smitfraud-c.generic

Status
Not open for further replies.
12:26:48.0194 3840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:26:48.0194 3840 BrFiltUp - ok

12:26:48.0232 3840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

12:26:48.0234 3840 Browser - ok

12:26:48.0261 3840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

12:26:48.0264 3840 Brserid - ok

12:26:48.0284 3840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

12:26:48.0285 3840 BrSerWdm - ok

12:26:48.0310 3840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

12:26:48.0310 3840 BrUsbMdm - ok

12:26:48.0316 3840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

12:26:48.0317 3840 BrUsbSer - ok

12:26:48.0335 3840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

12:26:48.0336 3840 BTHMODEM - ok

12:26:48.0365 3840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

12:26:48.0367 3840 bthserv - ok

12:26:48.0426 3840 [ A5C13600F63EB92F8D15123D64BA9895 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys

12:26:48.0427 3840 ccSet_N360 - ok

12:26:48.0456 3840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

12:26:48.0457 3840 cdfs - ok

12:26:48.0490 3840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

12:26:48.0492 3840 cdrom - ok
 
12:26:48.0531 3840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

12:26:48.0532 3840 CertPropSvc - ok

12:26:48.0542 3840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

12:26:48.0543 3840 circlass - ok

12:26:48.0568 3840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

12:26:48.0572 3840 CLFS - ok

12:26:48.0596 3840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:26:48.0598 3840 clr_optimization_v2.0.50727_32 - ok

12:26:48.0643 3840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:26:48.0644 3840 clr_optimization_v2.0.50727_64 - ok

12:26:48.0717 3840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:26:48.0719 3840 clr_optimization_v4.0.30319_32 - ok

12:26:48.0737 3840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:26:48.0739 3840 clr_optimization_v4.0.30319_64 - ok

12:26:48.0756 3840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

12:26:48.0758 3840 CmBatt - ok

12:26:48.0786 3840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

12:26:48.0787 3840 cmdide - ok

12:26:48.0814 3840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

12:26:48.0819 3840 CNG - ok

12:26:48.0826 3840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

12:26:48.0827 3840 Compbatt - ok
 
12:26:48.0852 3840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

12:26:48.0854 3840 CompositeBus - ok

12:26:48.0867 3840 COMSysApp - ok

12:26:48.0895 3840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

12:26:48.0896 3840 crcdisk - ok

12:26:48.0934 3840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

12:26:48.0935 3840 CryptSvc - ok

12:26:48.0973 3840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

12:26:48.0977 3840 DcomLaunch - ok

12:26:48.0999 3840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

12:26:49.0002 3840 defragsvc - ok

12:26:49.0041 3840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

12:26:49.0043 3840 DfsC - ok

12:26:49.0078 3840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

12:26:49.0082 3840 Dhcp - ok

12:26:49.0109 3840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

12:26:49.0110 3840 discache - ok

12:26:49.0132 3840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

12:26:49.0134 3840 Disk - ok

12:26:49.0164 3840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

12:26:49.0166 3840 Dnscache - ok
 
12:26:49.0195 3840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

12:26:49.0200 3840 dot3svc - ok

12:26:49.0229 3840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

12:26:49.0231 3840 DPS - ok

12:26:49.0265 3840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

12:26:49.0265 3840 drmkaud - ok

12:26:49.0302 3840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

12:26:49.0308 3840 DXGKrnl - ok

12:26:49.0325 3840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

12:26:49.0327 3840 EapHost - ok

12:26:49.0396 3840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

12:26:49.0476 3840 ebdrv - ok

12:26:49.0537 3840 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

12:26:49.0542 3840 eeCtrl - ok

12:26:49.0568 3840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

12:26:49.0570 3840 EFS - ok

12:26:49.0618 3840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

12:26:49.0628 3840 ehRecvr - ok

12:26:49.0673 3840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

12:26:49.0676 3840 ehSched - ok

12:26:49.0720 3840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

12:26:49.0728 3840 elxstor - ok
 
12:26:49.0765 3840 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

12:26:49.0766 3840 EraserUtilRebootDrv - ok

12:26:49.0797 3840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

12:26:49.0798 3840 ErrDev - ok

12:26:49.0844 3840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

12:26:49.0848 3840 EventSystem - ok

12:26:49.0888 3840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

12:26:49.0892 3840 exfat - ok

12:26:49.0902 3840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

12:26:49.0906 3840 fastfat - ok

12:26:49.0946 3840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

12:26:49.0956 3840 Fax - ok

12:26:49.0985 3840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

12:26:49.0986 3840 fdc - ok

12:26:49.0999 3840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

12:26:50.0001 3840 fdPHost - ok

12:26:50.0016 3840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

12:26:50.0018 3840 FDResPub - ok

12:26:50.0028 3840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

12:26:50.0029 3840 FileInfo - ok

12:26:50.0038 3840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
 
12:26:50.0039 3840 Filetrace - ok

12:26:50.0051 3840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

12:26:50.0052 3840 flpydisk - ok

12:26:50.0095 3840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

12:26:50.0098 3840 FltMgr - ok

12:26:50.0141 3840 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

12:26:50.0148 3840 FontCache - ok

12:26:50.0228 3840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:26:50.0244 3840 FontCache3.0.0.0 - ok

12:26:50.0253 3840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

12:26:50.0255 3840 FsDepends - ok

12:26:50.0285 3840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

12:26:50.0286 3840 Fs_Rec - ok

12:26:50.0324 3840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

12:26:50.0326 3840 fvevol - ok

12:26:50.0357 3840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

12:26:50.0377 3840 gagp30kx - ok

12:26:50.0446 3840 [ 81C1EB203DD3F0C111FE2086BADA2D67 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

12:26:50.0450 3840 GameConsoleService - ok

12:26:50.0485 3840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

12:26:50.0490 3840 gpsvc - ok

12:26:50.0586 3840 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
12:26:50.0587 3840 gupdate - ok

12:26:50.0595 3840 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:26:50.0597 3840 gupdatem - ok

12:26:50.0649 3840 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

12:26:50.0653 3840 gusvc - ok

12:26:50.0676 3840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

12:26:50.0679 3840 hcw85cir - ok

12:26:50.0712 3840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

12:26:50.0713 3840 HDAudBus - ok

12:26:50.0731 3840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

12:26:50.0744 3840 HidBatt - ok

12:26:50.0765 3840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

12:26:50.0767 3840 HidBth - ok

12:26:50.0778 3840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

12:26:50.0779 3840 HidIr - ok

12:26:50.0802 3840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

12:26:50.0803 3840 hidserv - ok

12:26:50.0829 3840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

12:26:50.0830 3840 HidUsb - ok

12:26:50.0861 3840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

12:26:50.0862 3840 hkmsvc - ok

12:26:50.0897 3840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
 
12:26:50.0900 3840 HomeGroupListener - ok

12:26:50.0929 3840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

12:26:50.0931 3840 HomeGroupProvider - ok

12:26:51.0007 3840 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

12:26:51.0009 3840 HP Support Assistant Service - ok

12:26:51.0067 3840 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

12:26:51.0082 3840 hpqwmiex - ok

12:26:51.0106 3840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

12:26:51.0108 3840 HpSAMD - ok

12:26:51.0156 3840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

12:26:51.0166 3840 HTTP - ok

12:26:51.0197 3840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

12:26:51.0197 3840 hwpolicy - ok

12:26:51.0233 3840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

12:26:51.0235 3840 i8042prt - ok

12:26:51.0270 3840 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

12:26:51.0276 3840 iaStor - ok

12:26:51.0304 3840 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

12:26:51.0305 3840 IAStorDataMgrSvc - ok

12:26:51.0326 3840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

12:26:51.0331 3840 iaStorV - ok

12:26:51.0383 3840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:26:51.0396 3840 idsvc - ok
 
12:26:51.0495 3840 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys

12:26:51.0500 3840 IDSVia64 - ok

12:26:51.0633 3840 [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

12:26:51.0753 3840 igfx - ok

12:26:51.0787 3840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

12:26:51.0788 3840 iirsp - ok

12:26:51.0825 3840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

12:26:51.0830 3840 IKEEXT - ok

12:26:51.0887 3840 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

12:26:51.0897 3840 IntcAzAudAddService - ok

12:26:51.0916 3840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

12:26:51.0917 3840 intelide - ok

12:26:51.0951 3840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

12:26:51.0952 3840 intelppm - ok

12:26:52.0001 3840 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

12:26:52.0002 3840 IntuitUpdateService - ok

12:26:52.0052 3840 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

12:26:52.0053 3840 IntuitUpdateServiceV4 - ok

12:26:52.0073 3840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

12:26:52.0076 3840 IPBusEnum - ok

12:26:52.0097 3840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
 
i have to go from bottom up.I cant figure out where the heck i was..

12:27:14.0838 1772 mouhid - ok

12:27:14.0870 1772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

12:27:14.0871 1772 mountmgr - ok

12:27:14.0910 1772 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

12:27:14.0911 1772 MozillaMaintenance - ok

12:27:14.0928 1772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

12:27:14.0929 1772 mpio - ok

12:27:14.0945 1772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

12:27:14.0945 1772 mpsdrv - ok

12:27:14.0982 1772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

12:27:14.0987 1772 MpsSvc - ok

12:27:14.0993 1772 mrtRate - ok

12:27:15.0014 1772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

12:27:15.0015 1772 MRxDAV - ok

12:27:15.0046 1772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

12:27:15.0047 1772 mrxsmb - ok

12:27:15.0076 1772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:27:15.0078 1772 mrxsmb10 - ok

12:27:15.0085 1772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:27:15.0086 1772 mrxsmb20 - ok

12:27:15.0097 1772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

12:27:15.0098 1772 msahci - ok

12:27:15.0116 1772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

12:27:15.0117 1772 msdsm - ok

12:27:15.0133 1772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

12:27:15.0135 1772 MSDTC - ok

12:27:15.0147 1772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

12:27:15.0148 1772 Msfs - ok

12:27:15.0160 1772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

12:27:15.0160 1772 mshidkmdf - ok

12:27:15.0191 1772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

12:27:15.0191 1772 msisadrv - ok

12:27:15.0215 1772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

12:27:15.0217 1772 MSiSCSI - ok

12:27:15.0224 1772 msiserver - ok

12:27:15.0240 1772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

12:27:15.0240 1772 MSKSSRV - ok

12:27:15.0248 1772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

12:27:15.0249 1772 MSPCLOCK - ok

12:27:15.0265 1772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

12:27:15.0265 1772 MSPQM - ok

12:27:15.0296 1772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

12:27:15.0298 1772 MsRPC - ok

12:27:15.0315 1772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

12:27:15.0316 1772 mssmbios - ok

12:27:15.0332 1772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

12:27:15.0332 1772 MSTEE - ok

12:27:15.0346 1772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

12:27:15.0346 1772 MTConfig - ok

12:27:15.0357 1772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

12:27:15.0358 1772 Mup - ok

12:27:15.0414 1772 [ DFD8873E4DC08E621A8366C6CD98AB28 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe

12:27:15.0415 1772 N360 - ok

12:27:15.0433 1772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

12:27:15.0437 1772 napagent - ok

12:27:15.0460 1772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

12:27:15.0462 1772 NativeWifiP - ok

12:27:15.0527 1772 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130301.025\ENG64.SYS

12:27:15.0530 1772 NAVENG - ok

12:27:15.0576 1772 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130301.025\EX64.SYS

12:27:15.0589 1772 NAVEX15 - ok

12:27:15.0642 1772 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

12:27:15.0648 1772 NDIS - ok

12:27:15.0662 1772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

12:27:15.0663 1772 NdisCap - ok

12:27:15.0677 1772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

12:27:15.0677 1772 NdisTapi - ok

12:27:15.0697 1772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

12:27:15.0698 1772 Ndisuio - ok

12:27:15.0722 1772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

12:27:15.0723 1772 NdisWan - ok

12:27:15.0748 1772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

12:27:15.0749 1772 NDProxy - ok

12:27:15.0761 1772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

12:27:15.0762 1772 NetBIOS - ok

12:27:15.0793 1772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

12:27:15.0795 1772 NetBT - ok

12:27:15.0808 1772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

12:27:15.0809 1772 Netlogon - ok

12:27:15.0830 1772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

12:27:15.0833 1772 Netman - ok

12:27:15.0854 1772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

12:27:15.0858 1772 netprofm - ok

12:27:15.0889 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:27:15.0890 1772 NetTcpPortSharing - ok

12:27:15.0912 1772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

12:27:15.0913 1772 nfrd960 - ok

12:27:15.0934 1772 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

12:27:15.0936 1772 NlaSvc - ok

12:27:15.0948 1772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

12:27:15.0949 1772 Npfs - ok

12:27:15.0973 1772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

12:27:15.0975 1772 nsi - ok

12:27:15.0980 1772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

12:27:15.0980 1772 nsiproxy - ok

12:27:16.0037 1772 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

12:27:16.0046 1772 Ntfs - ok

12:27:16.0060 1772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

12:27:16.0060 1772 Null - ok

12:27:16.0088 1772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

12:27:16.0089 1772 nvraid - ok

12:27:16.0105 1772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

12:27:16.0107 1772 nvstor - ok

12:27:16.0123 1772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

12:27:16.0124 1772 nv_agp - ok

12:27:16.0152 1772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

12:27:16.0153 1772 ohci1394 - ok

12:27:16.0183 1772 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:27:16.0184 1772 ose - ok

12:27:16.0204 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

12:27:16.0207 1772 p2pimsvc - ok

12:27:16.0227 1772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

12:27:16.0231 1772 p2psvc - ok

12:27:16.0250 1772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

12:27:16.0251 1772 Parport - ok

12:27:16.0278 1772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

12:27:16.0279 1772 partmgr - ok

12:27:16.0296 1772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

12:27:16.0297 1772 PcaSvc - ok

12:27:16.0365 1772 PcdrNdisuio - ok

12:27:16.0384 1772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

12:27:16.0386 1772 pci - ok

12:27:16.0407 1772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

12:27:16.0408 1772 pciide - ok

12:27:16.0429 1772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

12:27:16.0431 1772 pcmcia - ok

12:27:16.0455 1772 [ EA762CEA5B7012381EF75F4A55C7BB62 ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe

12:27:16.0456 1772 PCPitstop Scheduling - ok

12:27:16.0491 1772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

12:27:16.0491 1772 pcw - ok

12:27:16.0511 1772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

12:27:16.0515 1772 PEAUTH - ok

12:27:16.0538 1772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

12:27:16.0540 1772 PerfHost - ok

12:27:16.0595 1772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

12:27:16.0603 1772 pla - ok

12:27:16.0631 1772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

12:27:16.0635 1772 PlugPlay - ok

12:27:16.0648 1772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

12:27:16.0649 1772 PNRPAutoReg - ok

12:27:16.0671 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

12:27:16.0674 1772 PNRPsvc - ok

12:27:16.0691 1772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

12:27:16.0694 1772 PolicyAgent - ok

12:27:16.0714 1772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

12:27:16.0716 1772 Power - ok

12:27:16.0741 1772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

12:27:16.0742 1772 PptpMiniport - ok

12:27:16.0748 1772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

12:27:16.0749 1772 Processor - ok

12:27:16.0777 1772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

12:27:16.0779 1772 ProfSvc - ok

12:27:16.0791 1772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

12:27:16.0792 1772 ProtectedStorage - ok

12:27:16.0821 1772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

12:27:16.0822 1772 Psched - ok

12:27:16.0863 1772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

12:27:16.0871 1772 ql2300 - ok

12:27:16.0878 1772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

12:27:16.0879 1772 ql40xx - ok

12:27:16.0910 1772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

12:27:16.0912 1772 QWAVE - ok

12:27:16.0937 1772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

12:27:16.0938 1772 QWAVEdrv - ok

12:27:16.0949 1772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

12:27:16.0949 1772 RasAcd - ok

12:27:16.0961 1772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

12:27:16.0962 1772 RasAgileVpn - ok

12:27:16.0971 1772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

12:27:16.0973 1772 RasAuto - ok

12:27:17.0001 1772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

12:27:17.0002 1772 Rasl2tp - ok

12:27:17.0035 1772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

12:27:17.0038 1772 RasMan - ok

12:27:17.0052 1772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

12:27:17.0052 1772 RasPppoe - ok

12:27:17.0061 1772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

12:27:17.0062 1772 RasSstp - ok

12:27:17.0094 1772 [ 96597C96D5ACF4A3EF0B24D396853879 ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys

12:27:17.0094 1772 rcmirror - ok

12:27:17.0124 1772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

12:27:17.0125 1772 rdbss - ok

12:27:17.0136 1772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

12:27:17.0137 1772 rdpbus - ok

12:27:17.0152 1772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

12:27:17.0153 1772 RDPCDD - ok

12:27:17.0162 1772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

12:27:17.0163 1772 RDPENCDD - ok

12:27:17.0178 1772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

12:27:17.0178 1772 RDPREFMP - ok

12:27:17.0210 1772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

12:27:17.0212 1772 RDPWD - ok

12:27:17.0238 1772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

12:27:17.0239 1772 rdyboost - ok

12:27:17.0264 1772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

12:27:17.0266 1772 RemoteAccess - ok

12:27:17.0283 1772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

12:27:17.0285 1772 RemoteRegistry - ok

12:27:17.0300 1772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

12:27:17.0301 1772 RpcEptMapper - ok

12:27:17.0330 1772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

12:27:17.0331 1772 RpcLocator - ok

12:27:17.0362 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

12:27:17.0366 1772 RpcSs - ok

12:27:17.0377 1772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

12:27:17.0378 1772 rspndr - ok

12:27:17.0409 1772 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

12:27:17.0410 1772 RTL8167 - ok

12:27:17.0445 1772 [ 4A06585C8673F4458E9FBBC9DDDB4D28 ] RTL8187B C:\Windows\system32\DRIVERS\wg111v3.sys

12:27:17.0447 1772 RTL8187B - ok

12:27:17.0466 1772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

12:27:17.0467 1772 SamSs - ok

12:27:17.0498 1772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

12:27:17.0499 1772 sbp2port - ok

12:27:17.0515 1772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

12:27:17.0517 1772 SCardSvr - ok

12:27:17.0544 1772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

12:27:17.0544 1772 scfilter - ok

12:27:17.0575 1772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

12:27:17.0582 1772 Schedule - ok

12:27:17.0604 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

12:27:17.0604 1772 SCPolicySvc - ok

12:27:17.0637 1772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

12:27:17.0639 1772 SDRSVC - ok

12:27:17.0748 1772 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

12:27:17.0759 1772 SDScannerService - ok

12:27:17.0804 1772 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

12:27:17.0812 1772 SDUpdateService - ok

12:27:17.0837 1772 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

12:27:17.0839 1772 SDWSCService - ok

12:27:17.0864 1772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

12:27:17.0865 1772 secdrv - ok

12:27:17.0890 1772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

12:27:17.0892 1772 seclogon - ok

12:27:17.0905 1772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

12:27:17.0907 1772 SENS - ok

12:27:17.0919 1772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

12:27:17.0920 1772 SensrSvc - ok

12:27:17.0934 1772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

12:27:17.0934 1772 Serenum - ok

12:27:17.0940 1772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

12:27:17.0941 1772 Serial - ok

12:27:17.0969 1772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

12:27:17.0970 1772 sermouse - ok

12:27:18.0006 1772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

12:27:18.0007 1772 SessionEnv - ok

12:27:18.0038 1772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

12:27:18.0039 1772 sffdisk - ok

12:27:18.0046 1772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

12:27:18.0047 1772 sffp_mmc - ok

12:27:18.0052 1772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

12:27:18.0053 1772 sffp_sd - ok

12:27:18.0066 1772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

12:27:18.0066 1772 sfloppy - ok

12:27:18.0100 1772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

12:27:18.0102 1772 SharedAccess - ok

12:27:18.0133 1772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

12:27:18.0136 1772 ShellHWDetection - ok

12:27:18.0153 1772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

12:27:18.0153 1772 SiSRaid2 - ok

12:27:18.0168 1772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

12:27:18.0169 1772 SiSRaid4 - ok

12:27:18.0283 1772 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

12:27:18.0302 1772 Skype C2C Service - ok

12:27:18.0346 1772 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

12:27:18.0348 1772 SkypeUpdate - ok

12:27:18.0368 1772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

12:27:18.0369 1772 Smb - ok

12:27:18.0394 1772 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS

12:27:18.0395 1772 SMR311 - ok

12:27:18.0424 1772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

12:27:18.0426 1772 SNMPTRAP - ok

12:27:18.0435 1772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

12:27:18.0436 1772 spldr - ok

12:27:18.0471 1772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

12:27:18.0476 1772 Spooler - ok

12:27:18.0561 1772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

12:27:18.0580 1772 sppsvc - ok

12:27:18.0595 1772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

12:27:18.0597 1772 sppuinotify - ok

12:27:18.0688 1772 [ B2FE88C5E621C8345CC9BAC5CFD366B0 ] SRTSP C:\Windows\system32\drivers\N360x64\1401010.002\SRTSP64.SYS

12:27:18.0696 1772 SRTSP - ok

12:27:18.0711 1772 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1401010.002\SRTSPX64.SYS

12:27:18.0711 1772 SRTSPX - ok

12:27:18.0742 1772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

12:27:18.0744 1772 srv - ok

12:27:18.0771 1772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

12:27:18.0773 1772 srv2 - ok

12:27:18.0790 1772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

12:27:18.0791 1772 srvnet - ok

12:27:18.0813 1772 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys

12:27:18.0814 1772 sscdbus - ok

12:27:18.0835 1772 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys

12:27:18.0835 1772 sscdmdfl - ok

12:27:18.0855 1772 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys

12:27:18.0856 1772 sscdmdm - ok

12:27:18.0883 1772 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys

12:27:18.0884 1772 sscdserd - ok

12:27:18.0899 1772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

12:27:18.0901 1772 SSDPSRV - ok

12:27:18.0912 1772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

12:27:18.0914 1772 SstpSvc - ok

12:27:18.0935 1772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

12:27:18.0936 1772 stexstor - ok

12:27:18.0957 1772 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

12:27:18.0958 1772 StillCam - ok

12:27:18.0988 1772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

12:27:18.0992 1772 stisvc - ok

12:27:19.0019 1772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

12:27:19.0020 1772 swenum - ok

12:27:19.0045 1772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

12:27:19.0049 1772 swprv - ok

12:27:19.0079 1772 [ 52EB25BD8AB4E331028C48B178441B36 ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys

12:27:19.0081 1772 sxuptp - ok

12:27:19.0114 1772 [ 688BBE78970E639BC1D66AE733394DCF ] SymDS C:\Windows\system32\drivers\N360x64\1401010.002\SYMDS64.SYS

12:27:19.0116 1772 SymDS - ok

12:27:19.0180 1772 [ A17EE0D0D762CC9B56FB9218D7089AFB ] SymEFA C:\Windows\system32\drivers\N360x64\1401010.002\SYMEFA64.SYS

12:27:19.0191 1772 SymEFA - ok

12:27:19.0222 1772 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

12:27:19.0223 1772 SymEvent - ok

12:27:19.0258 1772 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1401010.002\Ironx64.SYS

12:27:19.0259 1772 SymIRON - ok

12:27:19.0289 1772 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\N360x64\1401010.002\SYMNETS.SYS

12:27:19.0292 1772 SymNetS - ok

12:27:19.0339 1772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

12:27:19.0349 1772 SysMain - ok

12:27:19.0372 1772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

12:27:19.0374 1772 TabletInputService - ok

12:27:19.0397 1772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

12:27:19.0400 1772 TapiSrv - ok

12:27:19.0411 1772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

12:27:19.0412 1772 TBS - ok

12:27:19.0456 1772 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

12:27:19.0467 1772 Tcpip - ok

12:27:19.0514 1772 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

12:27:19.0525 1772 TCPIP6 - ok

12:27:19.0553 1772 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

12:27:19.0554 1772 tcpipreg - ok

12:27:19.0576 1772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

12:27:19.0577 1772 TDPIPE - ok

12:27:19.0597 1772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

12:27:19.0598 1772 TDTCP - ok

12:27:19.0622 1772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

12:27:19.0623 1772 tdx - ok

12:27:19.0642 1772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

12:27:19.0643 1772 TermDD - ok

12:27:19.0684 1772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

12:27:19.0689 1772 TermService - ok

12:27:19.0699 1772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

12:27:19.0701 1772 Themes - ok

12:27:19.0731 1772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

12:27:19.0732 1772 THREADORDER - ok

12:27:19.0738 1772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

12:27:19.0740 1772 TrkWks - ok

12:27:19.0785 1772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

12:27:19.0786 1772 TrustedInstaller - ok

12:27:19.0821 1772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

12:27:19.0822 1772 tssecsrv - ok

12:27:19.0840 1772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

12:27:19.0842 1772 TsUsbFlt - ok

12:27:19.0863 1772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

12:27:19.0866 1772 tunnel - ok

12:27:19.0890 1772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

12:27:19.0891 1772 uagp35 - ok

12:27:19.0926 1772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

12:27:19.0930 1772 udfs - ok

12:27:19.0958 1772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

12:27:19.0962 1772 UI0Detect - ok

12:27:19.0977 1772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

12:27:19.0978 1772 uliagpkx - ok

12:27:20.0005 1772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

12:27:20.0006 1772 umbus - ok

12:27:20.0028 1772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

12:27:20.0029 1772 UmPass - ok

12:27:20.0047 1772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

12:27:20.0050 1772 upnphost - ok

12:27:20.0064 1772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

12:27:20.0065 1772 usbccgp - ok

12:27:20.0096 1772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

12:27:20.0097 1772 usbcir - ok

12:27:20.0102 1772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

12:27:20.0103 1772 usbehci - ok

12:27:20.0123 1772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

12:27:20.0125 1772 usbhub - ok

12:27:20.0140 1772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

12:27:20.0141 1772 usbohci - ok

12:27:20.0161 1772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

12:27:20.0162 1772 usbprint - ok

12:27:20.0183 1772 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

12:27:20.0184 1772 usbscan - ok

12:27:20.0196 1772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS

12:27:20.0197 1772 USBSTOR - ok

12:27:20.0212 1772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

12:27:20.0213 1772 usbuhci - ok

12:27:20.0229 1772 [ D0FE8CB5F84303E73FF0754437FAD3D1 ] USB_RNDIS C:\Windows\system32\DRIVERS\usb8023.sys

12:27:20.0230 1772 USB_RNDIS - ok

12:27:20.0253 1772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

12:27:20.0254 1772 UxSms - ok

12:27:20.0267 1772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

12:27:20.0268 1772 VaultSvc - ok

12:27:20.0294 1772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

12:27:20.0295 1772 vdrvroot - ok

12:27:20.0325 1772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

12:27:20.0329 1772 vds - ok

12:27:20.0340 1772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

12:27:20.0341 1772 vga - ok

12:27:20.0346 1772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

12:27:20.0347 1772 VgaSave - ok

12:27:20.0365 1772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

12:27:20.0366 1772 vhdmp - ok

12:27:20.0377 1772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

12:27:20.0377 1772 viaide - ok

12:27:20.0393 1772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

12:27:20.0393 1772 volmgr - ok

12:27:20.0428 1772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

12:27:20.0431 1772 volmgrx - ok

12:27:20.0449 1772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

12:27:20.0451 1772 volsnap - ok

12:27:20.0487 1772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

12:27:20.0488 1772 vsmraid - ok

12:27:20.0539 1772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

12:27:20.0549 1772 VSS - ok

12:27:20.0566 1772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

12:27:20.0567 1772 vwifibus - ok

12:27:20.0572 1772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

12:27:20.0573 1772 vwififlt - ok

12:27:20.0594 1772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

12:27:20.0597 1772 W32Time - ok

12:27:20.0628 1772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

12:27:20.0629 1772 WacomPen - ok

12:27:20.0640 1772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

12:27:20.0641 1772 WANARP - ok

12:27:20.0645 1772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

12:27:20.0646 1772 Wanarpv6 - ok

12:27:20.0694 1772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

12:27:20.0707 1772 WatAdminSvc - ok

12:27:20.0758 1772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

12:27:20.0775 1772 wbengine - ok

12:27:20.0794 1772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

12:27:20.0797 1772 WbioSrvc - ok

12:27:20.0832 1772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

12:27:20.0836 1772 wcncsvc - ok

12:27:20.0850 1772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:27:20.0851 1772 WcsPlugInService - ok

12:27:20.0880 1772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

12:27:20.0880 1772 Wd - ok

12:27:20.0919 1772 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

12:27:20.0924 1772 Wdf01000 - ok

12:27:20.0937 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

12:27:20.0938 1772 WdiServiceHost - ok

12:27:20.0944 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

12:27:20.0946 1772 WdiSystemHost - ok

12:27:20.0971 1772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

12:27:20.0973 1772 WebClient - ok

12:27:20.0992 1772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

12:27:20.0995 1772 Wecsvc - ok

12:27:21.0007 1772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

12:27:21.0009 1772 wercplsupport - ok

12:27:21.0022 1772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

12:27:21.0024 1772 WerSvc - ok

12:27:21.0044 1772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

12:27:21.0045 1772 WfpLwf - ok

12:27:21.0061 1772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

12:27:21.0062 1772 WIMMount - ok

12:27:21.0073 1772 WinDefend - ok

12:27:21.0079 1772 WinHttpAutoProxySvc - ok

12:27:21.0120 1772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

12:27:21.0121 1772 Winmgmt - ok

12:27:21.0183 1772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

12:27:21.0200 1772 WinRM - ok

12:27:21.0250 1772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

12:27:21.0256 1772 Wlansvc - ok

12:27:21.0289 1772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

12:27:21.0290 1772 WmiAcpi - ok

12:27:21.0313 1772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

12:27:21.0314 1772 wmiApSrv - ok

12:27:21.0330 1772 WMPNetworkSvc - ok

12:27:21.0348 1772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

12:27:21.0349 1772 WPCSvc - ok

12:27:21.0375 1772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

12:27:21.0377 1772 WPDBusEnum - ok

12:27:21.0391 1772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

12:27:21.0392 1772 ws2ifsl - ok

12:27:21.0399 1772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

12:27:21.0401 1772 wscsvc - ok

12:27:21.0407 1772 WSearch - ok

12:27:21.0465 1772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

12:27:21.0479 1772 wuauserv - ok

12:27:21.0511 1772 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

12:27:21.0511 1772 WudfPf - ok

12:27:21.0549 1772 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

12:27:21.0551 1772 wudfsvc - ok

12:27:21.0564 1772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

12:27:21.0567 1772 WwanSvc - ok

12:27:21.0579 1772 ================ Scan global ===============================

12:27:21.0602 1772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

12:27:21.0636 1772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

12:27:21.0646 1772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

12:27:21.0666 1772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

12:27:21.0691 1772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

12:27:21.0694 1772 [Global] - ok

12:27:21.0695 1772 ================ Scan MBR ==================================

12:27:21.0703 1772 [ 89750024E83C5387C5B5F649AFB20429 ] \Device\Harddisk0\DR0

12:27:21.0930 1772 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

12:27:21.0930 1772 \Device\Harddisk0\DR0 - detected TDSS File System (1)

12:27:21.0930 1772 ================ Scan VBR ==================================

12:27:21.0936 1772 [ 0CB555645E88FB9D32D324EDD502BEAA ] \Device\Harddisk0\DR0\Partition1

12:27:21.0939 1772 \Device\Harddisk0\DR0\Partition1 - ok

12:27:21.0967 1772 [ C88532FE8C261DC926E34F2EEDC1F880 ] \Device\Harddisk0\DR0\Partition2

12:27:21.0969 1772 \Device\Harddisk0\DR0\Partition2 - ok

12:27:21.0999 1772 [ 3A96162BAA79A5A8E0F50DA9AB06DE36 ] \Device\Harddisk0\DR0\Partition3

12:27:22.0001 1772 \Device\Harddisk0\DR0\Partition3 - ok

12:27:22.0001 1772 ============================================================

12:27:22.0001 1772 Scan finished

12:27:22.0001 1772 ============================================================

12:27:22.0014 3896 Detected object count: 1

12:27:22.0014 3896 Actual detected object count: 1

12:28:15.0584 3896 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

12:28:15.0642 3896 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

12:28:15.0716 3896 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

12:28:15.0725 3896 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

12:28:15.0728 3896 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

12:28:15.0731 3896 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

12:28:15.0735 3896 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

12:28:15.0737 3896 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

12:28:15.0740 3896 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

12:28:15.0741 3896 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

12:28:15.0743 3896 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

12:28:15.0745 3896 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

12:28:15.0745 3896 \Device\Harddisk0\DR0\TDLFS - deleted

12:28:15.0745 3896 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
 
12:26:59.0532 3840 VgaSave - ok

12:26:59.0548 3840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

12:26:59.0551 3840 vhdmp - ok

12:26:59.0568 3840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

12:26:59.0570 3840 viaide - ok

12:26:59.0584 3840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

12:26:59.0586 3840 volmgr - ok

12:26:59.0620 3840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

12:26:59.0624 3840 volmgrx - ok

12:26:59.0641 3840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

12:26:59.0644 3840 volsnap - ok

12:26:59.0679 3840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

12:26:59.0681 3840 vsmraid - ok

12:26:59.0731 3840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

12:26:59.0761 3840 VSS - ok

12:26:59.0775 3840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

12:26:59.0776 3840 vwifibus - ok

12:26:59.0791 3840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

12:26:59.0793 3840 vwififlt - ok

12:26:59.0811 3840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

12:26:59.0814 3840 W32Time - ok

12:26:59.0837 3840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

12:26:59.0838 3840 WacomPen - ok

12:26:59.0873 3840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

12:26:59.0875 3840 WANARP - ok

12:26:59.0879 3840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

12:26:59.0880 3840 Wanarpv6 - ok

12:26:59.0923 3840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

12:26:59.0936 3840 WatAdminSvc - ok

12:26:59.0978 3840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

12:26:59.0994 3840 wbengine - ok

12:27:00.0019 3840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

12:27:00.0023 3840 WbioSrvc - ok

12:27:00.0058 3840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

12:27:00.0063 3840 wcncsvc - ok

12:27:00.0091 3840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:27:00.0093 3840 WcsPlugInService - ok

12:27:00.0113 3840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

12:27:00.0114 3840 Wd - ok

12:27:00.0153 3840 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

12:27:00.0160 3840 Wdf01000 - ok

12:27:00.0178 3840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

12:27:00.0180 3840 WdiServiceHost - ok

12:27:00.0186 3840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

12:27:00.0188 3840 WdiSystemHost - ok

12:27:00.0213 3840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

12:27:00.0217 3840 WebClient - ok

12:27:00.0234 3840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

12:27:00.0238 3840 Wecsvc - ok

12:27:00.0249 3840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

12:27:00.0251 3840 wercplsupport - ok

12:27:00.0273 3840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

12:27:00.0274 3840 WerSvc - ok

12:27:00.0294 3840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

12:27:00.0295 3840 WfpLwf - ok

12:27:00.0312 3840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

12:27:00.0313 3840 WIMMount - ok

12:27:00.0323 3840 WinDefend - ok

12:27:00.0329 3840 WinHttpAutoProxySvc - ok

12:27:00.0379 3840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

12:27:00.0382 3840 Winmgmt - ok

12:27:00.0441 3840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

12:27:00.0494 3840 WinRM - ok

12:27:00.0551 3840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

12:27:00.0558 3840 Wlansvc - ok

12:27:00.0589 3840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

12:27:00.0590 3840 WmiAcpi - ok

12:27:00.0613 3840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

12:27:00.0616 3840 wmiApSrv - ok

12:27:00.0630 3840 WMPNetworkSvc - ok

12:27:00.0650 3840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

12:27:00.0653 3840 WPCSvc - ok

12:27:00.0684 3840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

12:27:00.0686 3840 WPDBusEnum - ok

12:27:00.0708 3840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

12:27:00.0709 3840 ws2ifsl - ok

12:27:00.0725 3840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

12:27:00.0727 3840 wscsvc - ok

12:27:00.0732 3840 WSearch - ok

12:27:00.0799 3840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

12:27:00.0830 3840 wuauserv - ok

12:27:00.0861 3840 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

12:27:00.0862 3840 WudfPf - ok

12:27:00.0890 3840 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

12:27:00.0892 3840 wudfsvc - ok

12:27:00.0906 3840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

12:27:00.0910 3840 WwanSvc - ok

12:27:00.0931 3840 ================ Scan global ===============================

12:27:00.0953 3840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

12:27:00.0986 3840 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

12:27:00.0994 3840 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

12:27:01.0009 3840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

12:27:01.0033 3840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

12:27:01.0036 3840 [Global] - ok

12:27:01.0037 3840 ================ Scan MBR ==================================

12:27:01.0046 3840 [ 89750024E83C5387C5B5F649AFB20429 ] \Device\Harddisk0\DR0

12:27:01.0233 3840 \Device\Harddisk0\DR0 - ok

12:27:01.0233 3840 ================ Scan VBR ==================================

12:27:01.0238 3840 [ 0CB555645E88FB9D32D324EDD502BEAA ] \Device\Harddisk0\DR0\Partition1

12:27:01.0240 3840 \Device\Harddisk0\DR0\Partition1 - ok

12:27:01.0251 3840 [ C88532FE8C261DC926E34F2EEDC1F880 ] \Device\Harddisk0\DR0\Partition2

12:27:01.0254 3840 \Device\Harddisk0\DR0\Partition2 - ok

12:27:01.0283 3840 [ 3A96162BAA79A5A8E0F50DA9AB06DE36 ] \Device\Harddisk0\DR0\Partition3

12:27:01.0286 3840 \Device\Harddisk0\DR0\Partition3 - ok

12:27:01.0286 3840 ============================================================

12:27:01.0286 3840 Scan finished

12:27:01.0286 3840 ============================================================

12:27:01.0305 3740 Detected object count: 0

12:27:01.0305 3740 Actual detected object count: 0

12:27:09.0251 1772 ============================================================

12:27:09.0251 1772 Scan started

12:27:09.0251 1772 Mode: Manual; TDLFS;

12:27:09.0251 1772 ============================================================

12:27:09.0387 1772 ================ Scan system memory ========================

12:27:09.0387 1772 System memory - ok

12:27:09.0388 1772 ================ Scan services =============================

12:27:09.0513 1772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

12:27:09.0516 1772 1394ohci - ok

12:27:09.0533 1772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

12:27:09.0537 1772 ACPI - ok

12:27:09.0564 1772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

12:27:09.0565 1772 AcpiPmi - ok

12:27:09.0651 1772 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

12:27:09.0654 1772 AdobeFlashPlayerUpdateSvc - ok

12:27:09.0682 1772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

12:27:09.0687 1772 adp94xx - ok

12:27:09.0720 1772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

12:27:09.0724 1772 adpahci - ok

12:27:09.0735 1772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

12:27:09.0737 1772 adpu320 - ok

12:27:09.0765 1772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

12:27:09.0766 1772 AeLookupSvc - ok

12:27:09.0800 1772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

12:27:09.0805 1772 AFD - ok

12:27:09.0884 1772 [ 23E7CB4641B93CE8591D1057670A4F04 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

12:27:09.0890 1772 AffinegyService - ok

12:27:09.0922 1772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

12:27:09.0923 1772 agp440 - ok

12:27:09.0939 1772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

12:27:09.0940 1772 ALG - ok

12:27:09.0957 1772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

12:27:09.0958 1772 aliide - ok

12:27:09.0971 1772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

12:27:09.0972 1772 amdide - ok

12:27:09.0988 1772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

12:27:09.0989 1772 AmdK8 - ok

12:27:09.0997 1772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

12:27:09.0998 1772 AmdPPM - ok

12:27:10.0028 1772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

12:27:10.0029 1772 amdsata - ok

12:27:10.0070 1772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

12:27:10.0072 1772 amdsbs - ok

12:27:10.0093 1772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

12:27:10.0094 1772 amdxata - ok

12:27:10.0119 1772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

12:27:10.0121 1772 AppID - ok

12:27:10.0128 1772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

12:27:10.0129 1772 AppIDSvc - ok

12:27:10.0181 1772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

12:27:10.0182 1772 Appinfo - ok

12:27:10.0223 1772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

12:27:10.0224 1772 arc - ok

12:27:10.0230 1772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

12:27:10.0231 1772 arcsas - ok

12:27:10.0289 1772 aspnet_state - ok

12:27:10.0316 1772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

12:27:10.0317 1772 AsyncMac - ok

12:27:10.0327 1772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

12:27:10.0328 1772 atapi - ok

12:27:10.0368 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:27:10.0372 1772 AudioEndpointBuilder - ok

12:27:10.0385 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

12:27:10.0389 1772 AudioSrv - ok

12:27:10.0420 1772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

12:27:10.0421 1772 AxInstSV - ok

12:27:10.0445 1772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

12:27:10.0448 1772 b06bdrv - ok

12:27:10.0461 1772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

12:27:10.0463 1772 b57nd60a - ok

12:27:10.0481 1772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

12:27:10.0482 1772 BDESVC - ok

12:27:10.0499 1772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

12:27:10.0499 1772 Beep - ok

12:27:10.0577 1772 [ 9BB84C554D7429F0A2CDF4EA1836F233 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

12:27:10.0579 1772 Belkin Local Backup Service - ok

12:27:10.0603 1772 [ E62A04D615A8CAC83601E1F07C010D3C ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

12:27:10.0604 1772 Belkin Network USB Helper - ok

12:27:10.0643 1772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

12:27:10.0650 1772 BFE - ok

12:27:10.0797 1772 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys

12:27:10.0811 1772 BHDrvx64 - ok

12:27:10.0864 1772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

12:27:10.0874 1772 BITS - ok

12:27:10.0895 1772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

12:27:10.0896 1772 blbdrive - ok

12:27:10.0922 1772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

12:27:10.0923 1772 bowser - ok

12:27:10.0944 1772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:27:10.0945 1772 BrFiltLo - ok

12:27:10.0959 1772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:27:10.0960 1772 BrFiltUp - ok

12:27:10.0990 1772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

12:27:10.0992 1772 Browser - ok

12:27:11.0019 1772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

12:27:11.0022 1772 Brserid - ok

12:27:11.0030 1772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

12:27:11.0031 1772 BrSerWdm - ok

12:27:11.0050 1772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

12:27:11.0051 1772 BrUsbMdm - ok

12:27:11.0058 1772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

12:27:11.0059 1772 BrUsbSer - ok

12:27:11.0075 1772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

12:27:11.0076 1772 BTHMODEM - ok

12:27:11.0105 1772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

12:27:11.0106 1772 bthserv - ok

12:27:11.0158 1772 [ A5C13600F63EB92F8D15123D64BA9895 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys

12:27:11.0160 1772 ccSet_N360 - ok

12:27:11.0188 1772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

12:27:11.0189 1772 cdfs - ok

12:27:11.0223 1772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

12:27:11.0224 1772 cdrom - ok

12:27:11.0255 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

12:27:11.0256 1772 CertPropSvc - ok

12:27:11.0266 1772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

12:27:11.0267 1772 circlass - ok

12:27:11.0284 1772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

12:27:11.0288 1772 CLFS - ok

12:27:11.0312 1772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:27:11.0313 1772 clr_optimization_v2.0.50727_32 - ok

12:27:11.0358 1772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:27:11.0360 1772 clr_optimization_v2.0.50727_64 - ok

12:27:11.0399 1772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:27:11.0401 1772 clr_optimization_v4.0.30319_32 - ok

12:27:11.0419 1772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:27:11.0421 1772 clr_optimization_v4.0.30319_64 - ok

12:27:11.0447 1772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

12:27:11.0447 1772 CmBatt - ok

12:27:11.0468 1772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

12:27:11.0469 1772 cmdide - ok

12:27:11.0497 1772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

12:27:11.0502 1772 CNG - ok

12:27:11.0521 1772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

12:27:11.0522 1772 Compbatt - ok

12:27:11.0543 1772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

12:27:11.0544 1772 CompositeBus - ok

12:27:11.0551 1772 COMSysApp - ok

12:27:11.0585 1772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

12:27:11.0586 1772 crcdisk - ok

12:27:11.0624 1772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

12:27:11.0626 1772 CryptSvc - ok

12:27:11.0664 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

12:27:11.0671 1772 DcomLaunch - ok

12:27:11.0697 1772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

12:27:11.0699 1772 defragsvc - ok

12:27:11.0723 1772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

12:27:11.0723 1772 DfsC - ok

12:27:11.0751 1772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

12:27:11.0753 1772 Dhcp - ok

12:27:11.0774 1772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

12:27:11.0774 1772 discache - ok

12:27:11.0789 1772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

12:27:11.0790 1772 Disk - ok

12:27:11.0812 1772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

12:27:11.0813 1772 Dnscache - ok

12:27:11.0843 1772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

12:27:11.0844 1772 dot3svc - ok

12:27:11.0870 1772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

12:27:11.0871 1772 DPS - ok

12:27:11.0897 1772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

12:27:11.0897 1772 drmkaud - ok

12:27:11.0933 1772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

12:27:11.0938 1772 DXGKrnl - ok

12:27:11.0949 1772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

12:27:11.0950 1772 EapHost - ok

12:27:12.0008 1772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

12:27:12.0026 1772 ebdrv - ok

12:27:12.0076 1772 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

12:27:12.0081 1772 eeCtrl - ok

12:27:12.0108 1772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

12:27:12.0110 1772 EFS - ok

12:27:12.0158 1772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

12:27:12.0165 1772 ehRecvr - ok

12:27:12.0189 1772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

12:27:12.0190 1772 ehSched - ok

12:27:12.0219 1772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

12:27:12.0224 1772 elxstor - ok

12:27:12.0255 1772 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

12:27:12.0257 1772 EraserUtilRebootDrv - ok

12:27:12.0287 1772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

12:27:12.0288 1772 ErrDev - ok

12:27:12.0310 1772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

12:27:12.0315 1772 EventSystem - ok

12:27:12.0345 1772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

12:27:12.0346 1772 exfat - ok

12:27:12.0353 1772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

12:27:12.0355 1772 fastfat - ok

12:27:12.0383 1772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

12:27:12.0388 1772 Fax - ok

12:27:12.0400 1772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

12:27:12.0401 1772 fdc - ok

12:27:12.0415 1772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

12:27:12.0416 1772 fdPHost - ok

12:27:12.0431 1772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

12:27:12.0432 1772 FDResPub - ok

12:27:12.0443 1772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

12:27:12.0444 1772 FileInfo - ok

12:27:12.0454 1772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

12:27:12.0454 1772 Filetrace - ok

12:27:12.0467 1772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

12:27:12.0467 1772 flpydisk - ok

12:27:12.0497 1772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

12:27:12.0499 1772 FltMgr - ok

12:27:12.0540 1772 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

12:27:12.0546 1772 FontCache - ok

12:27:12.0594 1772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:27:12.0595 1772 FontCache3.0.0.0 - ok

12:27:12.0603 1772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

12:27:12.0604 1772 FsDepends - ok

12:27:12.0634 1772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

12:27:12.0635 1772 Fs_Rec - ok

12:27:12.0673 1772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

12:27:12.0676 1772 fvevol - ok

12:27:12.0697 1772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

12:27:12.0699 1772 gagp30kx - ok

12:27:12.0737 1772 [ 81C1EB203DD3F0C111FE2086BADA2D67 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

12:27:12.0740 1772 GameConsoleService - ok

12:27:12.0787 1772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

12:27:12.0795 1772 gpsvc - ok

12:27:12.0859 1772 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:27:12.0861 1772 gupdate - ok

12:27:12.0868 1772 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:27:12.0871 1772 gupdatem - ok

12:27:12.0914 1772 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

12:27:12.0916 1772 gusvc - ok

12:27:12.0936 1772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

12:27:12.0937 1772 hcw85cir - ok

12:27:12.0961 1772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

12:27:12.0962 1772 HDAudBus - ok

12:27:12.0970 1772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

12:27:12.0971 1772 HidBatt - ok

12:27:12.0989 1772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

12:27:12.0990 1772 HidBth - ok

12:27:12.0999 1772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

12:27:13.0000 1772 HidIr - ok

12:27:13.0026 1772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

12:27:13.0027 1772 hidserv - ok

12:27:13.0036 1772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

12:27:13.0037 1772 HidUsb - ok

12:27:13.0068 1772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

12:27:13.0069 1772 hkmsvc - ok

12:27:13.0104 1772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

12:27:13.0107 1772 HomeGroupListener - ok

12:27:13.0136 1772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

12:27:13.0139 1772 HomeGroupProvider - ok

12:27:13.0197 1772 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

12:27:13.0199 1772 HP Support Assistant Service - ok

12:27:13.0249 1772 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

12:27:13.0259 1772 hpqwmiex - ok

12:27:13.0287 1772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

12:27:13.0288 1772 HpSAMD - ok

12:27:13.0327 1772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

12:27:13.0331 1772 HTTP - ok

12:27:13.0362 1772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

12:27:13.0362 1772 hwpolicy - ok

12:27:13.0390 1772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

12:27:13.0391 1772 i8042prt - ok

12:27:13.0425 1772 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

12:27:13.0428 1772 iaStor - ok

12:27:13.0461 1772 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

12:27:13.0461 1772 IAStorDataMgrSvc - ok

12:27:13.0483 1772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

12:27:13.0485 1772 iaStorV - ok

12:27:13.0521 1772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:27:13.0526 1772 idsvc - ok

12:27:13.0602 1772 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys

12:27:13.0607 1772 IDSVia64 - ok

12:27:13.0737 1772 [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

12:27:13.0769 1772 igfx - ok

12:27:13.0810 1772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

12:27:13.0811 1772 iirsp - ok

12:27:13.0835 1772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

12:27:13.0844 1772 IKEEXT - ok

12:27:13.0903 1772 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

12:27:13.0913 1772 IntcAzAudAddService - ok

12:27:13.0932 1772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

12:27:13.0932 1772 intelide - ok

12:27:13.0958 1772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

12:27:13.0959 1772 intelppm - ok

12:27:14.0008 1772 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

12:27:14.0009 1772 IntuitUpdateService - ok

12:27:14.0051 1772 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

12:27:14.0052 1772 IntuitUpdateServiceV4 - ok

12:27:14.0072 1772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

12:27:14.0074 1772 IPBusEnum - ok

12:27:14.0104 1772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:27:14.0105 1772 IpFilterDriver - ok

12:27:14.0137 1772 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

12:27:14.0140 1772 iphlpsvc - ok

12:27:14.0173 1772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

12:27:14.0174 1772 IPMIDRV - ok

12:27:14.0198 1772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

12:27:14.0199 1772 IPNAT - ok

12:27:14.0217 1772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

12:27:14.0218 1772 IRENUM - ok

12:27:14.0236 1772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

12:27:14.0237 1772 isapnp - ok

12:27:14.0268 1772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

12:27:14.0271 1772 iScsiPrt - ok

12:27:14.0290 1772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

12:27:14.0291 1772 kbdclass - ok

12:27:14.0322 1772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

12:27:14.0323 1772 kbdhid - ok

12:27:14.0333 1772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

12:27:14.0334 1772 KeyIso - ok

12:27:14.0359 1772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

12:27:14.0360 1772 KSecDD - ok

12:27:14.0388 1772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

12:27:14.0389 1772 KSecPkg - ok

12:27:14.0396 1772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

12:27:14.0396 1772 ksthunk - ok

12:27:14.0435 1772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

12:27:14.0438 1772 KtmRm - ok

12:27:14.0460 1772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

12:27:14.0463 1772 LanmanServer - ok

12:27:14.0492 1772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:27:14.0494 1772 LanmanWorkstation - ok

12:27:14.0534 1772 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

12:27:14.0535 1772 LightScribeService - ok

12:27:14.0546 1772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

12:27:14.0547 1772 lltdio - ok

12:27:14.0569 1772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

12:27:14.0572 1772 lltdsvc - ok

12:27:14.0586 1772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

12:27:14.0587 1772 lmhosts - ok

12:27:14.0613 1772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

12:27:14.0614 1772 LSI_FC - ok

12:27:14.0628 1772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

12:27:14.0629 1772 LSI_SAS - ok

12:27:14.0638 1772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:27:14.0639 1772 LSI_SAS2 - ok

12:27:14.0650 1772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:27:14.0651 1772 LSI_SCSI - ok

12:27:14.0671 1772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

12:27:14.0672 1772 luafv - ok

12:27:14.0701 1772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

12:27:14.0702 1772 Mcx2Svc - ok

12:27:14.0726 1772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

12:27:14.0727 1772 megasas - ok

12:27:14.0748 1772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

12:27:14.0750 1772 MegaSR - ok

12:27:14.0757 1772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

12:27:14.0758 1772 MMCSS - ok

12:27:14.0773 1772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

12:27:14.0774 1772 Modem - ok

12:27:14.0796 1772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

12:27:14.0797 1772 monitor - ok

12:27:14.0807 1772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

12:27:14.0808 1772 mouclass - ok

12:27:14.0838 1772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
 
ComboFix 13-03-02.01 - member 03/02/2013 12:36:14.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5110.3209 [GMT -8:00]
Running from: c:\users\member\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ArcadeWeb\arCAdeweb32.dll
c:\program files (x86)\CouponAlert_2pEI
c:\programdata\Microsoft\Windows\DRM\2E17.tmp
c:\programdata\Microsoft\Windows\DRM\2E27.tmp
c:\users\member\AppData\Local\Temp\AFF1.tmp\F_IN_BOX.dll
c:\users\member\AppData\Roaming\.#
c:\windows\svchost.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-02 to 2013-03-02 )))))))))))))))))))))))))))))))
.
.
2013-03-02 20:43 . 2013-03-02 20:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-02 20:43 . 2013-03-02 20:43 -------- d-----w- c:\users\your goddamn jokes\AppData\Local\temp
2013-03-02 20:43 . 2013-03-02 20:43 -------- d-----w- c:\users\my account\AppData\Local\temp
2013-03-01 07:25 . 2009-01-25 20:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-03-01 07:25 . 2013-03-01 07:25 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-03-01 07:23 . 2013-03-01 07:23 -------- d-----w- c:\users\member\AppData\Local\Programs
2013-02-28 03:57 . 2013-03-02 20:28 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-27 03:12 . 2013-02-27 03:12 -------- d-----w- c:\program files (x86)\ERUNT
2013-02-23 22:19 . 2013-02-23 22:20 -------- d-----w- c:\users\my account\AppData\Local\Adobe
2013-02-23 22:17 . 2013-02-23 22:17 -------- d-----w- c:\users\my account\AppData\Local\IsolatedStorage
2013-02-23 22:17 . 2013-02-23 22:17 -------- d-----w- c:\users\my account\AppData\Roaming\Intuit
2013-02-23 06:18 . 2013-02-23 06:18 -------- d-----w- c:\windows\Sun
2013-02-23 04:16 . 2013-02-23 04:16 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-02-23 02:57 . 2013-02-23 02:57 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-02-23 02:57 . 2013-02-23 02:57 -------- d-----w- c:\program files\Symantec
2013-02-23 02:57 . 2013-02-23 02:57 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-02-23 02:56 . 2013-02-23 06:24 -------- d-----w- c:\windows\system32\drivers\N360x64\1401010.002
2013-02-23 02:56 . 2013-02-23 02:56 -------- d-----w- c:\program files (x86)\Norton 360
2013-02-23 02:56 . 2013-02-23 02:56 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-02-23 02:19 . 2013-02-23 02:19 -------- d-----w- c:\users\my account\AppData\Local\LogMeIn Rescue Applet
2013-02-23 01:46 . 2013-02-23 01:46 95392 ----a-w- c:\windows\system32\drivers\SMR311.SYS
2013-02-23 01:46 . 2013-02-23 02:28 -------- d-----w- c:\users\my account\AppData\Local\NPE
2013-02-23 01:03 . 2013-02-23 03:18 -------- d-----w- c:\users\my account\AppData\Local\ElevatedDiagnostics
2013-02-14 08:03 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 08:03 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 06:54 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 06:53 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 06:53 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 06:53 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 06:53 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 06:53 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 06:53 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 06:53 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 06:53 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 06:53 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 06:53 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 06:53 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-05 04:24 . 2013-02-05 04:24 -------- d-----w- c:\users\my account\AppData\Local\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 01:55 . 2012-04-05 00:15 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-28 01:55 . 2011-06-26 18:04 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-14 08:08 . 2010-01-27 09:20 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-04 04:43 . 2013-02-14 06:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 01:42 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 01:42 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-10 05:53 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-10 05:53 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-10 05:53 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-10 05:53 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-10 05:53 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-10 05:53 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-10 05:53 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-10 05:53 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-10 05:53 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-10 05:53 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-10 05:53 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-10 05:53 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-10 05:53 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-10 05:53 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-10 05:53 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-10 05:53 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-10 05:53 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-10 05:53 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-10 05:53 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-10 05:53 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-10 05:53 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-10 05:53 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-10 05:53 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-10 05:53 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-10 05:53 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-10 05:53 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-02-04 18:18 . 2012-04-17 04:15 689552 ----a-w- c:\program files (x86)\2pUninstall Coupon Alert.dll
2012-02-04 18:18 . 2012-04-17 04:15 161720 ----a-w- c:\program files (x86)\2pres.dll
2011-03-19 22:50 . 2011-04-05 20:45 684032 ----a-w- c:\program files (x86)\Uninstall Coupon Alert.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}]
2009-12-18 18:47 81920 ----a-w- c:\program files (x86)\eGames\egamestoolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}"= "c:\program files (x86)\egames\egamestoolbar.dll" [2009-12-18 81920]
"{311B58DC-A4DC-4B04-B1B5-60299AD3D803}"= "c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll" [2012-10-18 2572728]
.
[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e}]
.
[HKEY_CLASSES_ROOT\clsid\{311b58dc-a4dc-4b04-b1b5-60299ad3d803}]
[HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 4620 series (NET)"="c:\program files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" [2011-12-19 2548072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-11-14 1884064]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\users\member\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\windows\Speech\ERUNTcorrectone\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Remote Solution"=%ProgramFiles(x86)%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SelectRebates"=c:\program files (x86)\SelectRebates\SelectRebates.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ApnUpdater"="C:\Program Files (x86)
"AW TrayIcon"=RunDll32.exe "c:\program files (x86)\ArcadeWeb\arcadeweb32.dll", RunTrayIcon
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ShopAtHomeWatcher"=c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 mrtRate;mrtRate; [x]
R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-04-06 91304]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 4608]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2009-11-19 446976]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-06 1255736]
S0 SMR311;Symantec SMR Utility Service 3.1.1;c:\windows\System32\drivers\SMR311.SYS [2013-02-23 95392]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1401010.002\SYMDS64.SYS [2012-07-28 493216]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1401010.002\SYMEFA64.SYS [2012-08-08 1132192]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-02-08 1388120]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys [2012-08-07 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-02-23 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1401010.002\Ironx64.SYS [2012-07-28 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\1401010.002\SYMNETS.SYS [2012-07-23 432800]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-04-19 181760]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe [2012-08-29 143928]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2009-06-22 291352]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-18 138912]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-22 04:16 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 01:55]
.
2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-09 04:04]
.
2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-09 04:04]
.
2013-03-01 c:\windows\Tasks\HPCeeScheduleFormember.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2012-12-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-12 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-12 363544]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = www.google.com
mDefault_Search_URL = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=16148
FF - prefs.js: keyword.URL - hxxp://urlseek10.vmn.net/search.php?type=dns&tbn=egames3_1dn&q=
FF - ExtSQL: 2013-02-25 15:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn
FF - ExtSQL: 2013-02-25 18:43; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-65312228.sys
WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Mahjongg Dimensions Deluxe (tb) - c:\program files (x86)\eGames\Mahjongg Dimensions Deluxe (tb)\Uninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.1.1.2\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
@="131473"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2013-03-02 12:51:13 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-02 20:51
.
Pre-Run: 426,064,453,632 bytes free
Post-Run: 425,736,925,184 bytes free
.
- - End Of File - - 9F272AA13A59438FA9FDE750E7951733
 
hope i did all that right cause im so confused. Most of everything on my parents pc is not clickable. It says illegal operation attempted marked for deletion. Please advice. Thanks!
 
Hello diane7

hope i did all that right cause im so confused
Click to expand...
You did it right :)

Most of everything on my parents pc is not clickable. It says illegal operation attempted marked for deletion. Please advice.
Click to expand...
Thats nothing to worry about. Simply reboot the machine a couple of times and that message will go away.

I will get back to you later on today with the next set of instructions :)
 
Hello diane7

I'm back :)

We need to use Combofix again, but this time we will be running it in a slightly different way.


  1. Please work through the following steps

    • Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
    • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
    • Copy and Paste the text in the quotebox below into the open Notepad window:

      File::
      c:\program files (x86)\eGames\egamestoolbar.dll
      c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
      c:\program files (x86)\SelectRebates\SelectRebates.exe
      c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
      c:\program files (x86)\ArcadeWeb\arcadeweb32.dll

      Folder::
      c:\program files (x86)\eGames
      c:\users\member\AppData\Roaming\ShopAtHome
      c:\program files (x86)\SelectRebates
      c:\program files (x86)\ArcadeWeb

      Registry::
      [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}"=-
      "{311B58DC-A4DC-4B04-B1B5-60299AD3D803}"=-

      [-HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e}]

      [-HKEY_CLASSES_ROOT\clsid\{311b58dc-a4dc-4b04-b1b5-60299ad3d803}]

      [-HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome.3]

      [-HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

      [-HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome]

      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "SelectRebates"=-
      "ShopAtHomeWatcher"=-
      "AW TrayIcon"=-

      Firefox::
      FF - ProfilePath - c:\users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
      FF - prefs.js: keyword.URL - hxxp://urlseek10.vmn.net/search.php?type=dns&tbn=egames3_1dn&q=

      RegLock::
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      Click to expand...

    • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
    • Close any open browsers.
    • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Refering to the picture below, drag CFScript.txt into ComboFix.exe

      CFScriptB-4.gif



    • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
    • Once the log is produced, re-engage your resident anti virus.

  2. Junkware Removal Tool

    Please download Junkware Removal Tool by clicking here and save it to your desktop.
    • Shutdown your antivirus to avoid any conflicts.
    • Double click JRT.exe to run the tool.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Please post the new Combofix log and the Junkware Removal Tool log in your next reply.
 
I did have that report from after I did all those steps...However I copied it but I couldnt get a browswer to open...everything I clicked was marked for deletion. So knowing what you said last time I restarted the pc and now I can get a browser but I cannot find that log. Please advise!

I will continue on to the next set of instructions. Thanks!
 
Chrome is telling me that next thing you wanted me to download I believe it had junk it the words is malicious. Please advise. Thanks!
 
Hello diane7

The Junkware Removal Tool is not malicious. It has been used many times without incident.

As for the Combofix log, let try to find it like this:

Navigate to your C drive and check to see if there is a file there called C:\ComboFix.txt

If it is present open the file and copy/paste the contents into your next reply.
 
Jon Tom I am out of town and will be back tomorrow night. I will proceed with your instructions at that time. I appreciate your help and guidance more than you know! di
 
Status
Not open for further replies.
Back
Top