:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/24 08:00:00 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/24 07:55:45 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/22 10:37:57 | 000,000,512 | ---- | C] () -- C:\Users\Marissa\Desktop\MBR.dat
[2012/08/06 17:26:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/08/06 17:26:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/08/05 16:03:56 | 000,002,450 | ---- | C] () -- C:\Users\Public\Desktop\Norton Anti-Theft.lnk
[2012/08/05 16:03:54 | 000,007,468 | R--- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.cat
[2012/08/05 16:03:54 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.inf
[2012/08/05 16:03:54 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\isolate.ini
[2012/08/05 01:06:07 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\VT20120410.034
[2012/08/04 22:05:39 | 002,221,839 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Cat.DB
[2012/08/04 22:05:37 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/04 22:05:37 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/04 22:05:34 | 000,002,373 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/08/04 22:05:19 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS64.cat
[2012/08/04 22:05:19 | 000,007,468 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccsetx64.cat
[2012/08/04 22:05:19 | 000,007,462 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.cat
[2012/08/04 22:05:19 | 000,007,460 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA64.cat
[2012/08/04 22:05:19 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnet64.cat
[2012/08/04 22:05:19 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.cat
[2012/08/04 22:05:19 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\iron.cat
[2012/08/04 22:05:19 | 000,004,782 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymVTcer.dat
[2012/08/04 22:05:19 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymEFA.inf
[2012/08/04 22:05:19 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymDS.inf
[2012/08/04 22:05:19 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\SymNet.inf
[2012/08/04 22:05:19 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.inf
[2012/08/04 22:05:19 | 000,001,419 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.inf
[2012/08/04 22:05:19 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccSetx64.inf
[2012/08/04 22:05:19 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Iron.inf
[2012/08/04 22:05:19 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\isolate.ini
[2012/08/04 21:53:38 | 000,001,285 | ---- | C] () -- C:\Users\Marissa\Desktop\Norton Installation Files.lnk
[2012/08/04 20:38:27 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.cat
[2012/08/04 20:38:27 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.inf
[2012/08/04 20:38:27 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\isolate.ini
[2012/08/03 16:01:49 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L\00000004.@
[2012/01/10 23:42:09 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
[2012/01/10 23:42:09 | 000,002,048 | -HS- | C] () -- C:\Users\Marissa\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
[2012/01/10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/03 21:22:41 | 000,003,584 | ---- | C] () -- C:\Users\Marissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/02 20:44:30 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/11/02 19:13:13 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/03 20:28:17 | 000,000,145 | ---- | C] () -- C:\Users\Marissa\.appletviewer
[2011/09/24 19:18:54 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2011/08/04 09:49:45 | 000,011,702 | -HS- | C] () -- C:\Users\Marissa\AppData\Local\jkc80qem5smc266
[2011/08/04 09:49:45 | 000,011,702 | -HS- | C] () -- C:\ProgramData\jkc80qem5smc266
[2011/06/21 12:32:03 | 000,000,498 | ---- | C] () -- C:\Windows\eReg.dat
[2011/03/28 08:04:54 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/03/28 08:04:52 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/03/28 08:04:52 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/03/28 08:04:52 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/03/28 08:04:52 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/03/28 08:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/03/28 08:04:52 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/03/28 05:44:55 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/12/09 20:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini

< End of report >

#26
Dakeyras

Posted 25 August 2012 - 10:23 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Have you got a USB Drive at all? Reason asking is in-case the need to work outside of the windows environment to fully eradicate the malware etc.

Also as a precaution for the time being limit online activity with the machine until the Norton 360 issue is resolved. Which we will address in due course.

Re-scan with TDSSKiller:

Right-click on TDSSKiller.exe and select Run as Administrator.
Click Start scan and allow it to scan for Malicious objects.
If Malicious objects are found, the default action will be Cure, ensure Cure is selected then click Continue.
If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
A Report will have been created by TDSSKiller in your root directory C:\
To find the log go to Start(Windows 7 Orb) > Computer > C:
If no reboot is required, click on Report. A log file should appear.
Please post the contents in your next reply

Re-scan with aswMBR:

I recall you mentioning was not longer present, if still the case re-download from here to the desktop.

Right-click the aswMBR.exe select Run as Administrator.
When prompted with The application can use the Avast! Free Antivirus for scanning >> select Yes
Now click on the Scan button to start scan
On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply

#27
recsite

Posted 25 August 2012 - 11:39 AM

Member

Topic Starter
Member
50 posts

I do have a USB drive that I can use.

Before reboot:

10:22:57.0697 8844 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:22:58.0049 8844 ============================================================
10:22:58.0049 8844 Current date / time: 2012/08/25 10:22:58.0049
10:22:58.0049 8844 SystemInfo:
10:22:58.0049 8844
10:22:58.0049 8844 OS Version: 6.1.7601 ServicePack: 1.0
10:22:58.0049 8844 Product type: Workstation
10:22:58.0049 8844 ComputerName: MARISSA-PC
10:22:58.0050 8844 UserName: Marissa
10:22:58.0050 8844 Windows directory: C:\Windows
10:22:58.0050 8844 System windows directory: C:\Windows
10:22:58.0050 8844 Running under WOW64
10:22:58.0050 8844 Processor architecture: Intel x64
10:22:58.0050 8844 Number of processors: 4
10:22:58.0050 8844 Page size: 0x1000
10:22:58.0050 8844 Boot type: Normal boot
10:22:58.0050 8844 ============================================================
10:22:58.0601 8844 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:22:58.0606 8844 ============================================================
10:22:58.0606 8844 \Device\Harddisk0\DR0:
10:22:58.0606 8844 MBR partitions:
10:22:58.0606 8844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
10:22:58.0606 8844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
10:22:58.0606 8844 ============================================================
10:22:58.0632 8844 C: <-> \Device\Harddisk0\DR0\Partition2
10:22:58.0632 8844 ============================================================
10:22:58.0632 8844 Initialize success
10:22:58.0632 8844 ============================================================
10:23:35.0944 7904 ============================================================
10:23:35.0944 7904 Scan started
10:23:35.0944 7904 Mode: Manual; SigCheck; TDLFS;
10:23:35.0944 7904 ============================================================
10:23:40.0249 7904 ================ Scan system memory ========================
10:23:40.0249 7904 System memory - ok
10:23:40.0249 7904 ================ Scan services =============================
10:23:40.0438 7904 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:23:40.0536 7904 1394ohci - ok
10:23:40.0574 7904 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:23:40.0594 7904 ACPI - ok
10:23:40.0632 7904 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:23:40.0712 7904 AcpiPmi - ok
10:23:40.0870 7904 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:23:40.0885 7904 AdobeFlashPlayerUpdateSvc - ok
10:23:40.0942 7904 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:23:40.0963 7904 adp94xx - ok
10:23:41.0001 7904 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:23:41.0023 7904 adpahci - ok
10:23:41.0035 7904 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:23:41.0053 7904 adpu320 - ok
10:23:41.0079 7904 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:23:41.0213 7904 AeLookupSvc - ok
10:23:41.0332 7904 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:23:41.0483 7904 AESTFilters - ok
10:23:41.0535 7904 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:23:41.0608 7904 AFD - ok
10:23:41.0647 7904 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:23:41.0661 7904 agp440 - ok
10:23:41.0711 7904 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:23:41.0879 7904 ALG - ok
10:23:41.0928 7904 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:23:41.0938 7904 aliide - ok
10:23:41.0949 7904 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:23:41.0962 7904 amdide - ok
10:23:42.0001 7904 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:23:42.0062 7904 AmdK8 - ok
10:23:42.0081 7904 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:23:42.0119 7904 AmdPPM - ok
10:23:42.0170 7904 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:23:42.0185 7904 amdsata - ok
10:23:42.0219 7904 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:23:42.0237 7904 amdsbs - ok
10:23:42.0252 7904 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:23:42.0265 7904 amdxata - ok
10:23:42.0322 7904 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:23:42.0506 7904 AppID - ok
10:23:42.0524 7904 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:23:42.0587 7904 AppIDSvc - ok
10:23:42.0649 7904 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:23:42.0719 7904 Appinfo - ok
10:23:42.0860 7904 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:23:42.0870 7904 Apple Mobile Device - ok
10:23:42.0935 7904 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:23:42.0950 7904 arc - ok
10:23:42.0957 7904 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:23:42.0972 7904 arcsas - ok
10:23:43.0008 7904 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:23:43.0091 7904 AsyncMac - ok
10:23:43.0150 7904 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:23:43.0162 7904 atapi - ok
10:23:43.0213 7904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:23:43.0306 7904 AudioEndpointBuilder - ok
10:23:43.0336 7904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:23:43.0392 7904 AudioSrv - ok
10:23:43.0462 7904 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:23:43.0573 7904 AxInstSV - ok
10:23:43.0621 7904 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:23:43.0686 7904 b06bdrv - ok
10:23:43.0731 7904 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:23:43.0792 7904 b57nd60a - ok
10:23:44.0004 7904 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
10:23:44.0023 7904 BBSvc - ok
10:23:44.0062 7904 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
10:23:44.0080 7904 BBUpdate - ok
10:23:44.0100 7904 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:23:44.0127 7904 BDESVC - ok
10:23:44.0168 7904 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:23:44.0243 7904 Beep - ok
10:23:44.0335 7904 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:23:44.0437 7904 BFE - ok
10:23:44.0687 7904 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
10:23:44.0725 7904 BHDrvx64 - ok
10:23:44.0814 7904 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:23:44.0920 7904 BITS - ok
10:23:44.0978 7904 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:23:45.0013 7904 blbdrive - ok
10:23:45.0072 7904 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:23:45.0089 7904 Bonjour Service - ok
10:23:45.0137 7904 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:23:45.0159 7904 bowser - ok
10:23:45.0204 7904 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:23:45.0495 7904 BrFiltLo - ok
10:23:45.0521 7904 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:23:45.0543 7904 BrFiltUp - ok
10:23:45.0614 7904 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:23:45.0666 7904 BridgeMP - ok
10:23:45.0704 7904 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
10:23:45.0813 7904 Browser - ok
10:23:45.0927 7904 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:23:46.0094 7904 Brserid - ok
10:23:46.0106 7904 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:23:46.0148 7904 BrSerWdm - ok
10:23:46.0189 7904 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:23:46.0224 7904 BrUsbMdm - ok
10:23:46.0264 7904 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:23:46.0295 7904 BrUsbSer - ok
10:23:46.0368 7904 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:23:46.0417 7904 BthEnum - ok
10:23:46.0458 7904 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:23:46.0499 7904 BTHMODEM - ok
10:23:46.0580 7904 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:23:46.0618 7904 BthPan - ok
10:23:46.0679 7904 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:23:46.0759 7904 BTHPORT - ok
10:23:46.0795 7904 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:23:46.0858 7904 bthserv - ok
10:23:46.0926 7904 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:23:46.0971 7904 BTHUSB - ok
10:23:47.0010 7904 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
10:23:47.0020 7904 btusbflt - ok
10:23:47.0067 7904 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
10:23:47.0078 7904 btwaudio - ok
10:23:47.0091 7904 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
10:23:47.0102 7904 btwavdt - ok
10:23:47.0176 7904 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:23:47.0204 7904 btwdins - ok
10:23:47.0240 7904 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
10:23:47.0248 7904 btwl2cap - ok
10:23:47.0267 7904 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
10:23:47.0276 7904 btwrchid - ok
10:23:47.0321 7904 catchme - ok
10:23:47.0393 7904 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
10:23:47.0405 7904 ccSet_N360 - ok
10:23:47.0465 7904 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_NAT C:\Windows\system32\drivers\NATx64\0105000.024\ccSetx64.sys
10:23:47.0477 7904 ccSet_NAT - ok
10:23:47.0536 7904 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
10:23:47.0548 7904 ccSet_NST - ok
10:23:47.0594 7904 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:23:47.0667 7904 cdfs - ok
10:23:47.0714 7904 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:23:47.0764 7904 cdrom - ok
10:23:47.0929 7904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:23:48.0012 7904 CertPropSvc - ok
10:23:48.0058 7904 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:23:48.0100 7904 circlass - ok
10:23:48.0134 7904 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:23:48.0155 7904 CLFS - ok
10:23:48.0211 7904 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:23:48.0223 7904 clr_optimization_v2.0.50727_32 - ok
10:23:48.0249 7904 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:23:48.0262 7904 clr_optimization_v2.0.50727_64 - ok
10:23:48.0316 7904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:23:48.0331 7904 clr_optimization_v4.0.30319_32 - ok
10:23:48.0355 7904 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:23:48.0370 7904 clr_optimization_v4.0.30319_64 - ok
10:23:48.0413 7904 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:23:48.0445 7904 CmBatt - ok
10:23:48.0497 7904 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:23:48.0509 7904 cmdide - ok
10:23:48.0549 7904 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:23:48.0581 7904 CNG - ok
10:23:48.0620 7904 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:23:48.0629 7904 Compbatt - ok
10:23:48.0673 7904 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:23:48.0714 7904 CompositeBus - ok
10:23:48.0732 7904 COMSysApp - ok
10:23:48.0752 7904 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:23:48.0765 7904 crcdisk - ok
10:23:48.0810 7904 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:23:48.0837 7904 CryptSvc - ok
10:23:48.0878 7904 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:23:48.0936 7904 CtClsFlt - ok
10:23:49.0051 7904 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:23:49.0081 7904 cvhsvc - ok
10:23:49.0134 7904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:23:49.0208 7904 DcomLaunch - ok
10:23:49.0271 7904 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:23:49.0349 7904 defragsvc - ok
10:23:49.0392 7904 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:23:49.0464 7904 DfsC - ok
10:23:49.0532 7904 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:23:49.0608 7904 Dhcp - ok
10:23:49.0684 7904 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:23:49.0777 7904 discache - ok
10:23:49.0942 7904 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:23:49.0957 7904 Disk - ok
10:23:50.0006 7904 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:23:50.0023 7904 Dnscache - ok
10:23:50.0057 7904 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:23:50.0133 7904 dot3svc - ok
10:23:50.0165 7904 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:23:50.0241 7904 DPS - ok
10:23:50.0281 7904 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:23:50.0327 7904 drmkaud - ok
10:23:50.0380 7904 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:23:50.0416 7904 DXGKrnl - ok
10:23:50.0449 7904 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:23:50.0521 7904 EapHost - ok
10:23:50.0606 7904 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:23:50.0749 7904 ebdrv - ok
10:23:50.0829 7904 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:23:50.0848 7904 eeCtrl - ok
10:23:50.0885 7904 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:23:50.0926 7904 EFS - ok
10:23:51.0008 7904 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:23:51.0076 7904 ehRecvr - ok
10:23:51.0107 7904 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:23:51.0175 7904 ehSched - ok
10:23:51.0241 7904 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:23:51.0267 7904 elxstor - ok
10:23:51.0352 7904 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:23:51.0365 7904 EraserUtilRebootDrv - ok
10:23:51.0379 7904 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:23:51.0414 7904 ErrDev - ok
10:23:51.0463 7904 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:23:51.0539 7904 EventSystem - ok
10:23:51.0613 7904 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:23:51.0650 7904 EvtEng - ok
10:23:51.0666 7904 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:23:51.0744 7904 exfat - ok
10:23:52.0025 7904 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:23:52.0095 7904 fastfat - ok
10:23:52.0159 7904 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:23:52.0340 7904 Fax - ok
10:23:52.0400 7904 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:23:52.0440 7904 fdc - ok
10:23:52.0484 7904 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:23:52.0572 7904 fdPHost - ok
10:23:52.0615 7904 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:23:52.0660 7904 FDResPub - ok
10:23:52.0707 7904 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:23:52.0720 7904 FileInfo - ok
10:23:52.0741 7904 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:23:52.0823 7904 Filetrace - ok
10:23:52.0854 7904 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:23:52.0873 7904 flpydisk - ok
10:23:52.0902 7904 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:23:52.0921 7904 FltMgr - ok
10:23:52.0963 7904 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:23:53.0032 7904 FontCache - ok
10:23:53.0093 7904 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:23:53.0104 7904 FontCache3.0.0.0 - ok
10:23:53.0128 7904 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:23:53.0142 7904 FsDepends - ok
10:23:53.0164 7904 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:23:53.0175 7904 Fs_Rec - ok
10:23:53.0216 7904 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:23:53.0237 7904 fvevol - ok
10:23:53.0265 7904 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:23:53.0278 7904 gagp30kx - ok
10:23:53.0377 7904 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
10:23:53.0395 7904 GameConsoleService - ok
10:23:53.0422 7904 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:23:53.0429 7904 GEARAspiWDM - ok
10:23:53.0471 7904 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
10:23:53.0481 7904 GoToAssist - ok
10:23:53.0523 7904 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:23:53.0615 7904 gpsvc - ok
10:23:53.0708 7904 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:23:53.0726 7904 gupdate - ok
10:23:54.0404 7904 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:23:54.0413 7904 gupdatem - ok
10:23:54.0481 7904 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:23:54.0495 7904 gusvc - ok
10:23:54.0526 7904 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:23:54.0563 7904 hcw85cir - ok
10:23:54.0643 7904 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:23:54.0695 7904 HdAudAddService - ok
10:23:54.0747 7904 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:23:54.0783 7904 HDAudBus - ok
10:23:54.0827 7904 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:23:54.0837 7904 HECIx64 - ok
10:23:54.0856 7904 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:23:54.0890 7904 HidBatt - ok
10:23:54.0940 7904 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:23:54.0972 7904 HidBth - ok
10:23:55.0002 7904 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:23:55.0034 7904 HidIr - ok
10:23:55.0063 7904 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:23:55.0132 7904 hidserv - ok
10:23:55.0203 7904 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:23:55.0219 7904 HidUsb - ok
10:23:55.0260 7904 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:23:55.0334 7904 hkmsvc - ok
10:23:55.0362 7904 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:23:55.0397 7904 HomeGroupListener - ok
10:23:55.0438 7904 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:23:55.0474 7904 HomeGroupProvider - ok
10:23:55.0575 7904 [ 16959F84844DC9B2CEF0D5B1A412370F ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
10:23:55.0581 7904 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
10:23:55.0581 7904 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
10:23:55.0650 7904 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:23:55.0668 7904 HpSAMD - ok
10:23:56.0304 7904 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:23:56.0925 7904 HTTP - ok
10:23:56.0994 7904 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:23:57.0011 7904 hwpolicy - ok
10:23:57.0061 7904 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:23:57.0086 7904 i8042prt - ok
10:23:57.0193 7904 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:23:57.0210 7904 iaStor - ok
10:23:57.0352 7904 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:23:57.0362 7904 IAStorDataMgrSvc - ok
10:23:57.0489 7904 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:23:57.0511 7904 iaStorV - ok
10:23:57.0726 7904 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:23:58.0193 7904 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:23:58.0193 7904 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:23:58.0849 7904 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:23:58.0902 7904 idsvc - ok
10:23:59.0070 7904 [ CE0BF35C79E03BB89DA6B14FAC838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120810.001\IDSvia64.sys
10:23:59.0088 7904 IDSVia64 - ok
10:24:01.0077 7904 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:24:01.0538 7904 igfx - ok
10:24:01.0633 7904 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:24:01.0652 7904 iirsp - ok
10:24:01.0782 7904 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:24:02.0318 7904 IKEEXT - ok
10:24:02.0401 7904 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:24:02.0473 7904 Impcd - ok
10:24:02.0543 7904 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:24:02.0601 7904 IntcDAud - ok
10:24:02.0615 7904 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:24:02.0638 7904 intelide - ok
10:24:02.0692 7904 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:24:02.0766 7904 intelppm - ok
10:24:02.0810 7904 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:24:02.0884 7904 IPBusEnum - ok
10:24:02.0959 7904 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:24:03.0044 7904 IpFilterDriver - ok
10:24:03.0284 7904 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:24:03.0445 7904 iphlpsvc - ok
10:24:03.0497 7904 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:24:03.0611 7904 IPMIDRV - ok
10:24:03.0717 7904 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:24:04.0238 7904 IPNAT - ok
10:24:04.0494 7904 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:24:04.0521 7904 iPod Service - ok
10:24:04.0593 7904 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:24:04.0871 7904 IRENUM - ok
10:24:04.0924 7904 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:24:04.0941 7904 isapnp - ok
10:24:05.0016 7904 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:24:05.0050 7904 iScsiPrt - ok
10:24:05.0079 7904 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:24:05.0091 7904 kbdclass - ok
10:24:05.0140 7904 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:24:05.0202 7904 kbdhid - ok
10:24:05.0219 7904 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:24:05.0231 7904 KeyIso - ok
10:24:05.0267 7904 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:24:05.0290 7904 KSecDD - ok
10:24:05.0354 7904 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:24:05.0384 7904 KSecPkg - ok
10:24:05.0458 7904 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:24:05.0529 7904 ksthunk - ok
10:24:05.0605 7904 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:24:05.0710 7904 KtmRm - ok
10:24:05.0816 7904 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:24:05.0904 7904 LanmanServer - ok
10:24:05.0958 7904 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:24:06.0038 7904 LanmanWorkstation - ok
10:24:06.0085 7904 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:24:06.0175 7904 lltdio - ok
10:24:06.0241 7904 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:24:06.0311 7904 lltdsvc - ok
10:24:06.0327 7904 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:24:06.0376 7904 lmhosts - ok
10:24:06.0505 7904 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:24:06.0518 7904 LMS - ok
10:24:06.0582 7904 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:24:06.0602 7904 LSI_FC - ok
10:24:06.0608 7904 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:24:06.0624 7904 LSI_SAS - ok
10:24:06.0631 7904 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:24:06.0646 7904 LSI_SAS2 - ok
10:24:06.0667 7904 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:24:06.0683 7904 LSI_SCSI - ok
10:24:06.0718 7904 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:24:06.0793 7904 luafv - ok
10:24:06.0906 7904 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:24:06.0965 7904 Mcx2Svc - ok
10:24:06.0993 7904 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:24:07.0006 7904 megasas - ok
10:24:07.0063 7904 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:24:07.0096 7904 MegaSR - ok
10:24:07.0276 7904 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:24:07.0294 7904 Microsoft Office Groove Audit Service - ok
10:24:07.0351 7904 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:24:07.0437 7904 MMCSS - ok
10:24:07.0448 7904 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:24:07.0547 7904 Modem - ok
10:24:07.0616 7904 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:24:07.0806 7904 monitor - ok
10:24:07.0893 7904 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:24:07.0905 7904 mouclass - ok
10:24:07.0957 7904 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:24:07.0990 7904 mouhid - ok
10:24:08.0029 7904 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:24:08.0051 7904 mountmgr - ok
10:24:08.0206 7904 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:24:08.0225 7904 MozillaMaintenance - ok
10:24:08.0245 7904 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:24:08.0262 7904 mpio - ok
10:24:08.0296 7904 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:24:08.0391 7904 mpsdrv - ok
10:24:08.0605 7904 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:24:08.0720 7904 MpsSvc - ok
10:24:08.0762 7904 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:24:08.0808 7904 MRxDAV - ok
10:24:08.0852 7904 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:24:08.0911 7904 mrxsmb - ok
10:24:08.0967 7904 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:24:09.0029 7904 mrxsmb10 - ok
10:24:09.0065 7904 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:24:09.0079 7904 mrxsmb20 - ok
10:24:09.0213 7904 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:24:09.0224 7904 msahci - ok
10:24:09.0268 7904 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:24:09.0283 7904 msdsm - ok
10:24:09.0306 7904 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:24:09.0388 7904 MSDTC - ok
10:24:09.0428 7904 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:24:09.0472 7904 Msfs - ok
10:24:09.0530 7904 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:24:09.0612 7904 mshidkmdf - ok
10:24:09.0665 7904 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:24:09.0676 7904 msisadrv - ok
10:24:09.0726 7904 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:24:09.0809 7904 MSiSCSI - ok
10:24:09.0814 7904 msiserver - ok
10:24:10.0000 7904 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:24:10.0099 7904 MSKSSRV - ok
10:24:10.0124 7904 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:24:10.0305 7904 MSPCLOCK - ok
10:24:10.0360 7904 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:24:10.0431 7904 MSPQM - ok
10:24:10.0508 7904 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:24:10.0544 7904 MsRPC - ok
10:24:10.0582 7904 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:24:10.0594 7904 mssmbios - ok
10:24:10.0668 7904 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:24:10.0733 7904 MSTEE - ok
10:24:10.0738 7904 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:24:10.0750 7904 MTConfig - ok
10:24:10.0815 7904 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:24:10.0828 7904 Mup - ok
10:24:10.0887 7904 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:24:10.0904 7904 MyWiFiDHCPDNS - ok
10:24:11.0058 7904 [ C6948F034D7EDABCFA2234D399FC78BC ] N360 C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
10:24:11.0072 7904 N360 - ok
10:24:11.0165 7904 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:24:11.0247 7904 napagent - ok
10:24:11.0323 7904 [ 9D0F43B1D0434B44183D4795E89F6C14 ] NAT C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe
10:24:11.0334 7904 NAT - ok
10:24:11.0371 7904 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:24:11.0414 7904 NativeWifiP - ok
10:24:11.0499 7904 [ 8043D41F881D6ACE40B854AD6E32217F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\ENG64.SYS
10:24:11.0511 7904 NAVENG - ok
10:24:11.0577 7904 [ 9A9AB2FC45D701DAED465D14980F1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\EX64.SYS
10:24:11.0658 7904 NAVEX15 - ok
10:24:11.0728 7904 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:24:11.0929 7904 NDIS - ok
10:24:11.0955 7904 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:24:12.0024 7904 NdisCap - ok
10:24:12.0083 7904 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:24:12.0152 7904 NdisTapi - ok
10:24:12.0189 7904 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:24:12.0257 7904 Ndisuio - ok
10:24:12.0296 7904 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:24:12.0363 7904 NdisWan - ok
10:24:12.0398 7904 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:24:12.0442 7904 NDProxy - ok
10:24:12.0497 7904 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:24:12.0528 7904 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:24:12.0528 7904 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:24:12.0564 7904 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:24:12.0616 7904 NetBIOS - ok
10:24:12.0662 7904 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:24:12.0736 7904 NetBT - ok
10:24:12.0761 7904 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:24:12.0774 7904 Netlogon - ok
10:24:12.0830 7904 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:24:12.0909 7904 Netman - ok
10:24:12.0937 7904 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:24:13.0023 7904 netprofm - ok
10:24:13.0089 7904 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:24:13.0101 7904 NetTcpPortSharing - ok
10:24:13.0246 7904 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
10:24:13.0480 7904 NETw5s64 - ok
10:24:13.0520 7904 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:24:13.0533 7904 nfrd960 - ok
10:24:13.0584 7904 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:24:13.0659 7904 NlaSvc - ok
10:24:14.0055 7904 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
10:24:14.0160 7904 NOBU - ok
10:24:14.0203 7904 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:24:14.0260 7904 Npfs - ok
10:24:14.0322 7904 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:24:14.0391 7904 nsi - ok
10:24:14.0420 7904 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:24:14.0468 7904 nsiproxy - ok
10:24:14.0549 7904 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
10:24:14.0560 7904 NSL - ok
10:24:14.0624 7904 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:24:14.0692 7904 Ntfs - ok
10:24:14.0719 7904 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:24:14.0766 7904 Null - ok
10:24:14.0805 7904 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:24:14.0822 7904 nvraid - ok
10:24:14.0853 7904 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:24:14.0872 7904 nvstor - ok
10:24:14.0913 7904 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:24:14.0925 7904 nv_agp - ok
10:24:14.0989 7904 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:24:15.0013 7904 odserv - ok
10:24:15.0057 7904 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:24:15.0097 7904 ohci1394 - ok
10:24:15.0166 7904 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:24:15.0181 7904 ose - ok
10:24:15.0348 7904 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:24:15.0538 7904 osppsvc - ok
10:24:15.0617 7904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:24:15.0749 7904 p2pimsvc - ok
10:24:15.0825 7904 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:24:15.0877 7904 p2psvc - ok
10:24:15.0903 7904 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:24:15.0922 7904 Parport - ok
10:24:15.0956 7904 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:24:15.0971 7904 partmgr - ok
10:24:16.0006 7904 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:24:16.0049 7904 PcaSvc - ok
10:24:16.0077 7904 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:24:16.0092 7904 pci - ok
10:24:16.0121 7904 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:24:16.0134 7904 pciide - ok
10:24:16.0167 7904 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:24:16.0181 7904 pcmcia - ok
10:24:16.0205 7904 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:24:16.0218 7904 pcw - ok
10:24:16.0241 7904 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:24:16.0316 7904 PEAUTH - ok
10:24:16.0390 7904 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:24:16.0429 7904 PerfHost - ok
10:24:16.0499 7904 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:24:16.0609 7904 pla - ok
10:24:16.0669 7904 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:24:16.0715 7904 PlugPlay - ok
10:24:16.0773 7904 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:24:16.0779 7904 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:24:16.0779 7904 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:24:16.0800 7904 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:24:16.0833 7904 PNRPAutoReg - ok
10:24:16.0860 7904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:24:16.0877 7904 PNRPsvc - ok
10:24:16.0916 7904 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:24:16.0993 7904 PolicyAgent - ok
10:24:17.0024 7904 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:24:17.0096 7904 Power - ok
10:24:17.0139 7904 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:24:17.0208 7904 PptpMiniport - ok
10:24:17.0246 7904 [ 0264B15F628C8C7DBF439FD7AB4108F5 ] Printer Control C:\Windows\system32\PrintCtrl.exe
10:24:17.0276 7904 Printer Control ( UnsignedFile.Multi.Generic ) - warning
10:24:17.0276 7904 Printer Control - detected UnsignedFile.Multi.Generic (1)
10:24:17.0317 7904 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:24:17.0349 7904 Processor - ok
10:24:17.0396 7904 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:24:17.0435 7904 ProfSvc - ok
10:24:17.0457 7904 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:24:17.0470 7904 ProtectedStorage - ok
10:24:17.0513 7904 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:24:17.0584 7904 Psched - ok
10:24:17.0635 7904 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:24:17.0645 7904 PxHlpa64 - ok
10:24:17.0687 7904 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:24:17.0772 7904 ql2300 - ok
10:24:17.0861 7904 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:24:17.0878 7904 ql40xx - ok
10:24:18.0298 7904 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:24:18.0413 7904 QWAVE - ok
10:24:18.0446 7904 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:24:18.0488 7904 QWAVEdrv - ok
10:24:18.0538 7904 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:24:18.0592 7904 RasAcd - ok
10:24:18.0635 7904 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:24:18.0676 7904 RasAgileVpn - ok
10:24:18.0702 7904 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:24:18.0771 7904 RasAuto - ok
10:24:18.0809 7904 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:24:18.0880 7904 Rasl2tp - ok
10:24:18.0921 7904 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:24:18.0977 7904 RasMan - ok
10:24:19.0013 7904 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:24:19.0085 7904 RasPppoe - ok
10:24:19.0123 7904 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:24:19.0198 7904 RasSstp - ok
10:24:19.0240 7904 [ 81DDBF4FE998EF1F4BA230F7E8D8C67E ] Razerlow C:\Windows\system32\drivers\DB3G.sys
10:24:19.0273 7904 Razerlow - ok
10:24:19.0315 7904 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:24:19.0384 7904 rdbss - ok
10:24:19.0417 7904 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:24:19.0458 7904 rdpbus - ok
10:24:19.0486 7904 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:24:19.0562 7904 RDPCDD - ok
10:24:19.0589 7904 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:24:19.0660 7904 RDPENCDD - ok
10:24:19.0691 7904 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:24:19.0745 7904 RDPREFMP - ok
10:24:20.0018 7904 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:24:20.0159 7904 RDPWD - ok
10:24:20.0256 7904 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:24:20.0276 7904 rdyboost - ok
10:24:20.0333 7904 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:24:20.0375 7904 RegSrvc - ok
10:24:20.0423 7904 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:24:20.0569 7904 RemoteAccess - ok
10:24:20.0607 7904 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:24:20.0658 7904 RemoteRegistry - ok
10:24:20.0685 7904 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:24:20.0732 7904 RFCOMM - ok
10:24:20.0839 7904 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
10:24:20.0897 7904 RoxMediaDB12OEM - ok
10:24:20.0926 7904 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
10:24:20.0943 7904 RoxWatch12 - ok
10:24:20.0967 7904 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:24:21.0046 7904 RpcEptMapper - ok
10:24:21.0083 7904 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:24:21.0120 7904 RpcLocator - ok
10:24:21.0164 7904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:24:21.0223 7904 RpcSs - ok
10:24:21.0277 7904 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:24:21.0316 7904 rspndr - ok
10:24:21.0375 7904 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:24:21.0394 7904 RSUSBSTOR - ok
10:24:21.0431 7904 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:24:21.0448 7904 RTL8167 - ok
10:24:21.0465 7904 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:24:21.0478 7904 SamSs - ok
10:24:21.0521 7904 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:24:21.0537 7904 sbp2port - ok
10:24:21.0565 7904 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:24:21.0619 7904 SCardSvr - ok
10:24:21.0654 7904 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:24:21.0719 7904 scfilter - ok
10:24:21.0789 7904 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:24:21.0872 7904 Schedule - ok
10:24:21.0910 7904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:24:21.0964 7904 SCPolicySvc - ok
10:24:22.0006 7904 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:24:22.0070 7904 SDRSVC - ok
10:24:22.0101 7904 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:24:22.0152 7904 secdrv - ok
10:24:22.0193 7904 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:24:22.0266 7904 seclogon - ok
10:24:22.0317 7904 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:24:22.0394 7904 SENS - ok
10:24:22.0416 7904 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:24:22.0440 7904 SensrSvc - ok
10:24:22.0493 7904 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:24:22.0526 7904 Serenum - ok
10:24:22.0567 7904 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:24:22.0583 7904 Serial - ok
10:24:22.0615 7904 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:24:22.0653 7904 sermouse - ok
10:24:22.0706 7904 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:24:22.0780 7904 SessionEnv - ok
10:24:22.0827 7904 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:24:22.0857 7904 sffdisk - ok
10:24:22.0899 7904 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:24:22.0931 7904 sffp_mmc - ok
10:24:22.0956 7904 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:24:22.0994 7904 sffp_sd - ok
10:24:23.0041 7904 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:24:23.0055 7904 sfloppy - ok
10:24:23.0108 7904 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:24:23.0134 7904 Sftfs - ok
10:24:23.0244 7904 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:24:23.0267 7904 sftlist - ok
10:24:23.0287 7904 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:24:23.0303 7904 Sftplay - ok
10:24:23.0313 7904 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:24:23.0323 7904 Sftredir - ok
10:24:23.0399 7904 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:24:23.0467 7904 SftService - ok
10:24:23.0508 7904 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:24:23.0518 7904 Sftvol - ok
10:24:23.0558 7904 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:24:23.0574 7904 sftvsa - ok
10:24:23.0653 7904 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:24:23.0737 7904 SharedAccess - ok
10:24:23.0902 7904 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:24:23.0975 7904 ShellHWDetection - ok
10:24:24.0014 7904 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:24:24.0029 7904 SiSRaid2 - ok
10:24:24.0042 7904 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:24:24.0058 7904 SiSRaid4 - ok
10:24:24.0163 7904 [ DB0405D9AAD62F0762E0876AC142B7E1 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:24:24.0177 7904 SkypeUpdate - ok
10:24:24.0210 7904 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:24:24.0266 7904 Smb - ok
10:24:24.0331 7904 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:24:24.0367 7904 SNMPTRAP - ok
10:24:24.0394 7904 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:24:24.0403 7904 spldr - ok
10:24:24.0445 7904 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
10:24:24.0484 7904 Spooler - ok
10:24:24.0577 7904 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:24:24.0721 7904 sppsvc - ok
10:24:24.0756 7904 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:24:24.0804 7904 sppuinotify - ok
10:24:24.0889 7904 [ 06B9A7BA94356EC5207C5DDB59540378 ] SRTSP C:\Windows\system32\drivers\N360x64\0602010.005\SRTSP64.SYS
10:24:24.0916 7904 SRTSP - ok
10:24:24.0929 7904 [ FBB8945A61E55A2345D12487C74A9D76 ] SRTSPX C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
10:24:24.0937 7904 SRTSPX - ok
10:24:24.0977 7904 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:24:25.0046 7904 srv - ok
10:24:25.0065 7904 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:24:25.0085 7904 srv2 - ok
10:24:25.0098 7904 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:24:25.0113 7904 srvnet - ok
10:24:25.0157 7904 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:24:25.0230 7904 SSDPSRV - ok
10:24:25.0256 7904 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:24:25.0306 7904 SstpSvc - ok
10:24:25.0363 7904 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
10:24:25.0402 7904 STacSV - ok
10:24:25.0444 7904 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:24:25.0454 7904 stexstor - ok
10:24:25.0503 7904 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
10:24:25.0550 7904 STHDA - ok
10:24:25.0600 7904 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:24:25.0636 7904 StillCam - ok
10:24:25.0678 7904 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:24:25.0729 7904 stisvc - ok
10:24:25.0779 7904 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:24:25.0788 7904 stllssvr - ok
10:24:25.0954 7904 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:24:25.0965 7904 swenum - ok
10:24:26.0044 7904 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:24:26.0113 7904 swprv - ok
10:24:26.0409 7904 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
10:24:26.0425 7904 SymDS - ok
10:24:26.0456 7904 [ F90C7A190399165D3AB2245048D34786 ] SymEFA C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
10:24:26.0503 7904 SymEFA - ok
10:24:26.0550 7904 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:24:26.0565 7904 SymEvent - ok
10:24:26.0612 7904 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
10:24:26.0628 7904 SymIRON - ok
10:24:26.0659 7904 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS
10:24:26.0675 7904 SymNetS - ok
10:24:26.0721 7904 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:24:26.0815 7904 SysMain - ok
10:24:26.0862 7904 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:24:26.0877 7904 TabletInputService - ok
10:24:26.0940 7904 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:24:27.0002 7904 TapiSrv - ok
10:24:27.0049 7904 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:24:27.0111 7904 TBS - ok
10:24:27.0205 7904 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:24:27.0267 7904 Tcpip - ok
10:24:27.0333 7904 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:24:27.0373 7904 TCPIP6 - ok
10:24:27.0403 7904 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:24:27.0463 7904 tcpipreg - ok
10:24:27.0503 7904 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:24:27.0553 7904 TDPIPE - ok
10:24:27.0583 7904 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:24:27.0633 7904 TDTCP - ok
10:24:27.0673 7904 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:24:27.0713 7904 tdx - ok
10:24:27.0773 7904 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:24:27.0793 7904 TermDD - ok
10:24:27.0843 7904 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:24:27.0933 7904 TermService - ok
10:24:27.0973 7904 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:24:28.0013 7904 Themes - ok
10:24:28.0043 7904 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:24:28.0073 7904 THREADORDER - ok
10:24:28.0093 7904 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:24:28.0163 7904 TrkWks - ok
10:24:28.0233 7904 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:24:28.0293 7904 TrustedInstaller - ok
10:24:28.0333 7904 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:24:28.0403 7904 tssecsrv - ok
10:24:28.0443 7904 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:24:28.0503 7904 TsUsbFlt - ok
10:24:28.0543 7904 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:24:28.0603 7904 tunnel - ok
10:24:28.0673 7904 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
10:24:28.0683 7904 TurboB - ok
10:24:28.0743 7904 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:24:28.0753 7904 TurboBoost - ok
10:24:28.0773 7904 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:24:28.0793 7904 uagp35 - ok
10:24:28.0823 7904 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:24:28.0883 7904 udfs - ok
10:24:28.0923 7904 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:24:28.0933 7904 UI0Detect - ok
10:24:28.0973 7904 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:24:29.0003 7904 uliagpkx - ok
10:24:29.0053 7904 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:24:29.0063 7904 umbus - ok
10:24:29.0083 7904 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:24:29.0123 7904 UmPass - ok
10:24:29.0253 7904 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:24:29.0343 7904 UNS - ok
10:24:29.0393 7904 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:24:29.0463 7904 upnphost - ok
10:24:29.0503 7904 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:24:29.0523 7904 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:24:29.0523 7904 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
10:24:29.0573 7904 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:24:29.0603 7904 usbccgp - ok
10:24:29.0663 7904 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:24:29.0673 7904 usbcir - ok
10:24:29.0703 7904 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:24:29.0743 7904 usbehci - ok
10:24:29.0783 7904 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:24:29.0813 7904 usbhub - ok
10:24:29.0853 7904 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:24:29.0873 7904 usbohci - ok
10:24:29.0913 7904 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:24:29.0953 7904 usbprint - ok
10:24:29.0993 7904 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:24:30.0023 7904 USBSTOR - ok
10:24:30.0053 7904 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:24:30.0093 7904 usbuhci - ok
10:24:30.0143 7904 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:24:30.0163 7904 usbvideo - ok
10:24:30.0183 7904 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:24:30.0243 7904 UxSms - ok
10:24:30.0263 7904 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:24:30.0273 7904 VaultSvc - ok
10:24:30.0313 7904 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:24:30.0333 7904 vdrvroot - ok
10:24:30.0393 7904 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:24:30.0453 7904 vds - ok
10:24:30.0473 7904 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:24:30.0493 7904 vga - ok
10:24:30.0503 7904 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:24:30.0573 7904 VgaSave - ok
10:24:30.0643 7904 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:24:30.0663 7904 vhdmp - ok
10:24:30.0673 7904 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:24:30.0683 7904 viaide - ok
10:24:30.0703 7904 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:24:30.0713 7904 volmgr - ok
10:24:30.0753 7904 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:24:30.0773 7904 volmgrx - ok
10:24:30.0783 7904 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:24:30.0803 7904 volsnap - ok
10:24:30.0833 7904 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:24:30.0853 7904 vsmraid - ok
10:24:30.0913 7904 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:24:31.0003 7904 VSS - ok
10:24:31.0033 7904 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:24:31.0083 7904 vwifibus - ok
10:24:31.0113 7904 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:24:31.0153 7904 vwififlt - ok
10:24:31.0183 7904 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:24:31.0193 7904 vwifimp - ok
10:24:31.0223 7904 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:24:31.0263 7904 W32Time - ok
10:24:31.0283 7904 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:24:31.0323 7904 WacomPen - ok
10:24:31.0373 7904 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:24:31.0423 7904 WANARP - ok
10:24:31.0443 7904 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:24:31.0473 7904 Wanarpv6 - ok
10:24:31.0533 7904 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:24:31.0583 7904 WatAdminSvc - ok
10:24:31.0663 7904 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:24:31.0713 7904 wbengine - ok
10:24:31.0753 7904 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:24:31.0783 7904 WbioSrvc - ok
10:24:31.0833 7904 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:24:31.0893 7904 wcncsvc - ok
10:24:31.0923 7904 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:24:31.0973 7904 WcsPlugInService - ok
10:24:31.0993 7904 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:24:32.0003 7904 Wd - ok
10:24:32.0043 7904 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
10:24:32.0053 7904 WDC_SAM - ok
10:24:32.0083 7904 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:24:32.0113 7904 Wdf01000 - ok
10:24:32.0143 7904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:24:32.0163 7904 WdiServiceHost - ok
10:24:32.0163 7904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:24:32.0183 7904 WdiSystemHost - ok
10:24:32.0233 7904 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:24:32.0283 7904 WebClient - ok
10:24:32.0323 7904 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:24:32.0403 7904 Wecsvc - ok
10:24:32.0433 7904 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:24:32.0483 7904 wercplsupport - ok
10:24:32.0523 7904 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:24:32.0553 7904 WerSvc - ok
10:24:32.0583 7904 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:24:32.0643 7904 WfpLwf - ok
10:24:32.0673 7904 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:24:32.0683 7904 WimFltr - ok
10:24:32.0703 7904 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:24:32.0714 7904 WIMMount - ok
10:24:32.0744 7904 WinDefend - ok
10:24:32.0744 7904 WinHttpAutoProxySvc - ok
10:24:32.0804 7904 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:24:32.0844 7904 Winmgmt - ok
10:24:32.0904 7904 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:24:33.0044 7904 WinRM - ok
10:24:33.0114 7904 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
10:24:33.0154 7904 WinUSB - ok
10:24:33.0204 7904 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:24:33.0284 7904 Wlansvc - ok
10:24:33.0334 7904 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:24:33.0344 7904 wlcrasvc - ok
10:24:33.0424 7904 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:24:33.0504 7904 wlidsvc - ok
10:24:33.0544 7904 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:24:33.0574 7904 WmiAcpi - ok
10:24:33.0614 7904 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:24:33.0664 7904 wmiApSrv - ok
10:24:33.0714 7904 WMPNetworkSvc - ok
10:24:33.0794 7904 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
10:24:33.0824 7904 WMZuneComm - ok
10:24:33.0854 7904 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:24:33.0884 7904 WPCSvc - ok
10:24:33.0914 7904 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:24:33.0934 7904 WPDBusEnum - ok
10:24:33.0954 7904 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:24:34.0004 7904 ws2ifsl - ok
10:24:34.0094 7904 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:24:34.0134 7904 wscsvc - ok
10:24:34.0134 7904 WSearch - ok
10:24:34.0244 7904 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:24:34.0354 7904 wuauserv - ok
10:24:34.0374 7904 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:24:34.0434 7904 WudfPf - ok
10:24:34.0494 7904 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:24:34.0554 7904 WUDFRd - ok
10:24:34.0584 7904 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:24:34.0614 7904 wudfsvc - ok
10:24:34.0644 7904 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:24:34.0684 7904 WwanSvc - ok
10:24:34.0734 7904 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
10:24:34.0754 7904 yukonw7 - ok
10:24:35.0984 7904 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
10:24:36.0264 7904 ZuneNetworkSvc - ok
10:24:36.0364 7904 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:24:36.0394 7904 ZuneWlanCfgSvc - ok
10:24:36.0424 7904 ================ Scan global ===============================
10:24:36.0464 7904 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:24:36.0504 7904 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:24:36.0514 7904 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:24:36.0564 7904 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:24:36.0644 7904 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:24:36.0644 7904 [Global] - ok
10:24:36.0644 7904 ================ Scan MBR ==================================
10:24:36.0704 7904 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
10:24:36.0704 7904 Suspicious mbr (Forged): \Device\Harddisk0\DR0
10:24:36.0774 7904 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
10:24:36.0774 7904 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
10:24:36.0864 7904 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:24:36.0864 7904 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:24:36.0864 7904 ================ Scan VBR ==================================
10:24:36.0874 7904 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
10:24:36.0874 7904 \Device\Harddisk0\DR0\Partition1 - ok
10:24:36.0894 7904 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
10:24:36.0894 7904 \Device\Harddisk0\DR0\Partition2 - ok
10:24:36.0894 7904 ============================================================
10:24:36.0894 7904 Scan finished
10:24:36.0894 7904 ============================================================
10:24:36.0904 5248 Detected object count: 8
10:24:36.0904 5248 Actual detected object count: 8
10:27:11.0024 5248 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:11.0024 5248 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:11.0025 5248 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:11.0025 5248 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:11.0027 5248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:11.0028 5248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:11.0030 5248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:11.0030 5248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:11.0032 5248 Printer Control ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:11.0032 5248 Printer Control ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:11.0035 5248 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:11.0035 5248 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:11.0037 5248 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
10:27:11.0037 5248 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
10:27:11.0039 5248 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:27:11.0039 5248 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:42:04.0083 5552 ============================================================
12:42:04.0083 5552 Scan started
12:42:04.0083 5552 Mode: Manual; SigCheck; TDLFS;
12:42:04.0083 5552 ============================================================
12:42:08.0933 5552 ================ Scan system memory ========================
12:42:08.0933 5552 System memory - ok
12:42:08.0937 5552 ================ Scan services =============================
12:42:09.0290 5552 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:42:09.0327 5552 1394ohci - ok
12:42:09.0364 5552 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:42:09.0377 5552 ACPI - ok
12:42:09.0396 5552 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:42:09.0437 5552 AcpiPmi - ok
12:42:09.0579 5552 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:42:09.0602 5552 AdobeFlashPlayerUpdateSvc - ok
12:42:09.0646 5552 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:42:09.0677 5552 adp94xx - ok
12:42:09.0713 5552 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:42:09.0728 5552 adpahci - ok
12:42:09.0747 5552 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:42:09.0759 5552 adpu320 - ok
12:42:09.0786 5552 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:42:09.0838 5552 AeLookupSvc - ok
12:42:09.0916 5552 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
12:42:09.0952 5552 AESTFilters - ok
12:42:10.0006 5552 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:42:10.0046 5552 AFD - ok
12:42:10.0090 5552 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:42:10.0100 5552 agp440 - ok
12:42:10.0126 5552 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:42:10.0154 5552 ALG - ok
12:42:10.0175 5552 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:42:10.0186 5552 aliide - ok
12:42:10.0202 5552 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:42:10.0214 5552 amdide - ok
12:42:10.0243 5552 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:42:10.0283 5552 AmdK8 - ok
12:42:10.0317 5552 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:42:10.0351 5552 AmdPPM - ok
12:42:10.0395 5552 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:42:10.0405 5552 amdsata - ok
12:42:10.0420 5552 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:42:10.0433 5552 amdsbs - ok
12:42:10.0446 5552 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:42:10.0454 5552 amdxata - ok
12:42:10.0485 5552 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:42:10.0541 5552 AppID - ok
12:42:10.0582 5552 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:42:10.0638 5552 AppIDSvc - ok
12:42:10.0679 5552 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:42:10.0734 5552 Appinfo - ok
12:42:10.0857 5552 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:42:10.0865 5552 Apple Mobile Device - ok
12:42:10.0915 5552 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:42:10.0927 5552 arc - ok
12:42:10.0943 5552 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:42:10.0954 5552 arcsas - ok
12:42:10.0965 5552 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:42:11.0022 5552 AsyncMac - ok
12:42:11.0067 5552 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:42:11.0077 5552 atapi - ok
12:42:11.0129 5552 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:42:11.0228 5552 AudioEndpointBuilder - ok
12:42:11.0272 5552 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:42:11.0318 5552 AudioSrv - ok
12:42:11.0358 5552 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:42:11.0407 5552 AxInstSV - ok
12:42:11.0459 5552 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:42:11.0529 5552 b06bdrv - ok
12:42:11.0555 5552 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:42:11.0591 5552 b57nd60a - ok
12:42:11.0695 5552 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
12:42:11.0707 5552 BBSvc - ok
12:42:11.0760 5552 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
12:42:11.0774 5552 BBUpdate - ok
12:42:11.0801 5552 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:42:11.0830 5552 BDESVC - ok
12:42:11.0859 5552 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:42:11.0914 5552 Beep - ok
12:42:11.0984 5552 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:42:12.0056 5552 BFE - ok
12:42:12.0268 5552 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
12:42:12.0323 5552 BHDrvx64 - ok
12:42:12.0401 5552 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:42:12.0464 5552 BITS - ok
12:42:12.0503 5552 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:42:12.0538 5552 blbdrive - ok
12:42:12.0580 5552 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:42:12.0596 5552 Bonjour Service - ok
12:42:12.0642 5552 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:42:12.0652 5552 bowser - ok
12:42:12.0662 5552 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:42:12.0697 5552 BrFiltLo - ok
12:42:12.0727 5552 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:42:12.0759 5552 BrFiltUp - ok
12:42:12.0790 5552 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:42:12.0826 5552 BridgeMP - ok
12:42:12.0880 5552 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
12:42:12.0940 5552 Browser - ok
12:42:12.0969 5552 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:42:12.0986 5552 Brserid - ok
12:42:13.0000 5552 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:42:13.0037 5552 BrSerWdm - ok
12:42:13.0080 5552 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:42:13.0127 5552 BrUsbMdm - ok
12:42:13.0149 5552 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:42:13.0182 5552 BrUsbSer - ok
12:42:13.0225 5552 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:42:13.0278 5552 BthEnum - ok
12:42:13.0291 5552 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:42:13.0321 5552 BTHMODEM - ok
12:42:13.0355 5552 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:42:13.0398 5552 BthPan - ok
12:42:13.0445 5552 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:42:13.0497 5552 BTHPORT - ok
12:42:13.0529 5552 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:42:13.0589 5552 bthserv - ok
12:42:13.0630 5552 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:42:13.0688 5552 BTHUSB - ok
12:42:13.0723 5552 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
12:42:13.0733 5552 btusbflt - ok
12:42:13.0770 5552 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:42:13.0778 5552 btwaudio - ok
12:42:13.0794 5552 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
12:42:13.0803 5552 btwavdt - ok
12:42:13.0859 5552 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:42:13.0878 5552 btwdins - ok
12:42:13.0892 5552 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:42:13.0899 5552 btwl2cap - ok
12:42:13.0909 5552 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:42:13.0915 5552 btwrchid - ok
12:42:13.0918 5552 catchme - ok
12:42:13.0984 5552 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
12:42:14.0003 5552 ccSet_N360 - ok
12:42:14.0046 5552 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_NAT C:\Windows\system32\drivers\NATx64\0105000.024\ccSetx64.sys
12:42:14.0059 5552 ccSet_NAT - ok
12:42:14.0127 5552 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
12:42:14.0139 5552 ccSet_NST - ok
12:42:14.0165 5552 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:42:14.0223 5552 cdfs - ok
12:42:14.0273 5552 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:42:14.0316 5552 cdrom - ok
12:42:14.0353 5552 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:42:14.0413 5552 CertPropSvc - ok
12:42:14.0441 5552 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:42:14.0455 5552 circlass - ok
12:42:14.0478 5552 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:42:14.0496 5552 CLFS - ok
12:42:14.0547 5552 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:42:14.0558 5552 clr_optimization_v2.0.50727_32 - ok
12:42:14.0582 5552 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:42:14.0597 5552 clr_optimization_v2.0.50727_64 - ok
12:42:14.0638 5552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:42:14.0650 5552 clr_optimization_v4.0.30319_32 - ok
12:42:14.0678 5552 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:42:14.0691 5552 clr_optimization_v4.0.30319_64 - ok
12:42:14.0706 5552 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:42:14.0759 5552 CmBatt - ok
12:42:14.0799 5552 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:42:14.0815 5552 cmdide - ok
12:42:14.0873 5552 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:42:14.0903 5552 CNG - ok
12:42:14.0932 5552 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:42:14.0946 5552 Compbatt - ok
12:42:14.0976 5552 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:42:15.0011 5552 CompositeBus - ok
12:42:15.0033 5552 COMSysApp - ok
12:42:15.0045 5552 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:42:15.0056 5552 crcdisk - ok
12:42:15.0102 5552 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:42:15.0115 5552 CryptSvc - ok
12:42:15.0139 5552 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:42:15.0172 5552 CtClsFlt - ok
12:42:15.0261 5552 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:42:15.0281 5552 cvhsvc - ok
12:42:15.0324 5552 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:42:15.0380 5552 DcomLaunch - ok
12:42:15.0429 5552 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:42:15.0500 5552 defragsvc - ok
12:42:15.0550 5552 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:42:15.0626 5552 DfsC - ok
12:42:15.0672 5552 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:42:15.0750 5552 Dhcp - ok
12:42:15.0842 5552 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:42:16.0046 5552 discache - ok
12:42:16.0101 5552 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:42:16.0115 5552 Disk - ok
12:42:16.0144 5552 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:42:16.0170 5552 Dnscache - ok
12:42:16.0206 5552 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:42:16.0276 5552 dot3svc - ok
12:42:16.0292 5552 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:42:16.0355 5552 DPS - ok
12:42:16.0387 5552 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:42:16.0425 5552 drmkaud - ok
12:42:16.0477 5552 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:42:16.0524 5552 DXGKrnl - ok
12:42:16.0546 5552 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:42:16.0620 5552 EapHost - ok
12:42:16.0701 5552 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:42:16.0822 5552 ebdrv - ok
12:42:16.0885 5552 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:42:16.0905 5552 eeCtrl - ok
12:42:16.0940 5552 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:42:16.0997 5552 EFS - ok
12:42:17.0070 5552 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:42:17.0119 5552 ehRecvr - ok
12:42:17.0161 5552 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:42:17.0212 5552 ehSched - ok
12:42:17.0258 5552 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:42:17.0284 5552 elxstor - ok
12:42:17.0326 5552 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:42:17.0341 5552 EraserUtilRebootDrv - ok
12:42:17.0356 5552 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:42:17.0407 5552 ErrDev - ok
12:42:17.0436 5552 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:42:17.0495 5552 EventSystem - ok
12:42:17.0576 5552 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:42:17.0611 5552 EvtEng - ok
12:42:17.0623 5552 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:42:17.0692 5552 exfat - ok
12:42:17.0855 5552 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:42:17.0925 5552 fastfat - ok
12:42:17.0978 5552 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:42:18.0040 5552 Fax - ok
12:42:18.0061 5552 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:42:18.0112 5552 fdc - ok
12:42:18.0149 5552 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:42:18.0221 5552 fdPHost - ok
12:42:18.0249 5552 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:42:18.0288 5552 FDResPub - ok
12:42:18.0310 5552 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:42:18.0323 5552 FileInfo - ok
12:42:18.0327 5552 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:42:18.0387 5552 Filetrace - ok
12:42:18.0417 5552 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:42:18.0427 5552 flpydisk - ok
12:42:18.0457 5552 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:42:18.0477 5552 FltMgr - ok
12:42:18.0517 5552 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:42:18.0627 5552 FontCache - ok
12:42:18.0677 5552 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:42:18.0687 5552 FontCache3.0.0.0 - ok
12:42:18.0717 5552 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:42:18.0727 5552 FsDepends - ok
12:42:18.0757 5552 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:42:18.0767 5552 Fs_Rec - ok
12:42:18.0797 5552 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:42:18.0817 5552 fvevol - ok
12:42:18.0827 5552 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:42:18.0837 5552 gagp30kx - ok
12:42:18.0897 5552 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
12:42:18.0917 5552 GameConsoleService - ok
12:42:18.0957 5552 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:42:18.0977 5552 GEARAspiWDM - ok
12:42:19.0007 5552 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:42:19.0017 5552 GoToAssist - ok
12:42:19.0067 5552 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:42:19.0167 5552 gpsvc - ok
12:42:19.0227 5552 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:19.0237 5552 gupdate - ok
12:42:19.0237 5552 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:19.0247 5552 gupdatem - ok
12:42:19.0287 5552 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:42:19.0307 5552 gusvc - ok
12:42:19.0337 5552 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:42:19.0367 5552 hcw85cir - ok
12:42:19.0417 5552 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:42:19.0457 5552 HdAudAddService - ok
12:42:19.0487 5552 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:42:19.0517 5552 HDAudBus - ok
12:42:19.0557 5552 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:42:19.0567 5552 HECIx64 - ok
12:42:19.0587 5552 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:42:19.0627 5552 HidBatt - ok
12:42:19.0657 5552 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:42:19.0677 5552 HidBth - ok
12:42:19.0687 5552 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:42:19.0727 5552 HidIr - ok
12:42:19.0787 5552 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:42:19.0887 5552 hidserv - ok
12:42:19.0927 5552 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:42:19.0937 5552 HidUsb - ok
12:42:19.0977 5552 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:42:20.0047 5552 hkmsvc - ok
12:42:20.0087 5552 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:42:20.0147 5552 HomeGroupListener - ok
12:42:20.0167 5552 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:42:20.0197 5552 HomeGroupProvider - ok
12:42:20.0257 5552 [ 16959F84844DC9B2CEF0D5B1A412370F ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
12:42:20.0267 5552 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
12:42:20.0267 5552 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
12:42:20.0297 5552 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:42:20.0307 5552 HpSAMD - ok
12:42:20.0347 5552 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:42:20.0437 5552 HTTP - ok
12:42:20.0467 5552 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:42:20.0477 5552 hwpolicy - ok
12:42:20.0517 5552 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:42:20.0534 5552 i8042prt - ok
12:42:20.0567 5552 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:42:20.0592 5552 iaStor - ok
12:42:20.0645 5552 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:42:20.0656 5552 IAStorDataMgrSvc - ok
12:42:20.0694 5552 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:42:20.0717 5552 iaStorV - ok
12:42:20.0795 5552 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:42:20.0817 5552 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:42:20.0817 5552 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:42:20.0895 5552 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:42:20.0949 5552 idsvc - ok
12:42:21.0047 5552 [ CE0BF35C79E03BB89DA6B14FAC838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120810.001\IDSvia64.sys
12:42:21.0070 5552 IDSVia64 - ok
12:42:21.0415 5552 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:42:21.0789 5552 igfx - ok
12:42:21.0877 5552 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:42:21.0909 5552 iirsp - ok
12:42:22.0010 5552 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:42:22.0108 5552 IKEEXT - ok
12:42:22.0147 5552 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:42:22.0179 5552 Impcd - ok
12:42:22.0216 5552 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:42:22.0252 5552 IntcDAud - ok
12:42:22.0281 5552 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:42:22.0293 5552 intelide - ok
12:42:22.0316 5552 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:42:22.0346 5552 intelppm - ok
12:42:22.0378 5552 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:42:22.0431 5552 IPBusEnum - ok
12:42:22.0468 5552 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:42:22.0529 5552 IpFilterDriver - ok
12:42:22.0579 5552 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:42:22.0654 5552 iphlpsvc - ok
12:42:22.0690 5552 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:42:22.0705 5552 IPMIDRV - ok
12:42:22.0738 5552 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:42:22.0806 5552 IPNAT - ok
12:42:22.0856 5552 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:42:22.0884 5552 iPod Service - ok
12:42:22.0897 5552 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:42:22.0936 5552 IRENUM - ok
12:42:22.0960 5552 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:42:22.0972 5552 isapnp - ok
12:42:23.0005 5552 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:42:23.0022 5552 iScsiPrt - ok
12:42:23.0038 5552 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:42:23.0051 5552 kbdclass - ok
12:42:23.0069 5552 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:42:23.0102 5552 kbdhid - ok
12:42:23.0137 5552 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:42:23.0148 5552 KeyIso - ok
12:42:23.0175 5552 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:42:23.0190 5552 KSecDD - ok
12:42:23.0231 5552 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:42:23.0247 5552 KSecPkg - ok
12:42:23.0273 5552 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:42:23.0340 5552 ksthunk - ok
12:42:23.0380 5552 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:42:23.0454 5552 KtmRm - ok
12:42:23.0498 5552 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:42:23.0567 5552 LanmanServer - ok
12:42:23.0609 5552 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:42:23.0681 5552 LanmanWorkstation - ok
12:42:23.0705 5552 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:42:23.0788 5552 lltdio - ok
12:42:23.0897 5552 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:42:23.0978 5552 lltdsvc - ok
12:42:24.0039 5552 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:42:24.0094 5552 lmhosts - ok
12:42:24.0133 5552 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:42:24.0147 5552 LMS - ok
12:42:24.0173 5552 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:42:24.0188 5552 LSI_FC - ok
12:42:24.0201 5552 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:42:24.0217 5552 LSI_SAS - ok
12:42:24.0240 5552 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:42:24.0253 5552 LSI_SAS2 - ok
12:42:24.0268 5552 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:42:24.0284 5552 LSI_SCSI - ok
12:42:24.0292 5552 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:42:24.0379 5552 luafv - ok
12:42:24.0421 5552 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:42:24.0460 5552 Mcx2Svc - ok
12:42:24.0483 5552 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:42:24.0496 5552 megasas - ok
12:42:24.0531 5552 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:42:24.0551 5552 MegaSR - ok
12:42:24.0619 5552 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:42:24.0631 5552 Microsoft Office Groove Audit Service - ok
12:42:24.0653 5552 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:42:24.0729 5552 MMCSS - ok
12:42:24.0756 5552 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:42:24.0823 5552 Modem - ok
12:42:24.0856 5552 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:42:24.0892 5552 monitor - ok
12:42:24.0927 5552 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:42:24.0942 5552 mouclass - ok
12:42:24.0960 5552 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:42:24.0994 5552 mouhid - ok
12:42:25.0032 5552 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:42:25.0047 5552 mountmgr - ok
12:42:25.0095 5552 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:42:25.0108 5552 MozillaMaintenance - ok
12:42:25.0125 5552 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:42:25.0141 5552 mpio - ok
12:42:25.0166 5552 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:42:25.0237 5552 mpsdrv - ok
12:42:25.0300 5552 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:42:25.0384 5552 MpsSvc - ok
12:42:25.0422 5552 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:42:25.0461 5552 MRxDAV - ok
12:42:25.0505 5552 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:42:25.0544 5552 mrxsmb - ok
12:42:25.0590 5552 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:42:25.0630 5552 mrxsmb10 - ok
12:42:25.0657 5552 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:42:25.0673 5552 mrxsmb20 - ok
12:42:25.0713 5552 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:42:25.0763 5552 msahci - ok
12:42:25.0809 5552 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:42:25.0827 5552 msdsm - ok
12:42:25.0873 5552 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:42:25.0919 5552 MSDTC - ok
12:42:25.0959 5552 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:42:26.0007 5552 Msfs - ok
12:42:26.0019 5552 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:42:26.0094 5552 mshidkmdf - ok
12:42:26.0134 5552 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:42:26.0147 5552 msisadrv - ok
12:42:26.0169 5552 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:42:26.0224 5552 MSiSCSI - ok
12:42:26.0229 5552 msiserver - ok
12:42:26.0243 5552 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:42:26.0291 5552 MSKSSRV - ok
12:42:26.0307 5552 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:42:26.0369 5552 MSPCLOCK - ok
12:42:26.0374 5552 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:42:26.0426 5552 MSPQM - ok
12:42:26.0463 5552 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:42:26.0484 5552 MsRPC - ok
12:42:26.0517 5552 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:42:26.0530 5552 mssmbios - ok
12:42:26.0546 5552 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:42:26.0609 5552 MSTEE - ok
12:42:26.0631 5552 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:42:26.0645 5552 MTConfig - ok
12:42:26.0658 5552 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:42:26.0672 5552 Mup - ok
12:42:26.0699 5552 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:42:26.0715 5552 MyWiFiDHCPDNS - ok
12:42:26.0808 5552 [ C6948F034D7EDABCFA2234D399FC78BC ] N360 C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
12:42:26.0820 5552 N360 - ok
12:42:26.0864 5552 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:42:26.0942 5552 napagent - ok
12:42:27.0011 5552 [ 9D0F43B1D0434B44183D4795E89F6C14 ] NAT C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe
12:42:27.0020 5552 NAT - ok
12:42:27.0049 5552 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:42:27.0072 5552 NativeWifiP - ok
12:42:27.0156 5552 [ 8043D41F881D6ACE40B854AD6E32217F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\ENG64.SYS
12:42:27.0167 5552 NAVENG - ok
12:42:27.0214 5552 [ 9A9AB2FC45D701DAED465D14980F1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120810.035\EX64.SYS
12:42:27.0287 5552 NAVEX15 - ok
12:42:27.0340 5552 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:42:27.0370 5552 NDIS - ok
12:42:27.0384 5552 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:42:27.0428 5552 NdisCap - ok
12:42:27.0453 5552 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:42:27.0494 5552 NdisTapi - ok
12:42:27.0528 5552 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:42:27.0577 5552 Ndisuio - ok
12:42:27.0603 5552 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:42:27.0657 5552 NdisWan - ok
12:42:27.0696 5552 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:42:27.0745 5552 NDProxy - ok
12:42:27.0764 5552 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:42:27.0770 5552 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:42:27.0770 5552 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:42:27.0790 5552 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:42:27.0835 5552 NetBIOS - ok
12:42:27.0878 5552 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:42:27.0927 5552 NetBT - ok
12:42:27.0956 5552 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:42:27.0969 5552 Netlogon - ok
12:42:28.0004 5552 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:42:28.0059 5552 Netman - ok
12:42:28.0070 5552 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:42:28.0131 5552 netprofm - ok
12:42:28.0150 5552 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:42:28.0163 5552 NetTcpPortSharing - ok
12:42:28.0319 5552 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
12:42:28.0532 5552 NETw5s64 - ok
12:42:28.0565 5552 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:42:28.0577 5552 nfrd960 - ok
12:42:28.0610 5552 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:42:28.0662 5552 NlaSvc - ok
12:42:28.0808 5552 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
12:42:28.0897 5552 NOBU - ok
12:42:28.0946 5552 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:42:28.0988 5552 Npfs - ok
12:42:29.0024 5552 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:42:29.0065 5552 nsi - ok
12:42:29.0101 5552 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:42:29.0148 5552 nsiproxy - ok
12:42:29.0251 5552 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
12:42:29.0274 5552 NSL - ok
12:42:29.0347 5552 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:42:29.0389 5552 Ntfs - ok
12:42:29.0431 5552 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:42:29.0471 5552 Null - ok
12:42:29.0486 5552 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:42:29.0500 5552 nvraid - ok
12:42:29.0535 5552 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:42:29.0549 5552 nvstor - ok
12:42:29.0583 5552 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:42:29.0595 5552 nv_agp - ok
12:42:29.0660 5552 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:42:29.0678 5552 odserv - ok
12:42:29.0717 5552 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:42:29.0750 5552 ohci1394 - ok
12:42:30.0142 5552 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:42:30.0153 5552 ose - ok
12:42:30.0272 5552 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:42:30.0442 5552 osppsvc - ok
12:42:30.0493 5552 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:42:30.0510 5552 p2pimsvc - ok
12:42:30.0547 5552 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:42:30.0569 5552 p2psvc - ok
12:42:30.0602 5552 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:42:30.0617 5552 Parport - ok
12:42:30.0648 5552 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:42:30.0662 5552 partmgr - ok
12:42:30.0675 5552 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:42:30.0698 5552 PcaSvc - ok
12:42:30.0707 5552 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:42:30.0724 5552 pci - ok
12:42:30.0768 5552 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:42:30.0780 5552 pciide - ok
12:42:30.0792 5552 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:42:30.0810 5552 pcmcia - ok
12:42:30.0825 5552 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:42:30.0837 5552 pcw - ok
12:42:30.0860 5552 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:42:30.0919 5552 PEAUTH - ok
12:42:31.0014 5552 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:42:31.0029 5552 PerfHost - ok
12:42:31.0109 5552 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:42:31.0185 5552 pla - ok
12:42:31.0237 5552 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:42:31.0267 5552 PlugPlay - ok
12:42:31.0290 5552 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:42:31.0313 5552 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:42:31.0313 5552 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:42:31.0352 5552 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:42:31.0364 5552 PNRPAutoReg - ok
12:42:31.0387 5552 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:42:31.0403 5552 PNRPsvc - ok
12:42:31.0443 5552 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:42:31.0498 5552 PolicyAgent - ok
12:42:31.0531 5552 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:42:31.0577 5552 Power - ok
12:42:31.0625 5552 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:42:31.0662 5552 PptpMiniport - ok
12:42:31.0735 5552 [ 0264B15F628C8C7DBF439FD7AB4108F5 ] Printer Control C:\Windows\system32\PrintCtrl.exe
12:42:31.0745 5552 Printer Control ( UnsignedFile.Multi.Generic ) - warning
12:42:31.0745 5552 Printer Control - detected UnsignedFile.Multi.Generic (1)
12:42:31.0820 5552 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:42:32.0440 5552 Processor - ok
12:42:32.0488 5552 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:42:32.0514 5552 ProfSvc - ok
12:42:32.0529 5552 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:42:32.0537 5552 ProtectedStorage - ok
12:42:32.0574 5552 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:42:32.0615 5552 Psched - ok
12:42:32.0655 5552 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:42:32.0664 5552 PxHlpa64 - ok
12:42:32.0704 5552 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:42:32.0763 5552 ql2300 - ok
12:42:32.0788 5552 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:42:32.0805 5552 ql40xx - ok
12:42:32.0836 5552 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:42:32.0856 5552 QWAVE - ok
12:42:32.0873 5552 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:42:32.0894 5552 QWAVEdrv - ok
12:42:32.0932 5552 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:42:32.0969 5552 RasAcd - ok
12:42:33.0008 5552 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:42:33.0058 5552 RasAgileVpn - ok
12:42:33.0087 5552 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:42:33.0126 5552 RasAuto - ok
12:42:33.0325 5552 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:42:33.0374 5552 Rasl2tp - ok
12:42:33.0447 5552 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:42:33.0485 5552 RasMan - ok
12:42:33.0623 5552 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:42:33.0662 5552 RasPppoe - ok
12:42:33.0671 5552 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:42:33.0717 5552 RasSstp - ok
12:42:33.0749 5552 [ 81DDBF4FE998EF1F4BA230F7E8D8C67E ] Razerlow C:\Windows\system32\drivers\DB3G.sys
12:42:33.0763 5552 Razerlow - ok
12:42:33.0801 5552 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:42:33.0851 5552 rdbss - ok
12:42:33.0863 5552 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:42:33.0880 5552 rdpbus - ok
12:42:33.0890 5552 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:42:33.0930 5552 RDPCDD - ok
12:42:33.0941 5552 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:42:33.0986 5552 RDPENCDD - ok
12:42:34.0001 5552 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:42:34.0040 5552 RDPREFMP - ok
12:42:34.0075 5552 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:42:34.0102 5552 RDPWD - ok
12:42:34.0134 5552 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:42:34.0152 5552 rdyboost - ok
12:42:34.0211 5552 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:42:34.0247 5552 RegSrvc - ok
12:42:34.0270 5552 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:42:34.0314 5552 RemoteAccess - ok
12:42:34.0343 5552 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:42:34.0414 5552 RemoteRegistry - ok
12:42:34.0451 5552 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:42:34.0469 5552 RFCOMM - ok
12:42:34.0548 5552 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:42:34.0605 5552 RoxMediaDB12OEM - ok
12:42:34.0630 5552 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:42:34.0645 5552 RoxWatch12 - ok
12:42:34.0671 5552 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:42:34.0724 5552 RpcEptMapper - ok
12:42:34.0750 5552 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:42:34.0765 5552 RpcLocator - ok
12:42:34.0806 5552 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:42:34.0856 5552 RpcSs - ok
12:42:34.0889 5552 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:42:34.0955 5552 rspndr - ok
12:42:34.0995 5552 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:42:35.0012 5552 RSUSBSTOR - ok
12:42:35.0032 5552 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:42:35.0047 5552 RTL8167 - ok
12:42:35.0056 5552 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:42:35.0070 5552 SamSs - ok
12:42:35.0113 5552 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:42:35.0127 5552 sbp2port - ok
12:42:35.0160 5552 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:42:35.0230 5552 SCardSvr - ok
12:42:35.0266 5552 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:42:35.0316 5552 scfilter - ok
12:42:35.0389 5552 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:42:35.0452 5552 Schedule - ok
12:42:35.0480 5552 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:42:35.0529 5552 SCPolicySvc - ok
12:42:35.0566 5552 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:42:35.0579 5552 SDRSVC - ok
12:42:35.0599 5552 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:42:35.0669 5552 secdrv - ok
12:42:35.0702 5552 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:42:35.0747 5552 seclogon - ok
12:42:36.0104 5552 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:42:36.0153 5552 SENS - ok
12:42:36.0198 5552 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:42:36.0212 5552 SensrSvc - ok
12:42:36.0228 5552 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:42:36.0240 5552 Serenum - ok
12:42:36.0264 5552 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:42:36.0279 5552 Serial - ok
12:42:36.0313 5552 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:42:36.0326 5552 sermouse - ok
12:42:36.0390 5552 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:42:36.0431 5552 SessionEnv - ok
12:42:36.0484 5552 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:42:36.0508 5552 sffdisk - ok
12:42:36.0521 5552 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:42:36.0531 5552 sffp_mmc - ok
12:42:36.0546 5552 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:42:36.0565 5552 sffp_sd - ok
12:42:36.0632 5552 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:42:36.0647 5552 sfloppy - ok
12:42:36.0689 5552 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:42:36.0717 5552 Sftfs - ok
12:42:36.0794 5552 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:42:36.0817 5552 sftlist - ok
12:42:36.0837 5552 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:42:36.0853 5552 Sftplay - ok
12:42:36.0863 5552 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:42:36.0874 5552 Sftredir - ok
12:42:36.0949 5552 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:42:37.0012 5552 SftService - ok
12:42:37.0048 5552 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:42:37.0058 5552 Sftvol - ok
12:42:37.0098 5552 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:42:37.0111 5552 sftvsa - ok
12:42:37.0155 5552 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:42:37.0206 5552 SharedAccess - ok
12:42:37.0298 5552 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:42:37.0345 5552 ShellHWDetection - ok
12:42:37.0375 5552 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:42:37.0388 5552 SiSRaid2 - ok
12:42:37.0404 5552 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:42:37.0423 5552 SiSRaid4 - ok
12:42:37.0487 5552 [ DB0405D9AAD62F0762E0876AC142B7E1 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:42:37.0497 5552 SkypeUpdate - ok
12:42:37.0523 5552 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:42:37.0571 5552 Smb - ok
12:42:37.0614 5552 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:42:37.0626 5552 SNMPTRAP - ok
12:42:37.0635 5552 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:42:37.0648 5552 spldr - ok
12:42:37.0697 5552 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
12:42:37.0742 5552 Spooler - ok
12:42:38.0209 5552 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:42:38.0329 5552 sppsvc - ok
12:42:38.0397 5552 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:42:38.0451 5552 sppuinotify - ok
12:42:38.0542 5552 [ 06B9A7BA94356EC5207C5DDB59540378 ] SRTSP C:\Windows\system32\drivers\N360x64\0602010.005\SRTSP64.SYS
12:42:38.0568 5552 SRTSP - ok
12:42:38.0613 5552 [ FBB8945A61E55A2345D12487C74A9D76 ] SRTSPX C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
12:42:38.0623 5552 SRTSPX - ok
12:42:38.0660 5552 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:42:38.0680 5552 srv - ok
12:42:38.0699 5552 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:42:38.0719 5552 srv2 - ok
12:42:38.0731 5552 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:42:38.0744 5552 srvnet - ok
12:42:38.0769 5552 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:42:38.0815 5552 SSDPSRV - ok
12:42:38.0828 5552 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:42:38.0873 5552 SstpSvc - ok
12:42:38.0923 5552 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:42:38.0933 5552 STacSV - ok
12:42:38.0955 5552 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:42:38.0968 5552 stexstor - ok
12:42:38.0993 5552 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:42:39.0014 5552 STHDA - ok
12:42:39.0038 5552 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:42:39.0050 5552 StillCam - ok
12:42:39.0086 5552 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:42:39.0112 5552 stisvc - ok
12:42:39.0138 5552 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:42:39.0146 5552 stllssvr - ok
12:42:39.0176 5552 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:42:39.0185 5552 swenum - ok
12:42:39.0214 5552 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:42:39.0263 5552 swprv - ok
12:42:39.0301 5552 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
12:42:39.0319 5552 SymDS - ok
12:42:39.0351 5552 [ F90C7A190399165D3AB2245048D34786 ] SymEFA C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
12:42:39.0396 5552 SymEFA - ok
12:42:39.0432 5552 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:42:39.0444 5552 SymEvent - ok
12:42:39.0463 5552 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
12:42:39.0474 5552 SymIRON - ok
12:42:39.0500 5552 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS
12:42:39.0515 5552 SymNetS - ok
12:42:39.0577 5552 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:42:39.0651 5552 SysMain - ok
12:42:39.0694 5552 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:42:39.0711 5552 TabletInputService - ok
12:42:39.0819 5552 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:42:39.0867 5552 TapiSrv - ok
12:42:40.0327 5552 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:42:40.0362 5552 TBS - ok
12:42:40.0442 5552 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:42:40.0489 5552 Tcpip - ok
12:42:40.0556 5552 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:42:40.0604 5552 TCPIP6 - ok
12:42:40.0634 5552 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:42:40.0676 5552 tcpipreg - ok
12:42:40.0699 5552 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:42:40.0724 5552 TDPIPE - ok
12:42:40.0754 5552 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:42:40.0765 5552 TDTCP - ok
12:42:40.0803 5552 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:42:40.0836 5552 tdx - ok
12:42:40.0870 5552 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:42:40.0882 5552 TermDD - ok
12:42:40.0925 5552 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:42:40.0965 5552 TermService - ok
12:42:40.0998 5552 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:42:41.0014 5552 Themes - ok
12:42:41.0042 5552 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:42:41.0074 5552 THREADORDER - ok
12:42:41.0088 5552 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:42:41.0143 5552 TrkWks - ok
12:42:41.0196 5552 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:42:41.0238 5552 TrustedInstaller - ok
12:42:41.0278 5552 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:42:41.0320 5552 tssecsrv - ok
12:42:41.0348 5552 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:42:41.0367 5552 TsUsbFlt - ok
12:42:41.0396 5552 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:42:41.0430 5552 tunnel - ok
12:42:41.0444 5552 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
12:42:41.0454 5552 TurboB - ok
12:42:41.0489 5552 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:42:41.0499 5552 TurboBoost - ok
12:42:41.0526 5552 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:42:41.0547 5552 uagp35 - ok
12:42:41.0591 5552 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:42:41.0638 5552 udfs - ok
12:42:41.0666 5552 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:42:41.0682 5552 UI0Detect - ok
12:42:41.0721 5552 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:42:41.0735 5552 uliagpkx - ok
12:42:41.0787 5552 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:42:41.0819 5552 umbus - ok
12:42:41.0853 5552 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:42:41.0866 5552 UmPass - ok
12:42:41.0966 5552 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:42:42.0058 5552 UNS - ok
12:42:42.0088 5552 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:42:42.0135 5552 upnphost - ok
12:42:42.0172 5552 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:42:42.0176 5552 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
12:42:42.0176 5552 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
12:42:42.0210 5552 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:42:42.0235 5552 usbccgp - ok
12:42:42.0273 5552 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:42:42.0310 5552 usbcir - ok
12:42:42.0338 5552 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:42:42.0350 5552 usbehci - ok
12:42:42.0370 5552 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:42:42.0385 5552 usbhub - ok
12:42:42.0419 5552 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:42:42.0429 5552 usbohci - ok
12:42:42.0449 5552 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:42:42.0463 5552 usbprint - ok
12:42:42.0495 5552 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:42:42.0515 5552 USBSTOR - ok
12:42:42.0566 5552 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:42:42.0577 5552 usbuhci - ok
12:42:42.0612 5552 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:42:42.0628 5552 usbvideo - ok
12:42:42.0652 5552 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:42:42.0702 5552 UxSms - ok
12:42:42.0712 5552 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:42:42.0723 5552 VaultSvc - ok
12:42:42.0737 5552 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:42:42.0751 5552 vdrvroot - ok
12:42:42.0800 5552 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:42:42.0847 5552 vds - ok
12:42:42.0871 5552 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:42:42.0888 5552 vga - ok
12:42:42.0906 5552 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:42:42.0947 5552 VgaSave - ok
12:42:42.0983 5552 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:42:42.0998 5552 vhdmp - ok
12:42:43.0037 5552 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:42:43.0048 5552 viaide - ok
12:42:43.0062 5552 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:42:43.0076 5552 volmgr - ok
12:42:43.0114 5552 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:42:43.0131 5552 volmgrx - ok
12:42:43.0149 5552 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:42:43.0165 5552 volsnap - ok
12:42:43.0189 5552 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:42:43.0203 5552 vsmraid - ok
12:42:43.0265 5552 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:42:43.0335 5552 VSS - ok
12:42:43.0347 5552 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:42:43.0367 5552 vwifibus - ok
12:42:43.0378 5552 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:42:43.0398 5552 vwififlt - ok
12:42:43.0411 5552 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:42:43.0444 5552 vwifimp - ok
12:42:43.0493 5552 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:42:43.0541 5552 W32Time - ok
12:42:43.0557 5552 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:42:43.0570 5552 WacomPen - ok
12:42:43.0600 5552 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:42:43.0641 5552 WANARP - ok
12:42:43.0644 5552 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:42:43.0689 5552 Wanarpv6 - ok
12:42:43.0741 5552 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:42:43.0802 5552 WatAdminSvc - ok
12:42:43.0857 5552 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:42:43.0907 5552 wbengine - ok
12:42:43.0961 5552 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:42:43.0982 5552 WbioSrvc - ok
12:42:44.0025 5552 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:42:44.0049 5552 wcncsvc - ok
12:42:44.0067 5552 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:42:44.0079 5552 WcsPlugInService - ok
12:42:44.0102 5552 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:42:44.0112 5552 Wd - ok
12:42:44.0141 5552 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
12:42:44.0197 5552 WDC_SAM - ok
12:42:44.0223 5552 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:42:44.0264 5552 Wdf01000 - ok
12:42:44.0287 5552 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:42:44.0308 5552 WdiServiceHost - ok
12:42:44.0312 5552 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:42:44.0335 5552 WdiSystemHost - ok
12:42:44.0379 5552 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:42:44.0403 5552 WebClient - ok
12:42:44.0437 5552 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:42:44.0480 5552 Wecsvc - ok
12:42:44.0494 5552 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:42:44.0537 5552 wercplsupport - ok
12:42:44.0547 5552 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:42:44.0582 5552 WerSvc - ok
12:42:44.0600 5552 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:42:44.0640 5552 WfpLwf - ok
12:42:44.0666 5552 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:42:44.0681 5552 WimFltr - ok
12:42:44.0703 5552 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:42:44.0716 5552 WIMMount - ok
12:42:44.0736 5552 WinDefend - ok
12:42:44.0742 5552 WinHttpAutoProxySvc - ok
12:42:44.0797 5552 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:42:44.0847 5552 Winmgmt - ok
12:42:44.0943 5552 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:42:45.0055 5552 WinRM - ok
12:42:45.0097 5552 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
12:42:45.0114 5552 WinUSB - ok
12:42:45.0151 5552 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:42:45.0192 5552 Wlansvc - ok
12:42:45.0223 5552 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:42:45.0231 5552 wlcrasvc - ok
12:42:45.0310 5552 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:42:45.0391 5552 wlidsvc - ok
12:42:45.0439 5552 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:42:45.0450 5552 WmiAcpi - ok
12:42:45.0482 5552 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:42:45.0497 5552 wmiApSrv - ok
12:42:45.0507 5552 WMPNetworkSvc - ok
12:42:45.0581 5552 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
12:42:45.0599 5552 WMZuneComm - ok
12:42:45.0624 5552 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:42:45.0636 5552 WPCSvc - ok
12:42:45.0663 5552 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:42:45.0678 5552 WPDBusEnum - ok
12:42:45.0707 5552 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:42:45.0744 5552 ws2ifsl - ok
12:42:45.0972 5552 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:42:45.0988 5552 wscsvc - ok
12:42:45.0992 5552 WSearch - ok
12:42:46.0142 5552 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:42:46.0185 5552 wuauserv - ok
12:42:46.0202 5552 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:42:46.0237 5552 WudfPf - ok
12:42:46.0288 5552 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:42:46.0335 5552 WUDFRd - ok
12:42:46.0380 5552 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:42:46.0417 5552 wudfsvc - ok
12:42:46.0447 5552 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:42:46.0466 5552 WwanSvc - ok
12:42:46.0502 5552 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:42:46.0535 5552 yukonw7 - ok
12:42:46.0717 5552 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
12:42:46.0984 5552 ZuneNetworkSvc - ok
12:42:47.0026 5552 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
12:42:47.0048 5552 ZuneWlanCfgSvc - ok
12:42:47.0062 5552 ================ Scan global ===============================
12:42:47.0091 5552 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:42:47.0133 5552 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:42:47.0143 5552 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:42:47.0174 5552 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:42:47.0200 5552 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:42:47.0202 5552 [Global] - ok
12:42:47.0202 5552 ================ Scan MBR ==================================
12:42:47.0211 5552 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
12:42:47.0212 5552 Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:42:47.0279 5552 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:42:47.0279 5552 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:42:47.0353 5552 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:42:47.0353 5552 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:42:47.0354 5552 ================ Scan VBR ==================================
12:42:47.0358 5552 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
12:42:47.0359 5552 \Device\Harddisk0\DR0\Partition1 - ok
12:42:47.0398 5552 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
12:42:47.0400 5552 \Device\Harddisk0\DR0\Partition2 - ok
12:42:47.0401 5552 ============================================================
12:42:47.0401 5552 Scan finished
12:42:47.0401 5552 ============================================================
12:42:47.0409 8296 Detected object count: 8
12:42:47.0409 8296 Actual detected object count: 8
12:43:23.0561 8296 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:43:23.0561 8296 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:43:23.0562 8296 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:43:23.0562 8296 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:43:23.0563 8296 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:43:23.0563 8296 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:43:23.0564 8296 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:43:23.0564 8296 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:43:23.0569 8296 Printer Control ( UnsignedFile.Multi.Generic ) - skipped by user
12:43:23.0569 8296 Printer Control ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:43:23.0570 8296 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:43:23.0570 8296 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:43:24.0355 8296 \Device\Harddisk0\DR0\# - copied to quarantine
12:43:24.0357 8296 \Device\Harddisk0\DR0 - copied to quarantine
12:43:24.0437 8296 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:43:24.0439 8296 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:43:24.0448 8296 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
12:43:24.0456 8296 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
12:43:24.0484 8296 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:43:24.0499 8296 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:43:24.0500 8296 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
12:43:24.0501 8296 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:43:24.0502 8296 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:43:24.0505 8296 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:43:24.0508 8296 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:43:24.0509 8296 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
12:43:24.0510 8296 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
12:43:24.0511 8296 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
12:43:24.0550 8296 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
12:43:24.0554 8296 \Device\Harddisk0\DR0 - ok
12:43:24.0835 8296 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
12:43:24.0837 8296 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:43:24.0837 8296 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:43:27.0934 8824 Deinitialize success

After reboot:

13:10:07.0380 1196 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:10:07.0895 1196 ============================================================
13:10:07.0895 1196 Current date / time: 2012/08/25 13:10:07.0895
13:10:07.0895 1196 SystemInfo:
13:10:07.0895 1196
13:10:07.0895 1196 OS Version: 6.1.7601 ServicePack: 1.0
13:10:07.0895 1196 Product type: Workstation
13:10:07.0895 1196 ComputerName: MARISSA-PC
13:10:07.0895 1196 UserName: Marissa
13:10:07.0895 1196 Windows directory: C:\Windows
13:10:07.0895 1196 System windows directory: C:\Windows
13:10:07.0895 1196 Running under WOW64
13:10:07.0895 1196 Processor architecture: Intel x64
13:10:07.0895 1196 Number of processors: 4
13:10:07.0895 1196 Page size: 0x1000
13:10:07.0895 1196 Boot type: Normal boot
13:10:07.0895 1196 ============================================================
13:10:08.0020 1196 BG loaded
13:10:08.0753 1196 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:10:08.0769 1196 ============================================================
13:10:08.0769 1196 \Device\Harddisk0\DR0:
13:10:08.0769 1196 MBR partitions:
13:10:08.0769 1196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
13:10:08.0769 1196 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
13:10:08.0769 1196 ============================================================
13:10:08.0800 1196 C: <-> \Device\Harddisk0\DR0\Partition2
13:10:08.0800 1196 ============================================================
13:10:08.0800 1196 Initialize success
13:10:08.0800 1196 ============================================================
13:10:29.0440 5764 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 10:36:26
-----------------------------
10:36:26.695 OS Version: Windows x64 6.1.7601 Service Pack 1
10:36:26.695 Number of processors: 4 586 0x2505
10:36:26.695 ComputerName: MARISSA-PC UserName: Marissa
10:36:33.784 Initialize success
10:36:56.916 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:36:56.919 Disk 0 Vendor: ST964032 0002 Size: 610480MB BusType: 3
10:36:56.920 Device \Driver\iaStor -> MajorFunction fffffa8008b175e8
10:36:56.922 Disk 0 MBR read successfully
10:36:56.923 Disk 0 MBR scan
10:36:56.925 Disk 0 Windows 7 default MBR code
10:36:56.940 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
10:36:56.944 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
10:36:56.961 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
10:36:56.978 Disk 0 scanning C:\Windows\system32\drivers
10:37:07.418 Service scanning
10:37:35.726 Modules scanning
10:37:35.732 Disk 0 trace - called modules:
10:37:35.737 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8008b175e8]<<
10:37:36.065 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064aa060]
10:37:36.071 3 CLASSPNP.SYS[fffff88001f9c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006252050]
10:37:36.077 \Driver\iaStor[0xfffffa8008b29e70] -> IRP_MJ_CREATE -> 0xfffffa8008b175e8
10:37:36.082 Scan finished successfully
10:37:57.903 Disk 0 MBR has been saved successfully to "C:\Users\Marissa\Desktop\MBR.dat"
10:37:57.910 The log file has been saved successfully to "C:\Users\Marissa\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-25 13:14:36
-----------------------------
13:14:36.163 OS Version: Windows x64 6.1.7601 Service Pack 1
13:14:36.163 Number of processors: 4 586 0x2505
13:14:36.164 ComputerName: MARISSA-PC UserName: Marissa
13:14:43.090 Initialize success
13:15:37.095 AVAST engine defs: 12082500
13:15:47.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:15:47.923 Disk 0 Vendor: ST964032 0002 Size: 610480MB BusType: 3
13:15:47.940 Disk 0 MBR read successfully
13:15:47.944 Disk 0 MBR scan
13:15:47.950 Disk 0 Windows 7 default MBR code
13:15:47.961 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
13:15:47.976 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
13:15:47.992 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
13:15:48.036 Disk 0 scanning C:\Windows\system32\drivers
13:16:02.742 Service scanning
13:16:35.949 Modules scanning
13:16:35.962 Disk 0 trace - called modules:
13:16:35.978 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:16:36.309 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064b5060]
13:16:36.317 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800625b050]
13:16:38.965 AVAST engine scan C:\Windows
13:16:42.473 AVAST engine scan C:\Windows\system32
13:19:43.961 AVAST engine scan C:\Windows\system32\drivers
13:20:02.048 AVAST engine scan C:\Users\Marissa
13:28:37.740 AVAST engine scan C:\ProgramData
13:31:12.301 Scan finished successfully
13:37:02.215 Disk 0 MBR has been saved successfully to "C:\Users\Marissa\Desktop\MBR.dat"
13:37:02.227 The log file has been saved successfully to "C:\Users\Marissa\Desktop\aswMBR.txt"

#28
Dakeyras

Posted 25 August 2012 - 05:51 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

I do have a USB drive that I can use.

OK, we may not have to make of use of this. Having giving the current situation and particular infection we have been dealing so far, some further thought and research on your behalf...

I do think the installed Norton 360 though rendered for all intents and purposes inactive by the malware has actually hindered myself being able to eradicate/assist you fully. My sincere apologies for not realising this sooner, I am experienced enough to have done so but I am far from being infallible end of the day...

Anyway, a attempted repair will in all likely hood not solve the current Norton 360 issue. So I propose we uninstall Norton 360, then re-install.

Norton/Symantec RT:

Please download the Norton Removal Tool and Save it to your Desktop.

Close all programs and right-click on Norton_Removal_Tool.exe and select Run as Administrator.
Follow the on-screen instructions.
Restart the computer if asked.
Then delete Norton_Removal_Tool.exe from your desktop.

Next:

Re-install Norton 360, you may have the installation CD-ROM or not...Or may have used a online way to download/install, do so.

Next:

Once Norton 360 is reinstalled let myself know if now working as should and if any further obvious issues remaining.

Aso post a new OTL log for my review and we will go from there, thank you.

#29
recsite

Posted 26 August 2012 - 07:17 AM

Member

Topic Starter
Member
50 posts

No apologies necessary! Uninstalled Norton 360, reinstalled. Seems to be working again. Here is the OTL log:

OTL logfile created on: 8/26/2012 9:07:39 AM - Run 3
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Marissa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.80 Gb Total Physical Memory | 3.82 Gb Available Physical Memory | 65.84% Memory free
11.61 Gb Paging File | 9.40 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 468.11 Gb Free Space | 80.51% Space Free | Partition Type: NTFS

Computer Name: MARISSA-PC | User Name: Marissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Marissa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccSvcHst.exe (Symantec Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (NAT) -- C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.36\ccSvcHst.exe (Symantec Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (NSL) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Symantec Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NST) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\VirusDefs\20120825.007\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\VirusDefs\20120825.007\eng64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\BASHDefs\20120619.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\IPSDefs\20120611.002\IDSviA64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Marissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\IPSFFPlgn\ [2012/08/26 09:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\coFFPlgn\ [2012/08/26 09:03:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 17:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 07:55:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 17:03:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 07:55:50 | 000,000,000 | ---D | M]

[2011/07/20 21:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Extensions
[2012/08/24 08:08:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\d8mmjjj8.default\extensions
[2012/08/19 20:16:33 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\d8mmjjj8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/29 21:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/02 00:20:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[1832/11/29 00:44:26 | 000,004,804 | ---- | M] () (No name found) -- C:\USERS\MARISSA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D8MMJJJ8.DEFAULT\EXTENSIONS\[email protected]
[2012/08/24 17:03:34 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/06 10:50:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/06 10:50:33 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Marissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Extension = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
CHR - Extension: Gmail = C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/24 18:52:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files\HP\HP LaserJet Professional CM1410 Series\Fax Driver\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..\Run: [Facebook Update] C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A38C2B-4AD4-4C9D-B912-36D8FD3A644A}: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A38C2B-4AD4-4C9D-B912-36D8FD3A644A}: NameServer = 198.153.192.50,198.153.194.50
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-957519283-3269216495-3174932433-1001..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/26 09:04:12 | 000,000,000 | ---D | C] -- C:\Users\Marissa\Documents\Symantec
[2012/08/26 09:03:25 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/26 09:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/26 09:03:04 | 001,129,120 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymEFA64.sys
[2012/08/26 09:03:04 | 000,737,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtsp64.sys
[2012/08/26 09:03:04 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymDS64.sys
[2012/08/26 09:03:04 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symnets.sys
[2012/08/26 09:03:04 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Ironx64.sys
[2012/08/26 09:03:04 | 000,167,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ccSetx64.sys
[2012/08/26 09:03:04 | 000,037,536 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtspx64.sys
[2012/08/26 09:02:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E
[2012/08/26 09:02:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2012/08/26 03:05:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/26 03:05:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/26 03:05:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/26 03:05:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/26 03:04:59 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/26 03:04:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/26 03:04:59 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/26 03:04:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/26 03:04:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/26 03:04:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/26 03:04:58 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/26 03:04:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/26 03:04:57 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/25 14:30:59 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/25 14:30:58 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/25 14:30:58 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/25 14:30:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/25 14:30:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/25 14:30:58 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/25 14:30:58 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/25 14:30:57 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/25 12:43:23 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/25 10:22:11 | 000,000,000 | ---D | C] -- C:\Users\Marissa\Desktop\tdsskiller
[2012/08/25 10:11:26 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
[2012/08/24 20:02:20 | 000,000,000 | ---D | C] -- C:\Users\Marissa\Desktop\nortonpowereraserwebsite
[2012/08/24 20:00:54 | 002,892,816 | ---- | C] (Symantec Corporation) -- C:\Users\Marissa\Desktop\NPE (1).exe
[2012/08/24 19:36:05 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Marissa\Desktop\FSS.exe
[2012/08/24 18:52:14 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/24 18:34:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/24 18:34:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/24 18:34:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/24 18:34:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/24 18:33:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/24 18:33:06 | 004,737,458 | R--- | C] (Swearware) -- C:\Users\Marissa\Desktop\ComboFix.exe
[2012/08/24 17:07:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/24 17:05:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Marissa\Desktop\OTL.exe
[2012/08/24 17:05:09 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Marissa\Desktop\aswMBR.exe
[2012/08/24 08:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/24 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/08/24 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/24 07:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/08/24 07:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/24 07:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/08/05 21:10:35 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/05 16:03:56 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.sys
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Anti-Theft
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Anti-Theft
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NATx64
[2012/08/05 16:03:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NATx64\0105000.024
[2012/08/05 15:17:01 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012/08/05 15:05:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2012/08/04 22:24:07 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Local\NPE
[2012/08/04 22:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/08/04 22:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2012/08/04 22:05:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0602010.005
[2012/08/04 22:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2012/08/04 21:53:38 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012/08/04 21:23:32 | 000,000,000 | ---D | C] -- C:\Users\Marissa\AppData\Local\LogMeIn Rescue Applet
[2012/08/04 20:38:28 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Safe Web Lite
[2012/08/04 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010
[2012/08/03 16:07:13 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

========== Files - Modified Within 30 Days ==========

[2012/08/26 09:04:21 | 002,010,045 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Cat.DB
[2012/08/26 09:03:25 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/26 09:03:25 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/26 09:03:25 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/26 09:03:18 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/08/26 09:02:14 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 09:02:14 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 09:02:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/26 09:01:35 | 000,001,300 | ---- | M] () -- C:\Users\Marissa\Desktop\Norton Installation Files.lnk
[2012/08/26 08:59:12 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/26 08:59:12 | 000,624,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/26 08:59:12 | 000,106,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/26 08:55:17 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/26 08:54:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/26 08:54:40 | 378,548,223 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/26 08:47:05 | 000,920,096 | ---- | M] () -- C:\Users\Marissa\Desktop\Norton_Removal_Tool.exe
[2012/08/26 08:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/26 08:14:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-957519283-3269216495-3174932433-1001UA.job
[2012/08/26 03:23:53 | 000,463,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/26 03:10:56 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-957519283-3269216495-3174932433-1001Core.job
[2012/08/26 03:06:15 | 002,249,581 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Cat.DB
[2012/08/25 17:52:56 | 000,000,456 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Marissa.job
[2012/08/25 13:37:02 | 000,000,512 | ---- | M] () -- C:\Users\Marissa\Desktop\MBR.dat
[2012/08/25 09:51:39 | 539,660,446 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/24 20:33:29 | 000,006,288 | ---- | M] () -- C:\Users\Marissa\Desktop\BITS.reg
[2012/08/24 20:00:25 | 002,892,816 | ---- | M] (Symantec Corporation) -- C:\Users\Marissa\Desktop\NPE (1).exe
[2012/08/24 19:36:05 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Marissa\Desktop\FSS.exe
[2012/08/24 18:52:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/24 18:33:06 | 004,737,458 | R--- | M] (Swearware) -- C:\Users\Marissa\Desktop\ComboFix.exe
[2012/08/24 17:05:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marissa\Desktop\OTL.exe
[2012/08/24 17:05:24 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Marissa\Desktop\aswMBR.exe
[2012/08/24 08:02:29 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/24 08:00:00 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/24 07:55:45 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/19 20:27:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/19 20:27:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/10 02:00:27 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\isolate.ini
[2012/08/06 22:13:34 | 000,127,537 | ---- | M] () -- C:\Users\Marissa\Documents\Common Application.pdf
[2012/08/06 22:13:34 | 000,001,416 | ---- | M] () -- C:\Users\Marissa\Documents\Einstein.html
[2012/08/06 22:13:34 | 000,001,153 | ---- | M] () -- C:\Users\Marissa\Documents\hi.html
[2012/08/06 22:12:25 | 000,023,047 | ---- | M] () -- C:\Users\Marissa\Documents\RichardStocktonSupplements.pdf
[2012/08/06 22:12:24 | 000,037,068 | ---- | M] () -- C:\Users\Marissa\Documents\SetonHallSuplements.pdf
[2012/08/06 22:12:23 | 000,002,141 | ---- | M] () -- C:\Users\Marissa\Documents\Snowman.html
[2012/08/06 22:12:23 | 000,000,259 | ---- | M] () -- C:\Users\Marissa\Documents\Snoopy.html
[2012/08/06 21:54:54 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\My Identity Protection.url
[2012/08/06 17:26:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/08/06 17:26:15 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/08/05 16:03:56 | 000,002,450 | ---- | M] () -- C:\Users\Public\Desktop\Norton Anti-Theft.lnk
[2012/08/05 01:06:00 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\VT20120410.034
[2012/07/29 21:12:23 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2012/08/26 09:03:26 | 002,010,045 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Cat.DB
[2012/08/26 09:03:25 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/26 09:03:25 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/26 09:03:18 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/08/26 09:02:58 | 000,008,942 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymVTcer.dat
[2012/08/26 09:02:58 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymDS64.cat
[2012/08/26 09:02:58 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symnet64.cat
[2012/08/26 09:02:58 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\iron.cat
[2012/08/26 09:02:58 | 000,007,446 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ccsetx64.cat
[2012/08/26 09:02:58 | 000,007,438 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymEFA64.cat
[2012/08/26 09:02:58 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtspx64.cat
[2012/08/26 09:02:58 | 000,007,402 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtsp64.cat
[2012/08/26 09:02:58 | 000,003,435 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymEFA.inf
[2012/08/26 09:02:58 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymDS.inf
[2012/08/26 09:02:58 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\SymNet.inf
[2012/08/26 09:02:58 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtsp64.inf
[2012/08/26 09:02:58 | 000,001,419 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtspx64.inf
[2012/08/26 09:02:58 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ccSetx64.inf
[2012/08/26 09:02:58 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Iron.inf
[2012/08/26 09:02:58 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\isolate.ini
[2012/08/26 08:47:05 | 000,920,096 | ---- | C] () -- C:\Users\Marissa\Desktop\Norton_Removal_Tool.exe
[2012/08/24 20:33:29 | 000,006,288 | ---- | C] () -- C:\Users\Marissa\Desktop\BITS.reg
[2012/08/24 18:34:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/24 18:34:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/24 18:34:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/24 18:34:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/24 18:34:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/24 08:00:00 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/24 07:55:45 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/22 10:37:57 | 000,000,512 | ---- | C] () -- C:\Users\Marissa\Desktop\MBR.dat
[2012/08/06 17:26:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/08/06 17:26:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/08/05 16:03:56 | 000,002,450 | ---- | C] () -- C:\Users\Public\Desktop\Norton Anti-Theft.lnk
[2012/08/05 16:03:54 | 000,007,468 | R--- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.cat
[2012/08/05 16:03:54 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\ccSetx64.inf
[2012/08/05 16:03:54 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NATx64\0105000.024\isolate.ini
[2012/08/05 01:06:07 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\VT20120410.034
[2012/08/04 22:05:39 | 002,249,581 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0602010.005\Cat.DB
[2012/08/04 21:53:38 | 000,001,300 | ---- | C] () -- C:\Users\Marissa\Desktop\Norton Installation Files.lnk
[2012/08/04 20:38:27 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.cat
[2012/08/04 20:38:27 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.inf
[2012/08/04 20:38:27 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\isolate.ini
[2012/08/03 16:01:49 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L\00000004.@
[2012/01/10 23:42:09 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
[2012/01/10 23:42:09 | 000,002,048 | -HS- | C] () -- C:\Users\Marissa\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
[2012/01/10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/03 21:22:41 | 000,003,584 | ---- | C] () -- C:\Users\Marissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/02 20:44:30 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/11/02 19:13:13 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/03 20:28:17 | 000,000,145 | ---- | C] () -- C:\Users\Marissa\.appletviewer
[2011/09/24 19:18:54 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2011/08/04 09:49:45 | 000,011,702 | -HS- | C] () -- C:\Users\Marissa\AppData\Local\jkc80qem5smc266
[2011/08/04 09:49:45 | 000,011,702 | -HS- | C] () -- C:\ProgramData\jkc80qem5smc266
[2011/06/21 12:32:03 | 000,000,498 | ---- | C] () -- C:\Windows\eReg.dat
[2011/03/28 08:04:54 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/03/28 08:04:52 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/03/28 08:04:52 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/03/28 08:04:52 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/03/28 08:04:52 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/03/28 08:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/03/28 08:04:52 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/03/28 05:44:55 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/12/09 20:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini

< End of report >

#30
Dakeyras

Posted 26 August 2012 - 08:02 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

No apologies necessary!

Thank you!

Uninstalled Norton 360, reinstalled. Seems to be working again.

Good.

Still some elements of the infection showing so I think we will work outside of the windows environment as I mentioned prior to double check as follows...

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter[/list] Note: Replace letter e with the drive letter of your flash drive.

The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.