redirecting of internet windows and boot trouble if allowed to hybernate/sleep

Opening Speech
Hello, Welcome to GeekPolice! I am Houndmom and I will be helping you get your computer cleaned up.


Please note the following information about the malware forum:

* Only Tech Officers, Global Moderators, Administrators, Malware Advisors,and Tech Advisors are allowed to give advice on removing malware from your computer.
* From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
* Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
* If you have already asked for help somewhere, please post the link to the topic you were helped.
* We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

Reply to this topic with the word BUMP, or
see this topic.

* Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

I am a student and will need to get approval prior to each step. I will return shortly with the first step.

OTL Fix
Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :killall
  :OTL
  O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  
  
  
  [createrestorepoint]
  [resethosts]
  
  
  
  
• Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

Then:

Please download aswMBR from here

• Save aswMBR.exe to your Desktop
  
• Double click aswMBR.exe to run it
  
• Click the Scan button to start the scan as illustrated below
  

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

• Once the scan finishes click Save log to save the log to your Desktop
  
  
  
• Copy and paste the contents of aswMBR.txt back here for review
  

Here is the results from OTL, should I continue to aswMBR, or stop now that it failed?

Error: Unable to interpret <:killall> in the current context!
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
File eaterestorepoint] not found.
File sethosts] not found.

OTL by OldTimer - Version 3.2.33.1 log created on 03122012_074549

Sorry I missed the reply.

should I continue to aswMBR, or stop now that it failed?

It did not fail, it did remove the lines that it was supposed to.

Yes, Please continue with aswMBR here

aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-03-12 14:54:02
-----------------------------
14:54:02.473 OS Version: Windows x64 6.1.7600
14:54:02.473 Number of processors: 8 586 0x1E05
14:54:02.474 ComputerName: ZAPLAP2 UserName: Scott
14:54:04.489 Initialize success
14:55:55.180 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:55:55.183 Disk 0 Vendor: ST964032 0002 Size: 610480MB BusType: 3
14:55:55.186 Device \Driver\iaStor -> MajorFunction fffffa80069675c4
14:55:55.189 Disk 0 MBR read successfully
14:55:55.192 Disk 0 MBR scan
14:55:55.195 Disk 0 Windows 7 default MBR code
14:55:55.199 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
14:55:55.212 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152616 MB offset 45062325
14:55:55.216 Disk 0 Partition - 00 0F Extended LBA 435858 MB offset 357623808
14:55:55.239 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 435857 MB offset 357625856
14:55:55.274 Disk 0 scanning C:\Windows\system32\drivers
14:56:03.823 Service scanning
14:56:21.046 Modules scanning
14:56:21.056 Disk 0 trace - called modules:
14:56:21.389 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80069675c4]<<
14:56:21.394 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80066d8060]
14:56:21.400 3 CLASSPNP.SYS[fffff8800115c43f] -> nt!IofCallDriver -> [0xfffffa8006382520]
14:56:21.406 5 ACPI.sys[fffff88000f4d781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006386050]
14:56:21.413 \Driver\iaStor[0xfffffa800657bdb0] -> IRP_MJ_CREATE -> 0xfffffa80069675c4
14:56:21.419 Scan finished successfully
14:56:46.545 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
14:56:46.551 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR 031212_zap_1961.txt"


**************************************************

line 14:56:21.389

and 14:56:21.413

are in red on my screen

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

1) Windows did not let me change the name before saving so I did it after it copied down.
2) When I double click the app, it took off and did not let me cut-n-paste your line of text.
3) It looked like it set a restore point
4) then it went off and did it's thing.

I will paste that result in the next entry. Do I need to run it again with the line of text you gave me? If so how/where would I enter it? I did not run from the desk top so that might be the problem...?

ComboFix 12-03-14.01 - Scott 03/14/2012 16:40:03.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6069.3026 [GMT -7:00]
Running from: c:\users\Scott\Desktop\Virus Tools\commy.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Internet Explorer\1209.tmp
c:\program files (x86)\Internet Explorer\B75F.tmp
c:\program files (x86)\Internet Explorer\D23F.tmp
c:\program files (x86)\LP
c:\program files (x86)\LP\6F1D\8759.tmp
c:\program files (x86)\LP\6F1D\AB.tmp
c:\program files (x86)\LP\6F1D\FAF4.tmp
c:\program files (x86)\LP\6F1D\FE2C.tmp
c:\programdata\FullRemove.exe
c:\users\Scott\AppData\Roaming\Microsoft\Windows\Recent\EP4CE15.OLB.URL
c:\users\Scott\videos\avidemux_2.5.2_win32.exe
c:\windows\AsPatch10430001.exe
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-02-14 to 2012-03-14 )))))))))))))))))))))))))))))))
.
.
2012-03-14 23:55 . 2012-03-14 23:55 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-03-14 23:55 . 2012-03-14 23:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-14 23:55 . 2012-03-14 23:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-12 14:45 . 2012-03-12 14:45 -------- d-----w- C:\_OTL
2012-03-09 20:35 . 2012-03-09 20:35 -------- d-----w- c:\users\Scott\AppData\Roaming\Safer Networking
2012-03-09 20:33 . 2012-03-09 20:33 -------- d-----w- c:\program files (x86)\Safer Networking
2012-03-09 14:36 . 2012-03-09 16:15 -------- d-----w- c:\program files\Symantec
2012-03-09 14:36 . 2012-03-09 16:14 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-09 14:36 . 2012-03-09 14:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-03-09 14:33 . 2012-03-09 20:30 -------- d-----w- c:\windows\system32\drivers\NAVx64
2012-03-09 14:32 . 2012-03-09 14:33 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2012-03-09 14:29 . 2012-03-09 14:29 -------- d-----w- c:\programdata\PCSettings
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\users\Scott\AppData\Roaming\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\programdata\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-14 01:34 . 2012-02-14 04:50 -------- d-----w- c:\users\Scott\AppData\Roaming\DEAE0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 14:23 . 2010-11-29 18:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-02-22 20:43 . 2011-02-14 23:29 286720 ----a-w- c:\windows\iun505.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\NCH_EN\prxtbNCH0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-10-29 2429]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-14 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-2 1080608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-29 12862]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-1-5 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-08 195336]
R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1306010.008\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1306010.008\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-03-03 1157240]
S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1306010.008\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120313.001\IDSvia64.sys [2012-03-08 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1306010.008\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1306010.008\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-16 249648]
S2 Cadence License Manager;Cadence License Manager;c:\cadence\LicenseManager\lmgrd.exe [2010-01-11 1722704]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [x]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.6.1.8\ccSvcHst.exe [2012-01-17 138232]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-08-17 1620584]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-08-17 235624]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-03-09 138360]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-28 2121320]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:64485
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hn6tdypz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 64485
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-SessionLogon - c:\expressgateutil\SessionLogon.exe
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.6.1.8\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.6.1.8\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-03-14 17:19:53
ComboFix-quarantined-files.txt 2012-03-15 00:19
.
Pre-Run: 36,960,722,944 bytes free
Post-Run: 44,022,792,192 bytes free
.
- - End Of File - - F385E08E84D527AA300C31146CD8BB49

ComboFix 12-03-17.01 - Scott 03/18/2012 9:33.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6069.4053 [GMT -7:00]
Running from: c:\users\Scott\Desktop\Virus Tools\ComboFix.exe
Command switches used :: c:\users\Scott\Desktop\Virus Tools\CFScript.txt
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-02-18 to 2012-03-18 )))))))))))))))))))))))))))))))
.
.
2012-03-18 16:47 . 2012-03-18 16:47 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-03-18 16:47 . 2012-03-18 16:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-18 16:47 . 2012-03-18 16:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-18 15:47 . 2012-03-18 15:47 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 15:47 . 2012-03-18 15:47 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-12 14:45 . 2012-03-12 14:45 -------- d-----w- C:\_OTL
2012-03-09 20:35 . 2012-03-09 20:35 -------- d-----w- c:\users\Scott\AppData\Roaming\Safer Networking
2012-03-09 20:33 . 2012-03-09 20:33 -------- d-----w- c:\program files (x86)\Safer Networking
2012-03-09 14:36 . 2012-03-09 16:15 -------- d-----w- c:\program files\Symantec
2012-03-09 14:36 . 2012-03-09 16:14 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-09 14:36 . 2012-03-09 14:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-03-09 14:33 . 2012-03-09 20:30 -------- d-----w- c:\windows\system32\drivers\NAVx64
2012-03-09 14:32 . 2012-03-09 14:33 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2012-03-09 14:29 . 2012-03-09 14:29 -------- d-----w- c:\programdata\PCSettings
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\users\Scott\AppData\Roaming\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\programdata\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-18 16:49 . 2010-11-29 18:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-02-22 20:43 . 2011-02-14 23:29 286720 ----a-w- c:\windows\iun505.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-14_23.56.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-18 16:20 . 2012-03-18 16:31 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
- 2012-01-18 16:20 . 2012-03-14 14:23 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-10-29 16:21 . 2012-03-17 23:08 50336 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-18 15:47 37250 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-29 18:55 . 2012-03-18 15:47 13806 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1469825858-3757968985-3060953023-1001_UserData.bin
- 2010-11-30 09:47 . 2012-03-13 14:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-30 09:47 . 2012-03-18 16:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-18 16:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-11 16:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-29 18:55 . 2012-03-14 14:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-29 18:55 . 2012-03-18 16:49 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-29 18:55 . 2012-03-18 16:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-29 18:55 . 2012-03-14 14:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-29 21:54 . 2012-03-16 23:36 3246 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-03-14 14:23 . 2012-03-14 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-18 16:48 . 2012-03-18 16:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-14 14:23 . 2012-03-14 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-18 16:48 . 2012-03-18 16:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-17 17:56 . 2012-03-14 23:36 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-04-17 17:56 . 2012-03-18 16:49 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2012-03-18 16:49 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-18 16:49 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:36 . 2012-03-18 15:50 627316 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-14 14:28 627316 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-18 15:50 107600 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-14 14:28 107600 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:12 . 2012-03-18 16:00 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-03-11 16:13 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-01-11 21:53 . 2011-05-09 20:01 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-11 21:53 . 2012-03-18 16:33 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-03-18 16:48 421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-13 23:37 421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:54 . 2012-03-18 16:49 2326528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 2326528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-29 16:34 . 2012-03-18 16:48 3970984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 02:34 . 2012-03-14 20:27 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2012-03-18 16:00 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-01-12 16:00 . 2012-03-18 16:48 60697660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1469825858-3757968985-3060953023-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\NCH_EN\prxtbNCH0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-10-29 2429]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-14 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-2 1080608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-29 12862]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-1-5 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-08 195336]
R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1306010.008\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1306010.008\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-03-03 1157240]
S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1306010.008\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120316.005\IDSvia64.sys [2012-03-08 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1306010.008\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1306010.008\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-16 249648]
S2 Cadence License Manager;Cadence License Manager;c:\cadence\LicenseManager\lmgrd.exe [2010-01-11 1722704]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [x]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.6.1.8\ccSvcHst.exe [2012-01-17 138232]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-08-17 1620584]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-08-17 235624]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-03-09 138360]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-28 2121320]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hn6tdypz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.6.1.8\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.6.1.8\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\\.\globalroot\systemroot\svchost.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\\.\globalroot\systemroot\svchost.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2012-03-18 10:11:38 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-18 17:11
ComboFix2.txt 2012-03-15 00:20
.
Pre-Run: 43,128,754,176 bytes free
Post-Run: 42,967,658,496 bytes free
.
- - End Of File - - F79C730256D38694296BA0F73F5FC70B

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Choose Change Parameters and make sure all the options are checked
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Note:It will also create a log in the C:\ directory.

I left nortin on, so I ran it again with it off. I will post both reports.

******************* scan 1, first half **************************************

13:02:25.0303 2920 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
13:02:25.0740 2920 ============================================================
13:02:25.0740 2920 Current date / time: 2012/03/21 13:02:25.0740
13:02:25.0740 2920 SystemInfo:
13:02:25.0740 2920
13:02:25.0740 2920 OS Version: 6.1.7600 ServicePack: 0.0
13:02:25.0740 2920 Product type: Workstation
13:02:25.0740 2920 ComputerName: ZAPLAP2
13:02:25.0740 2920 UserName: Scott
13:02:25.0740 2920 Windows directory: C:\Windows
13:02:25.0740 2920 System windows directory: C:\Windows
13:02:25.0740 2920 Running under WOW64
13:02:25.0740 2920 Processor architecture: Intel x64
13:02:25.0740 2920 Number of processors: 8
13:02:25.0740 2920 Page size: 0x1000
13:02:25.0740 2920 Boot type: Normal boot
13:02:25.0740 2920 ============================================================
13:02:27.0596 2920 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:02:27.0627 2920 \Device\Harddisk0\DR0:
13:02:27.0643 2920 MBR used
13:02:27.0643 2920 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x12A147D1
13:02:29.0156 2920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1550F000, BlocksNum 0x35348800
13:02:29.0780 2920 Initialize success
13:02:29.0780 2920 ============================================================
13:02:45.0693 3916 ============================================================
13:02:45.0693 3916 Scan started
13:02:45.0693 3916 Mode: Manual; SigCheck; TDLFS;
13:02:45.0693 3916 ============================================================
13:02:45.0973 3916 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:02:46.0083 3916 1394ohci - ok
13:02:46.0192 3916 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:02:46.0207 3916 ACPI - ok
13:02:46.0239 3916 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:02:46.0285 3916 AcpiPmi - ok
13:02:46.0395 3916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:02:46.0410 3916 adp94xx - ok
13:02:46.0535 3916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:02:46.0566 3916 adpahci - ok
13:02:46.0660 3916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:02:46.0691 3916 adpu320 - ok
13:02:46.0722 3916 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:02:46.0769 3916 AeLookupSvc - ok
13:02:46.0878 3916 AFBAgent (734d1ba96be6ad8d04e6afead569ea8a) C:\Windows\system32\FBAgent.exe
13:02:46.0925 3916 AFBAgent - ok
13:02:47.0065 3916 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
13:02:47.0097 3916 AFD - ok
13:02:47.0206 3916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:02:47.0221 3916 agp440 - ok
13:02:47.0331 3916 aksdf (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\DRIVERS\aksdf.sys
13:02:47.0393 3916 aksdf - ok
13:02:47.0502 3916 aksfridge (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
13:02:47.0518 3916 aksfridge - ok
13:02:47.0580 3916 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
13:02:47.0627 3916 akshasp - ok
13:02:47.0705 3916 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
13:02:47.0752 3916 akshhl - ok
13:02:47.0877 3916 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
13:02:47.0923 3916 aksusb - ok
13:02:48.0017 3916 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:02:48.0064 3916 ALG - ok
13:02:48.0173 3916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:02:48.0189 3916 aliide - ok
13:02:48.0235 3916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:02:48.0235 3916 amdide - ok
13:02:48.0313 3916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:02:48.0345 3916 AmdK8 - ok
13:02:48.0376 3916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:02:48.0407 3916 AmdPPM - ok
13:02:48.0516 3916 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
13:02:48.0516 3916 amdsata - ok
13:02:48.0563 3916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:02:48.0579 3916 amdsbs - ok
13:02:48.0610 3916 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
13:02:48.0625 3916 amdxata - ok
13:02:48.0735 3916 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
13:02:48.0766 3916 AmUStor - ok
13:02:48.0844 3916 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:02:48.0891 3916 AppID - ok
13:02:49.0000 3916 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:02:49.0062 3916 AppIDSvc - ok
13:02:49.0171 3916 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
13:02:49.0218 3916 Appinfo - ok
13:02:49.0312 3916 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:02:49.0312 3916 Apple Mobile Device - ok
13:02:49.0437 3916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:02:49.0452 3916 arc - ok
13:02:49.0483 3916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:02:49.0499 3916 arcsas - ok
13:02:49.0577 3916 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:02:49.0577 3916 ASLDRService - ok
13:02:49.0593 3916 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:02:49.0608 3916 ASMMAP64 - ok
13:02:49.0717 3916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:02:49.0780 3916 AsyncMac - ok
13:02:49.0889 3916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:02:49.0905 3916 atapi - ok
13:02:49.0967 3916 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
13:02:50.0014 3916 athr - ok
13:02:50.0076 3916 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:02:50.0076 3916 ATKGFNEXSrv - ok
13:02:50.0185 3916 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:02:50.0232 3916 AudioEndpointBuilder - ok
13:02:50.0263 3916 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:02:50.0295 3916 AudioSrv - ok
13:02:50.0388 3916 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
13:02:50.0435 3916 AxInstSV - ok
13:02:50.0529 3916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:02:50.0560 3916 b06bdrv - ok
13:02:50.0700 3916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:02:50.0731 3916 b57nd60a - ok
13:02:50.0856 3916 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:02:50.0872 3916 BBSvc - ok
13:02:50.0997 3916 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:02:51.0012 3916 BBUpdate - ok
13:02:51.0090 3916 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:02:51.0137 3916 BDESVC - ok
13:02:51.0246 3916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:02:51.0293 3916 Beep - ok
13:02:51.0418 3916 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
13:02:51.0480 3916 BFE - ok
13:02:51.0621 3916 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
13:02:51.0636 3916 BHDrvx64 - ok
13:02:51.0730 3916 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
13:02:51.0792 3916 BITS - ok
13:02:51.0901 3916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:02:51.0933 3916 blbdrive - ok
13:02:52.0026 3916 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
13:02:52.0042 3916 Bonjour Service - ok
13:02:52.0135 3916 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:02:52.0182 3916 bowser - ok
13:02:52.0276 3916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:02:52.0323 3916 BrFiltLo - ok
13:02:52.0432 3916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:02:52.0463 3916 BrFiltUp - ok
13:02:52.0588 3916 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:02:52.0650 3916 BridgeMP - ok
13:02:52.0759 3916 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
13:02:52.0822 3916 Browser - ok
13:02:52.0931 3916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:02:52.0993 3916 Brserid - ok
13:02:53.0103 3916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:02:53.0149 3916 BrSerWdm - ok
13:02:53.0259 3916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:02:53.0321 3916 BrUsbMdm - ok
13:02:53.0430 3916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:02:53.0461 3916 BrUsbSer - ok
13:02:53.0555 3916 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:02:53.0586 3916 BthEnum - ok
13:02:53.0664 3916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:02:53.0711 3916 BTHMODEM - ok
13:02:53.0805 3916 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:02:53.0836 3916 BthPan - ok
13:02:53.0945 3916 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
13:02:53.0992 3916 BTHPORT - ok
13:02:54.0101 3916 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:02:54.0132 3916 bthserv - ok
13:02:54.0273 3916 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
13:02:54.0319 3916 BTHUSB - ok
13:02:54.0413 3916 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
13:02:54.0444 3916 btusbflt - ok
13:02:54.0553 3916 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
13:02:54.0553 3916 btwaudio - ok
13:02:54.0631 3916 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
13:02:54.0647 3916 btwavdt - ok
13:02:54.0725 3916 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:02:54.0756 3916 btwdins - ok
13:02:54.0834 3916 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
13:02:54.0865 3916 btwl2cap - ok
13:02:54.0959 3916 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
13:02:54.0990 3916 btwrchid - ok
13:02:55.0084 3916 Cadence License Manager (647cd6b1ae2b42b7f27706a6a72e3ddc) C:\Cadence\LicenseManager\lmgrd.exe
13:02:55.0131 3916 Cadence License Manager - ok
13:02:55.0177 3916 catchme - ok
13:02:55.0318 3916 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306010.008\ccSetx64.sys
13:02:55.0318 3916 ccSet_NAV - ok
13:02:55.0427 3916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:02:55.0489 3916 cdfs - ok
13:02:55.0599 3916 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:02:55.0645 3916 cdrom - ok
13:02:55.0755 3916 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:02:55.0801 3916 CertPropSvc - ok
13:02:55.0848 3916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:02:55.0879 3916 circlass - ok
13:02:55.0926 3916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:02:55.0942 3916 CLFS - ok
13:02:56.0020 3916 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:02:56.0035 3916 clr_optimization_v2.0.50727_32 - ok
13:02:56.0082 3916 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:02:56.0113 3916 clr_optimization_v2.0.50727_64 - ok
13:02:56.0254 3916 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:02:56.0269 3916 clr_optimization_v4.0.30319_32 - ok
13:02:56.0347 3916 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:02:56.0363 3916 clr_optimization_v4.0.30319_64 - ok
13:02:56.0472 3916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:02:56.0503 3916 CmBatt - ok
13:02:56.0597 3916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:02:56.0613 3916 cmdide - ok
13:02:56.0675 3916 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
13:02:56.0722 3916 CNG - ok
13:02:56.0831 3916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:02:56.0847 3916 Compbatt - ok
13:02:56.0878 3916 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:02:56.0925 3916 CompositeBus - ok
13:02:56.0987 3916 COMSysApp - ok
13:02:57.0049 3916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:02:57.0049 3916 crcdisk - ok
13:02:57.0143 3916 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
13:02:57.0205 3916 CryptSvc - ok
13:02:57.0268 3916 CYUSB (e9e37e84a5431b51cec9d4fd39534901) C:\Windows\system32\Drivers\CYUSB.sys
13:02:57.0315 3916 CYUSB - ok
13:02:57.0424 3916 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:02:57.0455 3916 DcomLaunch - ok
13:02:57.0517 3916 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:02:57.0564 3916 defragsvc - ok
13:02:57.0673 3916 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:02:57.0705 3916 DfsC - ok
13:02:57.0798 3916 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
13:02:57.0814 3916 Dhcp - ok
13:02:57.0876 3916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:02:57.0923 3916 discache - ok
13:02:58.0032 3916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:02:58.0032 3916 Disk - ok
13:02:58.0095 3916 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
13:02:58.0126 3916 Dnscache - ok
13:02:58.0173 3916 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
13:02:58.0219 3916 dot3svc - ok
13:02:58.0251 3916 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
13:02:58.0282 3916 DPS - ok
13:02:59.0438 3916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:02:59.0750 3916 drmkaud - ok
13:03:01.0778 3916 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:03:01.0793 3916 DXGKrnl - ok
13:03:03.0073 3916 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:03:03.0166 3916 EapHost - ok
13:03:04.0477 3916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:03:04.0586 3916 ebdrv - ok
13:03:04.0695 3916 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:03:04.0726 3916 eeCtrl - ok
13:03:04.0804 3916 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
13:03:04.0835 3916 EFS - ok
13:03:04.0913 3916 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
13:03:04.0976 3916 ehRecvr - ok
13:03:05.0007 3916 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:03:05.0054 3916 ehSched - ok
13:03:05.0194 3916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:03:05.0210 3916 elxstor - ok
13:03:05.0319 3916 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:03:05.0319 3916 EraserUtilRebootDrv - ok
13:03:05.0397 3916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:03:05.0444 3916 ErrDev - ok
13:03:05.0553 3916 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
13:03:05.0584 3916 ETD - ok
13:03:05.0631 3916 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:03:05.0678 3916 EventSystem - ok
13:03:05.0927 3916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:03:05.0974 3916 exfat - ok
13:03:06.0052 3916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:03:06.0115 3916 fastfat - ok
13:03:06.0208 3916 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
13:03:06.0286 3916 Fax - ok
13:03:06.0380 3916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:03:06.0411 3916 fdc - ok
13:03:06.0458 3916 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:03:06.0520 3916 fdPHost - ok
13:03:06.0583 3916 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:03:06.0629 3916 FDResPub - ok
13:03:06.0692 3916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:03:06.0723 3916 FileInfo - ok
13:03:06.0770 3916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:03:06.0817 3916 Filetrace - ok
13:03:06.0879 3916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:03:06.0926 3916 flpydisk - ok
13:03:07.0004 3916 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:03:07.0019 3916 FltMgr - ok
13:03:07.0066 3916 FLxHCIc (480e31b064e6f7b4eaab8b00437298b6) C:\Windows\system32\DRIVERS\FLxHCIc.sys
13:03:07.0113 3916 FLxHCIc - ok
13:03:07.0191 3916 FLxHCIh (e9cf4c5a0c31197351f89a1df4522b96) C:\Windows\system32\DRIVERS\FLxHCIh.sys
13:03:07.0222 3916 FLxHCIh - ok
13:03:07.0269 3916 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
13:03:07.0347 3916 FontCache - ok
13:03:07.0441 3916 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:03:07.0441 3916 FontCache3.0.0.0 - ok
13:03:07.0519 3916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:03:07.0550 3916 FsDepends - ok
13:03:07.0643 3916 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
13:03:07.0675 3916 fssfltr - ok
13:03:07.0768 3916 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:03:07.0784 3916 fsssvc - ok
13:03:07.0877 3916 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:03:07.0893 3916 Fs_Rec - ok
13:03:07.0987 3916 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:03:08.0002 3916 fvevol - ok
13:03:08.0049 3916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:03:08.0065 3916 gagp30kx - ok
13:03:08.0158 3916 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:03:08.0174 3916 GEARAspiWDM - ok
13:03:08.0267 3916 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
13:03:08.0314 3916 gpsvc - ok
13:03:08.0423 3916 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:03:08.0439 3916 gupdate - ok
13:03:08.0486 3916 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:03:08.0486 3916 gupdatem - ok
13:03:08.0595 3916 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:03:08.0595 3916 gusvc - ok
13:03:08.0720 3916 Hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
13:03:08.0751 3916 Hardlock - ok
13:03:08.0829 3916 hasplms - ok
13:03:08.0876 3916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:03:08.0907 3916 hcw85cir - ok
13:03:08.0985 3916 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:03:09.0016 3916 HdAudAddService - ok
13:03:09.0079 3916 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:03:09.0110 3916 HDAudBus - ok
13:03:09.0157 3916 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
13:03:09.0157 3916 HECIx64 - ok
13:03:09.0188 3916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:03:09.0219 3916 HidBatt - ok
13:03:09.0297 3916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:03:09.0328 3916 HidBth - ok
13:03:09.0359 3916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:03:09.0391 3916 HidIr - ok
13:03:09.0422 3916 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:03:09.0453 3916 hidserv - ok
13:03:09.0562 3916 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:03:09.0593 3916 HidUsb - ok
13:03:09.0687 3916 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
13:03:09.0734 3916 hkmsvc - ok
13:03:09.0765 3916 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
13:03:09.0827 3916 HomeGroupListener - ok
13:03:09.0905 3916 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
13:03:09.0937 3916 HomeGroupProvider - ok
13:03:09.0983 3916 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:03:09.0999 3916 HpSAMD - ok
13:03:10.0046 3916 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:03:10.0093 3916 HTTP - ok
13:03:10.0124 3916 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:03:10.0139 3916 hwpolicy - ok
13:03:10.0171 3916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:03:10.0186 3916 i8042prt - ok
13:03:10.0217 3916 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
13:03:10.0233 3916 iaStor - ok
13:03:10.0295 3916 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
13:03:10.0311 3916 iaStorV - ok
13:03:10.0389 3916 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:03:10.0451 3916 idsvc - ok
13:03:10.0592 3916 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120316.005\IDSvia64.sys
13:03:10.0607 3916 IDSVia64 - ok
13:03:10.0685 3916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:03:10.0701 3916 iirsp - ok
13:03:10.0748 3916 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
13:03:10.0826 3916 IKEEXT - ok
13:03:10.0966 3916 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
13:03:11.0013 3916 IntcAzAudAddService - ok
13:03:11.0107 3916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:03:11.0122 3916 intelide - ok
13:03:11.0216 3916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:03:11.0247 3916 intelppm - ok
13:03:11.0325 3916 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:03:11.0372 3916 IPBusEnum - ok
13:03:11.0419 3916 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:03:11.0450 3916 IpFilterDriver - ok
13:03:11.0621 3916 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
13:03:11.0668 3916 iphlpsvc - ok
13:03:11.0746 3916 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:03:11.0793 3916 IPMIDRV - ok
13:03:11.0871 3916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:03:11.0902 3916 IPNAT - ok
13:03:11.0965 3916 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe
13:03:11.0996 3916 iPod Service - ok
13:03:12.0074 3916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:03:12.0121 3916 IRENUM - ok
13:03:12.0136 3916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:03:12.0152 3916 isapnp - ok
13:03:12.0230 3916 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:03:12.0245 3916 iScsiPrt - ok
13:03:12.0355 3916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:03:12.0355 3916 kbdclass - ok
13:03:12.0417 3916 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:03:12.0448 3916 kbdhid - ok
13:03:12.0542 3916 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
13:03:12.0557 3916 kbfiltr - ok
13:03:12.0667 3916 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:03:12.0667 3916 KeyIso - ok
13:03:12.0713 3916 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
13:03:12.0729 3916 KSecDD - ok
13:03:12.0776 3916 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
13:03:12.0791 3916 KSecPkg - ok
13:03:12.0854 3916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:03:12.0885 3916 ksthunk - ok
13:03:12.0916 3916 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:03:12.0947 3916 KtmRm - ok
13:03:13.0010 3916 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:03:13.0025 3916 L1C - ok
13:03:13.0119 3916 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
13:03:13.0135 3916 LanmanServer - ok
13:03:13.0181 3916 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
13:03:13.0228 3916 LanmanWorkstation - ok
13:03:13.0322 3916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:03:13.0369 3916 lltdio - ok
13:03:13.0415 3916 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:03:13.0462 3916 lltdsvc - ok
13:03:13.0509 3916 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:03:13.0540 3916 lmhosts - ok
13:03:13.0634 3916 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:03:13.0634 3916 LMS ( UnsignedFile.Multi.Generic ) - warning
13:03:13.0634 3916 LMS - detected UnsignedFile.Multi.Generic (1)
13:03:13.0727 3916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:03:13.0743 3916 LSI_FC - ok
13:03:13.0774 3916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:03:13.0790 3916 LSI_SAS - ok
13:03:13.0868 3916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:03:13.0883 3916 LSI_SAS2 - ok
13:03:13.0930 3916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:03:13.0946 3916 LSI_SCSI - ok
13:03:14.0024 3916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:03:14.0071 3916 luafv - ok
13:03:14.0164 3916 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
13:03:14.0180 3916 Mcx2Svc - ok
13:03:14.0242 3916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:03:14.0242 3916 megasas - ok
13:03:14.0320 3916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:03:14.0336 3916 MegaSR - ok
13:03:14.0429 3916 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:03:14.0461 3916 Microsoft Office Groove Audit Service - ok
13:03:14.0539 3916 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:03:14.0570 3916 MMCSS - ok
13:03:14.0632 3916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:03:14.0679 3916 Modem - ok
13:03:14.0741 3916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:03:14.0773 3916 monitor - ok
13:03:14.0835 3916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:03:14.0835 3916 mouclass - ok
13:03:14.0944 3916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:03:14.0975 3916 mouhid - ok
13:03:15.0007 3916 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:03:15.0022 3916 mountmgr - ok
13:03:15.0053 3916 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:03:15.0069 3916 mpio - ok
13:03:15.0163 3916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:03:15.0194 3916 mpsdrv - ok
13:03:15.0272 3916 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
13:03:15.0350 3916 MpsSvc - ok
13:03:15.0428 3916 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:03:15.0459 3916 MRxDAV - ok
13:03:15.0568 3916 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:15.0599 3916 mrxsmb - ok
13:03:15.0631 3916 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:15.0677 3916 mrxsmb10 - ok
13:03:15.0755 3916 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:15.0787 3916 mrxsmb20 - ok
13:03:15.0818 3916 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
13:03:15.0833 3916 msahci - ok
13:03:15.0927 3916 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:03:15.0943 3916 msdsm - ok


Last edited by zap_1961 on 21st March 2012, 8:23 pm; edited 1 time in total

***************** 1st scan, second half *************************

13:03:15.0989 3916 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:03:16.0021 3916 MSDTC - ok
13:03:16.0099 3916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:03:16.0161 3916 Msfs - ok
13:03:16.0239 3916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:03:16.0286 3916 mshidkmdf - ok
13:03:16.0317 3916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:03:16.0333 3916 msisadrv - ok
13:03:16.0379 3916 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:03:16.0411 3916 MSiSCSI - ok
13:03:16.0426 3916 msiserver - ok
13:03:16.0473 3916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:03:16.0520 3916 MSKSSRV - ok
13:03:16.0598 3916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:16.0645 3916 MSPCLOCK - ok
13:03:16.0754 3916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:03:16.0785 3916 MSPQM - ok
13:03:16.0816 3916 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:03:16.0832 3916 MsRPC - ok
13:03:16.0863 3916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:03:16.0879 3916 mssmbios - ok
13:03:16.0894 3916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:03:16.0957 3916 MSTEE - ok
13:03:17.0035 3916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:03:17.0066 3916 MTConfig - ok
13:03:17.0097 3916 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
13:03:17.0113 3916 MTsensor - ok
13:03:17.0191 3916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:03:17.0191 3916 Mup - ok
13:03:17.0222 3916 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
13:03:17.0269 3916 napagent - ok
13:03:17.0315 3916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:03:17.0378 3916 NativeWifiP - ok
13:03:17.0471 3916 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.1.8\ccSvcHst.exe
13:03:17.0471 3916 NAV - ok
13:03:17.0612 3916 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120317.009\ENG64.SYS
13:03:17.0643 3916 NAVENG - ok
13:03:17.0783 3916 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120317.009\EX64.SYS
13:03:17.0815 3916 NAVEX15 - ok
13:03:17.0893 3916 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:03:17.0924 3916 NDIS - ok
13:03:17.0971 3916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:03:18.0017 3916 NdisCap - ok
13:03:18.0111 3916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:18.0158 3916 NdisTapi - ok
13:03:18.0251 3916 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:18.0298 3916 Ndisuio - ok
13:03:20.0005 3916 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:20.0379 3916 NdisWan - ok
13:03:21.0269 3916 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:03:21.0596 3916 NDProxy - ok
13:03:22.0673 3916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:03:23.0936 3916 NetBIOS - ok
13:03:24.0092 3916 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:03:24.0139 3916 NetBT - ok
13:03:24.0186 3916 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:03:24.0201 3916 Netlogon - ok
13:03:24.0311 3916 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:03:24.0420 3916 Netman - ok
13:03:24.0451 3916 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:03:24.0545 3916 netprofm - ok
13:03:24.0607 3916 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:03:24.0638 3916 NetTcpPortSharing - ok
13:03:24.0701 3916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:03:24.0732 3916 nfrd960 - ok
13:03:24.0810 3916 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
13:03:24.0857 3916 NlaSvc - ok
13:03:24.0888 3916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:03:24.0935 3916 Npfs - ok
13:03:25.0013 3916 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:03:25.0059 3916 nsi - ok
13:03:25.0122 3916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:03:25.0169 3916 nsiproxy - ok
13:03:25.0231 3916 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
13:03:25.0293 3916 Ntfs - ok
13:03:25.0371 3916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:03:25.0403 3916 Null - ok
13:03:25.0527 3916 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
13:03:25.0543 3916 NVHDA - ok
13:03:25.0808 3916 nvlddmkm (240e2667aa8a63bcdf253c11a44c465c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:03:25.0964 3916 nvlddmkm - ok
13:03:26.0073 3916 nvpciflt (7e11307e8e48ee6ff73faca6c62e3be4) C:\Windows\system32\DRIVERS\nvpciflt.sys
13:03:26.0089 3916 nvpciflt - ok
13:03:26.0120 3916 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
13:03:26.0151 3916 nvraid - ok
13:03:26.0229 3916 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
13:03:26.0245 3916 nvstor - ok
13:03:26.0292 3916 nvsvc (7d77a2b349017a7b9eaef105a22e8b36) C:\Windows\system32\nvvsvc.exe
13:03:26.0307 3916 nvsvc - ok
13:03:26.0417 3916 nvUpdatusService (e0ecb3c5c905b4942d3740373605a31a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:03:26.0463 3916 nvUpdatusService - ok
13:03:26.0541 3916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
13:03:26.0557 3916 nv_agp - ok
13:03:26.0651 3916 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:03:26.0682 3916 odserv - ok
13:03:26.0760 3916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:03:26.0791 3916 ohci1394 - ok
13:03:26.0869 3916 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:03:26.0885 3916 ose - ok
13:03:26.0947 3916 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:03:26.0994 3916 p2pimsvc - ok
13:03:27.0041 3916 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:03:27.0072 3916 p2psvc - ok
13:03:27.0119 3916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:03:27.0134 3916 Parport - ok
13:03:27.0150 3916 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:03:27.0165 3916 partmgr - ok
13:03:27.0212 3916 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:03:27.0243 3916 PcaSvc - ok
13:03:27.0290 3916 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:03:27.0306 3916 pci - ok
13:03:27.0353 3916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:03:27.0368 3916 pciide - ok
13:03:27.0399 3916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:03:27.0415 3916 pcmcia - ok
13:03:27.0477 3916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:03:27.0493 3916 pcw - ok
13:03:27.0524 3916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:03:27.0571 3916 PEAUTH - ok
13:03:27.0633 3916 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:03:27.0680 3916 PerfHost - ok
13:03:27.0758 3916 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
13:03:27.0852 3916 pla - ok
13:03:27.0945 3916 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
13:03:27.0977 3916 PlugPlay - ok
13:03:28.0008 3916 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:03:28.0039 3916 PNRPAutoReg - ok
13:03:28.0117 3916 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:03:28.0133 3916 PNRPsvc - ok
13:03:28.0164 3916 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
13:03:28.0226 3916 PolicyAgent - ok
13:03:28.0304 3916 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:03:28.0351 3916 Power - ok
13:03:28.0429 3916 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:03:28.0476 3916 PptpMiniport - ok
13:03:28.0569 3916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:03:28.0601 3916 Processor - ok
13:03:28.0647 3916 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
13:03:28.0694 3916 ProfSvc - ok
13:03:28.0725 3916 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:03:28.0741 3916 ProtectedStorage - ok
13:03:28.0835 3916 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:03:28.0866 3916 Psched - ok
13:03:28.0913 3916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:03:28.0959 3916 ql2300 - ok
13:03:29.0037 3916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:03:29.0053 3916 ql40xx - ok
13:03:29.0100 3916 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:03:29.0115 3916 QWAVE - ok
13:03:29.0209 3916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:03:29.0240 3916 QWAVEdrv - ok
13:03:29.0318 3916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:03:29.0365 3916 RasAcd - ok
13:03:29.0412 3916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:03:29.0459 3916 RasAgileVpn - ok
13:03:29.0521 3916 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:03:29.0568 3916 RasAuto - ok
13:03:29.0615 3916 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:29.0677 3916 Rasl2tp - ok
13:03:29.0771 3916 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
13:03:29.0802 3916 RasMan - ok
13:03:29.0864 3916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:29.0895 3916 RasPppoe - ok
13:03:29.0927 3916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:03:29.0973 3916 RasSstp - ok
13:03:30.0051 3916 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:03:30.0114 3916 rdbss - ok
13:03:30.0129 3916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:03:30.0161 3916 rdpbus - ok
13:03:30.0270 3916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:30.0301 3916 RDPCDD - ok
13:03:30.0395 3916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:03:30.0441 3916 RDPENCDD - ok
13:03:30.0535 3916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:03:30.0582 3916 RDPREFMP - ok
13:03:30.0644 3916 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:03:30.0691 3916 RDPWD - ok
13:03:30.0785 3916 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
13:03:30.0800 3916 rdyboost - ok
13:03:30.0847 3916 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:03:30.0894 3916 RemoteAccess - ok
13:03:30.0925 3916 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:03:30.0972 3916 RemoteRegistry - ok
13:03:31.0065 3916 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:03:31.0128 3916 RFCOMM - ok
13:03:31.0237 3916 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:03:31.0253 3916 RichVideo - ok
13:03:31.0315 3916 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:03:31.0346 3916 RpcEptMapper - ok
13:03:31.0409 3916 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:03:31.0424 3916 RpcLocator - ok
13:03:31.0471 3916 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
13:03:31.0502 3916 RpcSs - ok
13:03:31.0549 3916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:03:31.0611 3916 rspndr - ok
13:03:31.0674 3916 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:03:31.0689 3916 SamSs - ok
13:03:31.0736 3916 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:03:31.0752 3916 sbp2port - ok
13:03:31.0830 3916 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:03:31.0892 3916 SCardSvr - ok
13:03:32.0329 3916 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:03:32.0360 3916 scfilter - ok
13:03:32.0469 3916 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
13:03:32.0797 3916 Schedule - ok
13:03:32.0891 3916 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:03:32.0922 3916 SCPolicySvc - ok
13:03:32.0984 3916 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
13:03:33.0000 3916 SDRSVC - ok
13:03:33.0047 3916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:03:33.0093 3916 secdrv - ok
13:03:33.0140 3916 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
13:03:33.0171 3916 seclogon - ok
13:03:33.0218 3916 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
13:03:33.0249 3916 SENS - ok
13:03:33.0265 3916 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:03:33.0312 3916 SensrSvc - ok
13:03:33.0405 3916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:03:33.0437 3916 Serenum - ok
13:03:33.0468 3916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:03:33.0499 3916 Serial - ok
13:03:33.0608 3916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:03:33.0639 3916 sermouse - ok
13:03:33.0717 3916 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
13:03:33.0749 3916 SessionEnv - ok
13:03:33.0780 3916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:03:33.0811 3916 sffdisk - ok
13:03:33.0842 3916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:03:33.0873 3916 sffp_mmc - ok
13:03:33.0951 3916 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:03:33.0967 3916 sffp_sd - ok
13:03:33.0998 3916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:03:34.0045 3916 sfloppy - ok
13:03:34.0139 3916 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:03:34.0185 3916 SharedAccess - ok
13:03:34.0232 3916 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
13:03:34.0263 3916 ShellHWDetection - ok
13:03:34.0310 3916 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
13:03:34.0341 3916 SiSGbeLH - ok
13:03:34.0404 3916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:03:34.0419 3916 SiSRaid2 - ok
13:03:34.0451 3916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:03:34.0466 3916 SiSRaid4 - ok
13:03:34.0513 3916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:03:34.0575 3916 Smb - ok
13:03:34.0653 3916 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:03:34.0700 3916 SNMPTRAP - ok
13:03:34.0778 3916 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
13:03:34.0856 3916 SNP2UVC - ok
13:03:34.0981 3916 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
13:03:35.0012 3916 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:03:35.0012 3916 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:03:35.0090 3916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:03:35.0090 3916 spldr - ok
13:03:35.0137 3916 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
13:03:35.0184 3916 Spooler - ok
13:03:35.0262 3916 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
13:03:35.0355 3916 sppsvc - ok
13:03:35.0433 3916 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:03:35.0480 3916 sppuinotify - ok
13:03:35.0574 3916 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1306010.008\SRTSP64.SYS
13:03:35.0589 3916 SRTSP - ok
13:03:35.0699 3916 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NAVx64\1306010.008\SRTSPX64.SYS
13:03:35.0714 3916 SRTSPX - ok
13:03:35.0808 3916 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:03:35.0855 3916 srv - ok
13:03:35.0948 3916 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:03:35.0979 3916 srv2 - ok
13:03:36.0011 3916 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:03:36.0042 3916 srvnet - ok
13:03:36.0135 3916 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:03:36.0182 3916 SSDPSRV - ok
13:03:36.0198 3916 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:03:36.0229 3916 SstpSvc - ok
13:03:36.0307 3916 Stereo Service (9029786ee426ce2a01e1d8d4c493c363) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:03:36.0323 3916 Stereo Service - ok
13:03:36.0416 3916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:03:36.0416 3916 stexstor - ok
13:03:36.0479 3916 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
13:03:36.0510 3916 stisvc - ok
13:03:36.0588 3916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:03:36.0603 3916 swenum - ok
13:03:36.0681 3916 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:03:36.0728 3916 swprv - ok
13:03:36.0884 3916 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1306010.008\SYMDS64.SYS
13:03:36.0915 3916 SymDS - ok
13:03:37.0056 3916 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1306010.008\SYMEFA64.SYS
13:03:37.0103 3916 SymEFA - ok
13:03:37.0196 3916 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:03:37.0212 3916 SymEvent - ok
13:03:37.0352 3916 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1306010.008\Ironx64.SYS
13:03:37.0368 3916 SymIRON - ok
13:03:37.0524 3916 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1306010.008\SYMNETS.SYS
13:03:37.0539 3916 SymNetS - ok
13:03:37.0633 3916 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
13:03:37.0695 3916 SysMain - ok
13:03:37.0727 3916 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
13:03:37.0773 3916 TabletInputService - ok
13:03:37.0867 3916 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
13:03:37.0914 3916 TapiSrv - ok
13:03:37.0945 3916 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:03:37.0992 3916 TBS - ok
13:03:38.0117 3916 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
13:03:38.0195 3916 Tcpip - ok
13:03:39.0999 3916 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
13:03:40.0030 3916 TCPIP6 - ok
13:03:42.0245 3916 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:03:42.0355 3916 tcpipreg - ok
13:03:43.0587 3916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:03:43.0634 3916 TDPIPE - ok
13:03:43.0681 3916 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:03:43.0712 3916 TDTCP - ok
13:03:43.0790 3916 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:03:43.0837 3916 tdx - ok
13:03:43.0915 3916 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:03:43.0930 3916 TermDD - ok
13:03:43.0961 3916 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
13:03:44.0024 3916 TermService - ok
13:03:44.0102 3916 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:03:44.0117 3916 Themes - ok
13:03:44.0164 3916 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:03:44.0180 3916 THREADORDER - ok
13:03:44.0227 3916 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:03:44.0273 3916 TrkWks - ok
13:03:44.0398 3916 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
13:03:44.0414 3916 TrustedInstaller - ok
13:03:44.0476 3916 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:44.0539 3916 tssecsrv - ok
13:03:44.0648 3916 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:03:44.0679 3916 tunnel - ok
13:03:44.0710 3916 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
13:03:44.0741 3916 TurboB - ok
13:03:44.0788 3916 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:03:44.0804 3916 TurboBoost - ok
13:03:44.0866 3916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:03:44.0882 3916 uagp35 - ok
13:03:44.0913 3916 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:03:44.0944 3916 udfs - ok
13:03:45.0022 3916 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:03:45.0053 3916 UI0Detect - ok
13:03:45.0116 3916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:03:45.0131 3916 uliagpkx - ok
13:03:45.0163 3916 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:03:45.0178 3916 umbus - ok
13:03:45.0225 3916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:03:45.0256 3916 UmPass - ok
13:03:45.0381 3916 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:03:45.0443 3916 UNS ( UnsignedFile.Multi.Generic ) - warning
13:03:45.0443 3916 UNS - detected UnsignedFile.Multi.Generic (1)
13:03:45.0521 3916 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:03:45.0568 3916 upnphost - ok
13:03:45.0631 3916 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
13:03:45.0662 3916 USBAAPL64 - ok
13:03:45.0709 3916 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
13:03:45.0771 3916 usbccgp - ok
13:03:45.0833 3916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:03:45.0880 3916 usbcir - ok
13:03:45.0943 3916 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
13:03:45.0958 3916 usbehci - ok
13:03:46.0021 3916 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
13:03:46.0067 3916 usbhub - ok
13:03:46.0130 3916 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
13:03:46.0177 3916 usbohci - ok
13:03:46.0208 3916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:03:46.0255 3916 usbprint - ok
13:03:46.0333 3916 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:03:46.0364 3916 USBSTOR - ok
13:03:46.0426 3916 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
13:03:46.0457 3916 usbuhci - ok
13:03:46.0535 3916 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
13:03:46.0567 3916 usbvideo - ok
13:03:46.0629 3916 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:03:46.0660 3916 UxSms - ok
13:03:46.0691 3916 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:03:46.0707 3916 VaultSvc - ok
13:03:46.0738 3916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:03:46.0769 3916 vdrvroot - ok
13:03:46.0847 3916 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
13:03:46.0910 3916 vds - ok
13:03:47.0003 3916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:03:47.0019 3916 vga - ok
13:03:47.0050 3916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:03:47.0113 3916 VgaSave - ok
13:03:47.0206 3916 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:03:47.0222 3916 vhdmp - ok
13:03:47.0253 3916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:03:47.0284 3916 viaide - ok
13:03:47.0331 3916 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe
13:03:47.0331 3916 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - warning
13:03:47.0331 3916 VideAceWindowsService - detected UnsignedFile.Multi.Generic (1)
13:03:47.0409 3916 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:03:47.0425 3916 volmgr - ok
13:03:47.0456 3916 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:03:47.0471 3916 volmgrx - ok
13:03:47.0534 3916 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:03:47.0549 3916 volsnap - ok
13:03:47.0674 3916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:03:47.0690 3916 vsmraid - ok
13:03:47.0752 3916 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
13:03:47.0830 3916 VSS - ok
13:03:47.0861 3916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:03:47.0893 3916 vwifibus - ok
13:03:47.0908 3916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:03:47.0939 3916 vwififlt - ok
13:03:48.0033 3916 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:03:48.0049 3916 vwifimp - ok
13:03:48.0095 3916 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:03:48.0127 3916 W32Time - ok
13:03:48.0173 3916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:03:48.0205 3916 WacomPen - ok
13:03:48.0283 3916 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:03:48.0329 3916 WANARP - ok
13:03:48.0345 3916 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:03:48.0376 3916 Wanarpv6 - ok
13:03:48.0485 3916 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:03:48.0548 3916 WatAdminSvc - ok
13:03:48.0626 3916 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
13:03:48.0688 3916 wbengine - ok
13:03:48.0719 3916 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:03:48.0751 3916 WbioSrvc - ok
13:03:48.0797 3916 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
13:03:48.0844 3916 wcncsvc - ok
13:03:48.0922 3916 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:03:48.0938 3916 WcsPlugInService - ok
13:03:48.0985 3916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:03:49.0000 3916 Wd - ok
13:03:49.0063 3916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:03:49.0109 3916 Wdf01000 - ok
13:03:49.0125 3916 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:03:49.0156 3916 WdiServiceHost - ok
13:03:49.0172 3916 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:03:49.0187 3916 WdiSystemHost - ok
13:03:49.0265 3916 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
13:03:49.0312 3916 WebClient - ok
13:03:49.0343 3916 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:03:49.0406 3916 Wecsvc - ok
13:03:49.0484 3916 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:03:49.0531 3916 wercplsupport - ok
13:03:49.0577 3916 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:03:49.0624 3916 WerSvc - ok
13:03:49.0655 3916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:03:49.0702 3916 WfpLwf - ok
13:03:49.0765 3916 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
13:03:49.0780 3916 WimFltr - ok
13:03:49.0827 3916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:03:49.0843 3916 WIMMount - ok
13:03:49.0874 3916 WinDefend - ok
13:03:49.0874 3916 WinHttpAutoProxySvc - ok
13:03:49.0967 3916 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:03:49.0999 3916 Winmgmt - ok
13:03:50.0077 3916 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
13:03:50.0155 3916 WinRM - ok
13:03:50.0295 3916 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
13:03:50.0326 3916 WinUsb - ok
13:03:50.0373 3916 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:03:50.0404 3916 Wlansvc - ok
13:03:50.0435 3916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:03:50.0482 3916 WmiAcpi - ok
13:03:50.0576 3916 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:03:50.0607 3916 wmiApSrv - ok
13:03:50.0654 3916 WMPNetworkSvc - ok
13:03:50.0732 3916 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:03:50.0747 3916 WPCSvc - ok
13:03:50.0779 3916 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
13:03:50.0794 3916 WPDBusEnum - ok
13:03:50.0888 3916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:03:50.0919 3916 ws2ifsl - ok
13:03:51.0059 3916 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
13:03:51.0075 3916 wscsvc - ok
13:03:51.0122 3916 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
13:03:51.0137 3916 WSDPrintDevice - ok
13:03:51.0153 3916 WSearch - ok
13:03:51.0231 3916 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
13:03:51.0325 3916 wuauserv - ok
13:03:51.0371 3916 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:03:51.0403 3916 WudfPf - ok
13:03:51.0434 3916 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:03:51.0465 3916 WUDFRd - ok
13:03:51.0496 3916 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
13:03:51.0543 3916 wudfsvc - ok
13:03:51.0559 3916 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:03:51.0605 3916 WwanSvc - ok
13:03:51.0637 3916 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
13:03:51.0668 3916 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
13:03:51.0668 3916 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
13:03:52.0229 3916 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:03:52.0229 3916 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:03:52.0261 3916 Boot (0x1200) (f4e459cb895541dfb8a8d76022aa4b82) \Device\Harddisk0\DR0\Partition0
13:03:52.0276 3916 \Device\Harddisk0\DR0\Partition0 - ok
13:03:52.0276 3916 Boot (0x1200) (f7b2733a3145a7ead44f1427131703a1) \Device\Harddisk0\DR0\Partition1
13:03:52.0292 3916 \Device\Harddisk0\DR0\Partition1 - ok
13:03:52.0292 3916 ============================================================
13:03:52.0292 3916 Scan finished
13:03:52.0292 3916 ============================================================
13:03:52.0307 1040 Detected object count: 6
13:03:52.0307 1040 Actual detected object count: 6
13:05:18.0322 1040 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:18.0322 1040 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:18.0322 1040 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:18.0322 1040 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:18.0324 1040 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:18.0324 1040 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:18.0325 1040 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:18.0325 1040 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:21.0124 1040 \Device\Harddisk0\DR0\# - copied to quarantine
13:05:21.0125 1040 \Device\Harddisk0\DR0 - copied to quarantine
13:05:24.0881 1040 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
13:05:24.0883 1040 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
13:05:24.0887 1040 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
13:05:24.0891 1040 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
13:05:24.0895 1040 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
13:05:24.0940 1040 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
13:05:25.0138 1040 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
13:05:25.0352 1040 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
13:05:25.0374 1040 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
13:05:25.0376 1040 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
13:05:25.0447 1040 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
13:05:25.0450 1040 \Device\Harddisk0\DR0 - ok
13:05:25.0486 1040 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
13:05:25.0486 1040 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:05:25.0486 1040 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:06:11.0593 2260 Deinitialize success

******************* 2nd Scan, first half of report *****************

13:08:23.0199 7116 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
13:08:23.0731 7116 ============================================================
13:08:23.0731 7116 Current date / time: 2012/03/21 13:08:23.0731
13:08:23.0731 7116 SystemInfo:
13:08:23.0731 7116
13:08:23.0731 7116 OS Version: 6.1.7600 ServicePack: 0.0
13:08:23.0731 7116 Product type: Workstation
13:08:23.0731 7116 ComputerName: ZAPLAP2
13:08:23.0731 7116 UserName: Scott
13:08:23.0731 7116 Windows directory: C:\Windows
13:08:23.0731 7116 System windows directory: C:\Windows
13:08:23.0731 7116 Running under WOW64
13:08:23.0731 7116 Processor architecture: Intel x64
13:08:23.0731 7116 Number of processors: 8
13:08:23.0731 7116 Page size: 0x1000
13:08:23.0731 7116 Boot type: Normal boot
13:08:23.0731 7116 ============================================================
13:08:23.0977 7116 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:08:24.0004 7116 \Device\Harddisk0\DR0:
13:08:24.0004 7116 MBR used
13:08:24.0004 7116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x12A147D1
13:08:24.0029 7116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1550F000, BlocksNum 0x35348800
13:08:24.0126 7116 Initialize success
13:08:24.0126 7116 ============================================================
13:08:30.0357 6064 ============================================================
13:08:30.0357 6064 Scan started
13:08:30.0357 6064 Mode: Manual; SigCheck; TDLFS;
13:08:30.0357 6064 ============================================================
13:08:35.0376 6064 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:08:35.0431 6064 1394ohci - ok
13:08:35.0529 6064 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:08:35.0544 6064 ACPI - ok
13:08:35.0632 6064 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:08:35.0647 6064 AcpiPmi - ok
13:08:35.0760 6064 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:08:35.0775 6064 adp94xx - ok
13:08:35.0884 6064 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:08:35.0898 6064 adpahci - ok
13:08:35.0987 6064 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:08:36.0000 6064 adpu320 - ok
13:08:36.0082 6064 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:08:36.0121 6064 AeLookupSvc - ok
13:08:36.0223 6064 AFBAgent (734d1ba96be6ad8d04e6afead569ea8a) C:\Windows\system32\FBAgent.exe
13:08:36.0251 6064 AFBAgent - ok
13:08:36.0356 6064 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
13:08:36.0374 6064 AFD - ok
13:08:36.0459 6064 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:08:36.0470 6064 agp440 - ok
13:08:36.0569 6064 aksdf (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\DRIVERS\aksdf.sys
13:08:36.0581 6064 aksdf - ok
13:08:36.0670 6064 aksfridge (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
13:08:36.0682 6064 aksfridge - ok
13:08:36.0785 6064 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
13:08:36.0795 6064 akshasp - ok
13:08:36.0871 6064 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
13:08:36.0882 6064 akshhl - ok
13:08:37.0122 6064 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
13:08:37.0132 6064 aksusb - ok
13:08:37.0197 6064 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:08:37.0212 6064 ALG - ok
13:08:37.0316 6064 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:08:37.0327 6064 aliide - ok
13:08:37.0423 6064 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:08:37.0433 6064 amdide - ok
13:08:37.0517 6064 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:08:37.0530 6064 AmdK8 - ok
13:08:37.0626 6064 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:08:37.0639 6064 AmdPPM - ok
13:08:37.0789 6064 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
13:08:37.0800 6064 amdsata - ok
13:08:37.0892 6064 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:08:37.0906 6064 amdsbs - ok
13:08:38.0005 6064 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
13:08:38.0017 6064 amdxata - ok
13:08:38.0119 6064 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
13:08:38.0131 6064 AmUStor - ok
13:08:38.0216 6064 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:08:38.0234 6064 AppID - ok
13:08:38.0322 6064 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:08:38.0361 6064 AppIDSvc - ok
13:08:40.0985 6064 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
13:08:40.0999 6064 Appinfo - ok
13:08:41.0900 6064 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:08:41.0909 6064 Apple Mobile Device - ok
13:08:43.0510 6064 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:08:43.0519 6064 arc - ok
13:08:44.0338 6064 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:08:44.0351 6064 arcsas - ok
13:08:44.0592 6064 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:08:44.0601 6064 ASLDRService - ok
13:08:44.0769 6064 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:08:44.0777 6064 ASMMAP64 - ok
13:08:45.0062 6064 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:08:45.0102 6064 AsyncMac - ok
13:08:45.0234 6064 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:08:45.0245 6064 atapi - ok
13:08:45.0301 6064 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
13:08:45.0330 6064 athr - ok
13:08:45.0400 6064 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:08:45.0409 6064 ATKGFNEXSrv - ok
13:08:45.0611 6064 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:08:45.0652 6064 AudioEndpointBuilder - ok
13:08:45.0704 6064 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:08:45.0744 6064 AudioSrv - ok
13:08:45.0857 6064 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
13:08:45.0875 6064 AxInstSV - ok
13:08:45.0936 6064 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:08:45.0954 6064 b06bdrv - ok
13:08:46.0044 6064 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:08:46.0061 6064 b57nd60a - ok
13:08:46.0304 6064 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:08:46.0317 6064 BBSvc - ok
13:08:46.0509 6064 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:08:46.0521 6064 BBUpdate - ok
13:08:46.0825 6064 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:08:46.0841 6064 BDESVC - ok
13:08:46.0910 6064 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:08:46.0985 6064 Beep - ok
13:08:47.0346 6064 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
13:08:47.0401 6064 BFE - ok
13:08:47.0652 6064 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
13:08:47.0677 6064 BHDrvx64 - ok
13:08:47.0822 6064 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
13:08:47.0866 6064 BITS - ok
13:08:47.0987 6064 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:08:48.0000 6064 blbdrive - ok
13:08:48.0148 6064 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
13:08:48.0158 6064 Bonjour Service - ok
13:08:48.0291 6064 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:08:48.0303 6064 bowser - ok
13:08:48.0399 6064 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:08:48.0416 6064 BrFiltLo - ok
13:08:48.0440 6064 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:08:48.0456 6064 BrFiltUp - ok
13:08:48.0588 6064 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:08:48.0621 6064 BridgeMP - ok
13:08:48.0697 6064 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
13:08:48.0732 6064 Browser - ok
13:08:48.0812 6064 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:08:48.0829 6064 Brserid - ok
13:08:49.0042 6064 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:08:49.0056 6064 BrSerWdm - ok
13:08:49.0194 6064 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:08:49.0210 6064 BrUsbMdm - ok
13:08:49.0330 6064 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:08:49.0344 6064 BrUsbSer - ok
13:08:49.0484 6064 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:08:49.0496 6064 BthEnum - ok
13:08:49.0606 6064 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:08:49.0624 6064 BTHMODEM - ok
13:08:49.0724 6064 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:08:49.0745 6064 BthPan - ok
13:08:49.0842 6064 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
13:08:49.0864 6064 BTHPORT - ok
13:08:49.0953 6064 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:08:49.0997 6064 bthserv - ok
13:08:50.0098 6064 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
13:08:50.0114 6064 BTHUSB - ok
13:08:50.0335 6064 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
13:08:50.0344 6064 btusbflt - ok
13:08:50.0553 6064 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
13:08:50.0563 6064 btwaudio - ok
13:08:50.0754 6064 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
13:08:50.0766 6064 btwavdt - ok
13:08:51.0191 6064 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:08:51.0206 6064 btwdins - ok
13:08:51.0852 6064 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
13:08:51.0860 6064 btwl2cap - ok
13:08:52.0070 6064 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
13:08:52.0122 6064 btwrchid - ok
13:08:52.0416 6064 Cadence License Manager (647cd6b1ae2b42b7f27706a6a72e3ddc) C:\Cadence\LicenseManager\lmgrd.exe
13:08:52.0443 6064 Cadence License Manager - ok
13:08:52.0504 6064 catchme - ok
13:08:52.0688 6064 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306010.008\ccSetx64.sys
13:08:52.0697 6064 ccSet_NAV - ok
13:08:52.0854 6064 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:08:52.0887 6064 cdfs - ok
13:08:53.0160 6064 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:08:53.0175 6064 cdrom - ok
13:08:53.0307 6064 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:08:53.0349 6064 CertPropSvc - ok
13:08:53.0440 6064 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:08:53.0458 6064 circlass - ok
13:08:53.0500 6064 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:08:53.0518 6064 CLFS - ok
13:08:53.0561 6064 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:08:53.0572 6064 clr_optimization_v2.0.50727_32 - ok
13:08:53.0612 6064 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:08:53.0622 6064 clr_optimization_v2.0.50727_64 - ok
13:08:53.0763 6064 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:08:53.0774 6064 clr_optimization_v4.0.30319_32 - ok
13:08:53.0811 6064 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:08:53.0821 6064 clr_optimization_v4.0.30319_64 - ok
13:08:53.0913 6064 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:08:53.0926 6064 CmBatt - ok
13:08:53.0941 6064 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:08:53.0953 6064 cmdide - ok
13:08:54.0049 6064 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
13:08:54.0070 6064 CNG - ok
13:08:54.0096 6064 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:08:54.0106 6064 Compbatt - ok
13:08:54.0176 6064 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:08:54.0192 6064 CompositeBus - ok
13:08:54.0204 6064 COMSysApp - ok
13:08:54.0230 6064 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:08:54.0241 6064 crcdisk - ok
13:08:54.0336 6064 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
13:08:54.0374 6064 CryptSvc - ok
13:08:54.0491 6064 CYUSB (e9e37e84a5431b51cec9d4fd39534901) C:\Windows\system32\Drivers\CYUSB.sys
13:08:54.0505 6064 CYUSB - ok
13:08:54.0710 6064 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:08:54.0752 6064 DcomLaunch - ok
13:08:55.0305 6064 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:08:55.0353 6064 defragsvc - ok
13:08:55.0432 6064 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:08:55.0448 6064 DfsC - ok
13:08:55.0539 6064 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
13:08:55.0563 6064 Dhcp - ok
13:08:55.0648 6064 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:08:55.0689 6064 discache - ok
13:08:55.0833 6064 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:08:55.0845 6064 Disk - ok
13:08:56.0587 6064 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
13:08:56.0602 6064 Dnscache - ok
13:08:57.0165 6064 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
13:08:57.0196 6064 dot3svc - ok
13:08:59.0369 6064 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
13:08:59.0410 6064 DPS - ok
13:09:00.0647 6064 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:09:00.0661 6064 drmkaud - ok
13:09:02.0860 6064 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:09:02.0880 6064 DXGKrnl - ok
13:09:03.0343 6064 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:09:03.0377 6064 EapHost - ok
13:09:03.0491 6064 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:09:03.0530 6064 ebdrv - ok
13:09:03.0655 6064 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:09:03.0668 6064 eeCtrl - ok
13:09:03.0734 6064 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
13:09:03.0747 6064 EFS - ok
13:09:03.0839 6064 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
13:09:03.0858 6064 ehRecvr - ok
13:09:03.0877 6064 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:09:03.0891 6064 ehSched - ok
13:09:04.0020 6064 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:09:04.0035 6064 elxstor - ok
13:09:04.0135 6064 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:09:04.0144 6064 EraserUtilRebootDrv - ok
13:09:04.0224 6064 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:09:04.0235 6064 ErrDev - ok
13:09:04.0376 6064 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
13:09:04.0387 6064 ETD - ok
13:09:04.0437 6064 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:09:04.0472 6064 EventSystem - ok
13:09:04.0557 6064 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:09:04.0588 6064 exfat - ok
13:09:04.0630 6064 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:09:04.0662 6064 fastfat - ok
13:09:04.0792 6064 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
13:09:04.0810 6064 Fax - ok
13:09:04.0856 6064 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:09:04.0869 6064 fdc - ok
13:09:04.0905 6064 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:09:04.0935 6064 fdPHost - ok
13:09:04.0963 6064 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:09:04.0992 6064 FDResPub - ok
13:09:05.0045 6064 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:09:05.0054 6064 FileInfo - ok
13:09:05.0074 6064 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:09:05.0104 6064 Filetrace - ok
13:09:05.0121 6064 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:09:05.0133 6064 flpydisk - ok
13:09:05.0209 6064 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:09:05.0221 6064 FltMgr - ok
13:09:05.0264 6064 FLxHCIc (480e31b064e6f7b4eaab8b00437298b6) C:\Windows\system32\DRIVERS\FLxHCIc.sys
13:09:05.0276 6064 FLxHCIc - ok
13:09:05.0326 6064 FLxHCIh (e9cf4c5a0c31197351f89a1df4522b96) C:\Windows\system32\DRIVERS\FLxHCIh.sys
13:09:05.0337 6064 FLxHCIh - ok
13:09:05.0438 6064 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
13:09:05.0459 6064 FontCache - ok
13:09:05.0531 6064 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:09:05.0539 6064 FontCache3.0.0.0 - ok
13:09:05.0613 6064 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:09:05.0623 6064 FsDepends - ok
13:09:05.0673 6064 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
13:09:05.0681 6064 fssfltr - ok
13:09:05.0745 6064 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:09:05.0759 6064 fsssvc - ok
13:09:05.0843 6064 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:09:05.0852 6064 Fs_Rec - ok
13:09:05.0923 6064 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:09:05.0937 6064 fvevol - ok
13:09:05.0985 6064 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:09:05.0995 6064 gagp30kx - ok
13:09:06.0055 6064 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:09:06.0063 6064 GEARAspiWDM - ok
13:09:06.0139 6064 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
13:09:06.0162 6064 gpsvc - ok
13:09:06.0266 6064 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:09:06.0274 6064 gupdate - ok
13:09:06.0317 6064 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:09:06.0326 6064 gupdatem - ok
13:09:06.0423 6064 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:09:06.0431 6064 gusvc - ok
13:09:06.0558 6064 Hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
13:09:06.0571 6064 Hardlock - ok
13:09:06.0633 6064 hasplms - ok
13:09:06.0694 6064 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:09:06.0706 6064 hcw85cir - ok
13:09:06.0754 6064 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:09:06.0771 6064 HdAudAddService - ok
13:09:06.0868 6064 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:09:06.0883 6064 HDAudBus - ok
13:09:06.0906 6064 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
13:09:06.0917 6064 HECIx64 - ok
13:09:07.0053 6064 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:09:07.0068 6064 HidBatt - ok
13:09:07.0130 6064 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:09:07.0145 6064 HidBth - ok
13:09:07.0202 6064 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:09:07.0218 6064 HidIr - ok
13:09:07.0271 6064 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:09:07.0301 6064 hidserv - ok
13:09:07.0403 6064 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:09:07.0415 6064 HidUsb - ok
13:09:07.0483 6064 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
13:09:07.0514 6064 hkmsvc - ok
13:09:07.0554 6064 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
13:09:07.0569 6064 HomeGroupListener - ok
13:09:07.0642 6064 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
13:09:07.0657 6064 HomeGroupProvider - ok
13:09:07.0700 6064 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:09:07.0710 6064 HpSAMD - ok
13:09:07.0802 6064 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:09:07.0838 6064 HTTP - ok
13:09:07.0867 6064 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:09:07.0876 6064 hwpolicy - ok
13:09:07.0919 6064 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:09:07.0931 6064 i8042prt - ok
13:09:08.0031 6064 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
13:09:08.0045 6064 iaStor - ok
13:09:08.0123 6064 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
13:09:08.0137 6064 iaStorV - ok
13:09:08.0199 6064 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:09:08.0216 6064 idsvc - ok
13:09:08.0311 6064 IDSVia64 - ok
13:09:08.0394 6064 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:09:08.0404 6064 iirsp - ok
13:09:08.0453 6064 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
13:09:08.0489 6064 IKEEXT - ok
13:09:08.0635 6064 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
13:09:08.0674 6064 IntcAzAudAddService - ok
13:09:08.0716 6064 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:09:08.0726 6064 intelide - ok
13:09:08.0808 6064 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:09:08.0820 6064 intelppm - ok
13:09:08.0849 6064 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:09:08.0884 6064 IPBusEnum - ok
13:09:08.0908 6064 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:09:08.0939 6064 IpFilterDriver - ok
13:09:09.0042 6064 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
13:09:09.0075 6064 iphlpsvc - ok
13:09:09.0120 6064 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:09:09.0132 6064 IPMIDRV - ok
13:09:09.0169 6064 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:09:09.0200 6064 IPNAT - ok
13:09:09.0262 6064 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe
13:09:09.0277 6064 iPod Service - ok
13:09:09.0359 6064 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:09:09.0375 6064 IRENUM - ok
13:09:09.0415 6064 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:09:09.0425 6064 isapnp - ok
13:09:09.0463 6064 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:09:09.0475 6064 iScsiPrt - ok
13:09:09.0535 6064 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:09:09.0545 6064 kbdclass - ok
13:09:09.0625 6064 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:09:09.0638 6064 kbdhid - ok
13:09:09.0674 6064 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
13:09:09.0682 6064 kbfiltr - ok
13:09:09.0755 6064 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:09:09.0769 6064 KeyIso - ok
13:09:09.0809 6064 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
13:09:09.0819 6064 KSecDD - ok
13:09:09.0845 6064 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
13:09:09.0856 6064 KSecPkg - ok
13:09:09.0934 6064 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:09:09.0966 6064 ksthunk - ok
13:09:09.0995 6064 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:09:10.0030 6064 KtmRm - ok
13:09:10.0079 6064 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:09:10.0088 6064 L1C - ok
13:09:10.0185 6064 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
13:09:10.0199 6064 LanmanServer - ok
13:09:10.0247 6064 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
13:09:10.0280 6064 LanmanWorkstation - ok
13:09:10.0354 6064 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:09:10.0384 6064 lltdio - ok
13:09:10.0424 6064 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:09:10.0456 6064 lltdsvc - ok
13:09:10.0528 6064 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:09:10.0559 6064 lmhosts - ok
13:09:10.0639 6064 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:09:10.0646 6064 LMS ( UnsignedFile.Multi.Generic ) - warning
13:09:10.0646 6064 LMS - detected UnsignedFile.Multi.Generic (1)
13:09:10.0737 6064 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:09:10.0748 6064 LSI_FC - ok
13:09:10.0765 6064 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:09:10.0776 6064 LSI_SAS - ok
13:09:10.0876 6064 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:09:10.0888 6064 LSI_SAS2 - ok
13:09:11.0053 6064 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:09:11.0063 6064 LSI_SCSI - ok
13:09:11.0104 6064 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:09:11.0134 6064 luafv - ok
13:09:11.0185 6064 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
13:09:11.0199 6064 Mcx2Svc - ok
13:09:11.0227 6064 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:09:11.0237 6064 megasas - ok
13:09:11.0287 6064 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:09:11.0299 6064 MegaSR - ok
13:09:11.0404 6064 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:09:11.0413 6064 Microsoft Office Groove Audit Service - ok
13:09:11.0485 6064 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:09:11.0516 6064 MMCSS - ok
13:09:11.0576 6064 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:09:11.0604 6064 Modem - ok
13:09:11.0641 6064 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:09:11.0655 6064 monitor - ok
13:09:11.0689 6064 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:09:11.0701 6064 mouclass - ok
13:09:11.0740 6064 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:09:11.0753 6064 mouhid - ok
13:09:11.0797 6064 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:09:11.0807 6064 mountmgr - ok
13:09:11.0840 6064 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:09:11.0852 6064 mpio - ok
13:09:11.0884 6064 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:09:11.0916 6064 mpsdrv - ok
13:09:11.0974 6064 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
13:09:12.0011 6064 MpsSvc - ok
13:09:12.0048 6064 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:09:12.0065 6064 MRxDAV - ok
13:09:12.0113 6064 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:09:12.0126 6064 mrxsmb - ok
13:09:12.0169 6064 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:09:12.0183 6064 mrxsmb10 - ok
13:09:12.0215 6064 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:09:12.0229 6064 mrxsmb20 - ok
13:09:12.0261 6064 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
13:09:12.0271 6064 msahci - ok
13:09:12.0295 6064 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:09:12.0305 6064 msdsm - ok
13:09:12.0341 6064 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:09:12.0355 6064 MSDTC - ok
13:09:12.0439 6064 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:09:12.0470 6064 Msfs - ok
13:09:12.0558 6064 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:09:12.0589 6064 mshidkmdf - ok
13:09:12.0646 6064 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:09:12.0655 6064 msisadrv - ok
13:09:12.0691 6064 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:09:12.0727 6064 MSiSCSI - ok
13:09:12.0737 6064 msiserver - ok
13:09:12.0798 6064 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:09:12.0829 6064 MSKSSRV - ok
13:09:12.0848 6064 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:09:12.0879 6064 MSPCLOCK - ok
13:09:13.0024 6064 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:09:13.0054 6064 MSPQM - ok
13:09:13.0116 6064 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:09:13.0129 6064 MsRPC - ok
13:09:13.0162 6064 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:09:13.0171 6064 mssmbios - ok
13:09:13.0232 6064 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:09:13.0262 6064 MSTEE - ok
13:09:13.0310 6064 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:09:13.0323 6064 MTConfig - ok
13:09:13.0372 6064 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
13:09:13.0380 6064 MTsensor - ok
13:09:13.0438 6064 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:09:13.0448 6064 Mup - ok
13:09:13.0521 6064 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
13:09:13.0553 6064 napagent - ok
13:09:13.0655 6064 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:09:13.0672 6064 NativeWifiP - ok
13:09:13.0772 6064 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.1.8\ccSvcHst.exe
13:09:13.0781 6064 NAV - ok
13:09:13.0840 6064 NAVENG - ok
13:09:13.0858 6064 NAVEX15 - ok
13:09:13.0935 6064 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:09:13.0954 6064 NDIS - ok
13:09:13.0989 6064 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:09:14.0019 6064 NdisCap - ok
13:09:14.0103 6064 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:09:14.0134 6064 NdisTapi - ok
13:09:14.0159 6064 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:09:14.0189 6064 Ndisuio - ok
13:09:14.0214 6064 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:09:14.0245 6064 NdisWan - ok
13:09:14.0270 6064 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:09:14.0301 6064 NDProxy - ok
13:09:14.0395 6064 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:09:14.0426 6064 NetBIOS - ok
13:09:14.0451 6064 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:09:14.0484 6064 NetBT - ok
13:09:14.0565 6064 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:09:14.0579 6064 Netlogon - ok
13:09:14.0620 6064 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:09:14.0653 6064 Netman - ok
13:09:14.0677 6064 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:09:14.0709 6064 netprofm - ok

********************** 2nd scan, second half of report ************

13:09:14.0782 6064 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:09:14.0791 6064 NetTcpPortSharing - ok
13:09:14.0882 6064 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:09:14.0891 6064 nfrd960 - ok
13:09:14.0928 6064 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
13:09:14.0960 6064 NlaSvc - ok
13:09:14.0992 6064 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:09:15.0031 6064 Npfs - ok
13:09:15.0380 6064 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:09:15.0417 6064 nsi - ok
13:09:15.0555 6064 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:09:15.0613 6064 nsiproxy - ok
13:09:15.0744 6064 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
13:09:15.0772 6064 Ntfs - ok
13:09:15.0816 6064 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:09:15.0846 6064 Null - ok
13:09:15.0950 6064 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
13:09:15.0960 6064 NVHDA - ok
13:09:16.0196 6064 nvlddmkm (240e2667aa8a63bcdf253c11a44c465c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:09:16.0353 6064 nvlddmkm - ok
13:09:16.0452 6064 nvpciflt (7e11307e8e48ee6ff73faca6c62e3be4) C:\Windows\system32\DRIVERS\nvpciflt.sys
13:09:16.0460 6064 nvpciflt - ok
13:09:16.0522 6064 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
13:09:16.0533 6064 nvraid - ok
13:09:16.0614 6064 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
13:09:16.0625 6064 nvstor - ok
13:09:16.0673 6064 nvsvc (7d77a2b349017a7b9eaef105a22e8b36) C:\Windows\system32\nvvsvc.exe
13:09:16.0683 6064 nvsvc - ok
13:09:16.0776 6064 nvUpdatusService (e0ecb3c5c905b4942d3740373605a31a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:09:16.0803 6064 nvUpdatusService - ok
13:09:16.0878 6064 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
13:09:16.0889 6064 nv_agp - ok
13:09:17.0003 6064 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:09:17.0015 6064 odserv - ok
13:09:17.0096 6064 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:09:17.0110 6064 ohci1394 - ok
13:09:17.0190 6064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:09:17.0199 6064 ose - ok
13:09:17.0275 6064 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:09:17.0292 6064 p2pimsvc - ok
13:09:17.0331 6064 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:09:17.0347 6064 p2psvc - ok
13:09:17.0387 6064 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:09:17.0401 6064 Parport - ok
13:09:17.0435 6064 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:09:17.0445 6064 partmgr - ok
13:09:17.0481 6064 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:09:17.0500 6064 PcaSvc - ok
13:09:17.0569 6064 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:09:17.0580 6064 pci - ok
13:09:17.0637 6064 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:09:17.0646 6064 pciide - ok
13:09:17.0676 6064 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:09:17.0687 6064 pcmcia - ok
13:09:17.0707 6064 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:09:17.0716 6064 pcw - ok
13:09:17.0795 6064 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:09:17.0834 6064 PEAUTH - ok
13:09:17.0893 6064 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:09:17.0908 6064 PerfHost - ok
13:09:17.0989 6064 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
13:09:18.0031 6064 pla - ok
13:09:18.0080 6064 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
13:09:18.0095 6064 PlugPlay - ok
13:09:18.0116 6064 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:09:18.0129 6064 PNRPAutoReg - ok
13:09:18.0158 6064 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:09:18.0172 6064 PNRPsvc - ok
13:09:18.0207 6064 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
13:09:18.0244 6064 PolicyAgent - ok
13:09:18.0279 6064 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:09:18.0312 6064 Power - ok
13:09:18.0398 6064 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:09:18.0431 6064 PptpMiniport - ok
13:09:18.0458 6064 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:09:18.0470 6064 Processor - ok
13:09:18.0504 6064 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
13:09:18.0536 6064 ProfSvc - ok
13:09:18.0562 6064 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:09:18.0576 6064 ProtectedStorage - ok
13:09:18.0665 6064 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:09:18.0697 6064 Psched - ok
13:09:18.0742 6064 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:09:18.0771 6064 ql2300 - ok
13:09:18.0807 6064 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:09:18.0818 6064 ql40xx - ok
13:09:18.0851 6064 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:09:18.0869 6064 QWAVE - ok
13:09:18.0886 6064 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:09:18.0906 6064 QWAVEdrv - ok
13:09:18.0936 6064 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:09:18.0967 6064 RasAcd - ok
13:09:19.0026 6064 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:09:19.0056 6064 RasAgileVpn - ok
13:09:19.0115 6064 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:09:19.0146 6064 RasAuto - ok
13:09:19.0196 6064 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:09:19.0227 6064 Rasl2tp - ok
13:09:19.0308 6064 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
13:09:19.0354 6064 RasMan - ok
13:09:19.0405 6064 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:09:19.0435 6064 RasPppoe - ok
13:09:19.0483 6064 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:09:19.0515 6064 RasSstp - ok
13:09:19.0549 6064 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:09:19.0581 6064 rdbss - ok
13:09:19.0636 6064 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:09:19.0651 6064 rdpbus - ok
13:09:19.0756 6064 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:09:19.0786 6064 RDPCDD - ok
13:09:19.0879 6064 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:09:19.0914 6064 RDPENCDD - ok
13:09:19.0932 6064 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:09:19.0966 6064 RDPREFMP - ok
13:09:19.0990 6064 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:09:20.0025 6064 RDPWD - ok
13:09:20.0089 6064 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
13:09:20.0101 6064 rdyboost - ok
13:09:20.0146 6064 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:09:20.0176 6064 RemoteAccess - ok
13:09:20.0207 6064 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:09:20.0239 6064 RemoteRegistry - ok
13:09:20.0361 6064 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:09:20.0377 6064 RFCOMM - ok
13:09:20.0476 6064 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:09:20.0485 6064 RichVideo - ok
13:09:20.0550 6064 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:09:20.0582 6064 RpcEptMapper - ok
13:09:20.0617 6064 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:09:20.0632 6064 RpcLocator - ok
13:09:20.0673 6064 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
13:09:20.0709 6064 RpcSs - ok
13:09:20.0765 6064 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:09:20.0796 6064 rspndr - ok
13:09:20.0822 6064 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:09:20.0834 6064 SamSs - ok
13:09:20.0851 6064 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:09:20.0860 6064 sbp2port - ok
13:09:20.0908 6064 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:09:20.0943 6064 SCardSvr - ok
13:09:20.0989 6064 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:09:21.0020 6064 scfilter - ok
13:09:21.0078 6064 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
13:09:21.0099 6064 Schedule - ok
13:09:21.0133 6064 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:09:21.0165 6064 SCPolicySvc - ok
13:09:21.0208 6064 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
13:09:21.0222 6064 SDRSVC - ok
13:09:21.0269 6064 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:09:21.0300 6064 secdrv - ok
13:09:21.0350 6064 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
13:09:21.0385 6064 seclogon - ok
13:09:21.0422 6064 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
13:09:21.0453 6064 SENS - ok
13:09:21.0484 6064 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:09:21.0498 6064 SensrSvc - ok
13:09:21.0540 6064 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:09:21.0553 6064 Serenum - ok
13:09:21.0652 6064 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:09:21.0665 6064 Serial - ok
13:09:21.0767 6064 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:09:21.0779 6064 sermouse - ok
13:09:21.0825 6064 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
13:09:21.0856 6064 SessionEnv - ok
13:09:21.0906 6064 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:09:21.0920 6064 sffdisk - ok
13:09:21.0941 6064 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:09:21.0952 6064 sffp_mmc - ok
13:09:21.0979 6064 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:09:21.0992 6064 sffp_sd - ok
13:09:22.0005 6064 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:09:22.0017 6064 sfloppy - ok
13:09:22.0087 6064 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:09:22.0121 6064 SharedAccess - ok
13:09:22.0165 6064 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
13:09:22.0185 6064 ShellHWDetection - ok
13:09:22.0247 6064 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
13:09:22.0260 6064 SiSGbeLH - ok
13:09:22.0305 6064 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:09:22.0315 6064 SiSRaid2 - ok
13:09:22.0334 6064 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:09:22.0345 6064 SiSRaid4 - ok
13:09:22.0446 6064 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:09:22.0477 6064 Smb - ok
13:09:22.0560 6064 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:09:22.0574 6064 SNMPTRAP - ok
13:09:22.0672 6064 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
13:09:22.0696 6064 SNP2UVC - ok
13:09:22.0814 6064 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
13:09:22.0819 6064 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:09:22.0819 6064 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:09:22.0912 6064 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:09:22.0921 6064 spldr - ok
13:09:22.0971 6064 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
13:09:22.0989 6064 Spooler - ok
13:09:23.0091 6064 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
13:09:23.0134 6064 sppsvc - ok
13:09:23.0155 6064 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:09:23.0187 6064 sppuinotify - ok
13:09:23.0342 6064 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1306010.008\SRTSP64.SYS
13:09:23.0361 6064 SRTSP - ok
13:09:23.0487 6064 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NAVx64\1306010.008\SRTSPX64.SYS
13:09:23.0495 6064 SRTSPX - ok
13:09:23.0600 6064 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:09:23.0615 6064 srv - ok
13:09:23.0665 6064 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:09:23.0679 6064 srv2 - ok
13:09:23.0769 6064 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:09:23.0782 6064 srvnet - ok
13:09:23.0827 6064 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:09:23.0859 6064 SSDPSRV - ok
13:09:23.0875 6064 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:09:23.0905 6064 SstpSvc - ok
13:09:23.0993 6064 Stereo Service (9029786ee426ce2a01e1d8d4c493c363) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:09:24.0003 6064 Stereo Service - ok
13:09:24.0074 6064 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:09:24.0083 6064 stexstor - ok
13:09:24.0127 6064 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
13:09:24.0147 6064 stisvc - ok
13:09:24.0163 6064 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:09:24.0172 6064 swenum - ok
13:09:24.0256 6064 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:09:24.0289 6064 swprv - ok
13:09:24.0391 6064 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1306010.008\SYMDS64.SYS
13:09:24.0403 6064 SymDS - ok
13:09:24.0560 6064 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1306010.008\SYMEFA64.SYS
13:09:24.0579 6064 SymEFA - ok
13:09:24.0688 6064 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:09:24.0698 6064 SymEvent - ok
13:09:24.0775 6064 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1306010.008\Ironx64.SYS
13:09:24.0785 6064 SymIRON - ok
13:09:24.0924 6064 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1306010.008\SYMNETS.SYS
13:09:24.0937 6064 SymNetS - ok
13:09:25.0032 6064 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
13:09:25.0068 6064 SysMain - ok
13:09:25.0104 6064 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
13:09:25.0120 6064 TabletInputService - ok
13:09:25.0145 6064 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
13:09:25.0177 6064 TapiSrv - ok
13:09:25.0193 6064 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:09:25.0222 6064 TBS - ok
13:09:25.0349 6064 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
13:09:25.0383 6064 Tcpip - ok
13:09:25.0502 6064 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
13:09:25.0533 6064 TCPIP6 - ok
13:09:25.0573 6064 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:09:25.0600 6064 tcpipreg - ok
13:09:25.0634 6064 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:09:25.0663 6064 TDPIPE - ok
13:09:25.0742 6064 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:09:25.0777 6064 TDTCP - ok
13:09:25.0805 6064 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:09:25.0836 6064 tdx - ok
13:09:25.0925 6064 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:09:25.0936 6064 TermDD - ok
13:09:25.0976 6064 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
13:09:26.0012 6064 TermService - ok
13:09:26.0035 6064 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:09:26.0051 6064 Themes - ok
13:09:26.0096 6064 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:09:26.0130 6064 THREADORDER - ok
13:09:26.0214 6064 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:09:26.0245 6064 TrkWks - ok
13:09:26.0302 6064 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
13:09:26.0318 6064 TrustedInstaller - ok
13:09:26.0369 6064 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:09:26.0403 6064 tssecsrv - ok
13:09:26.0458 6064 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:09:26.0488 6064 tunnel - ok
13:09:26.0538 6064 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
13:09:26.0546 6064 TurboB - ok
13:09:26.0613 6064 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:09:26.0621 6064 TurboBoost - ok
13:09:26.0735 6064 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:09:26.0745 6064 uagp35 - ok
13:09:26.0775 6064 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:09:26.0807 6064 udfs - ok
13:09:26.0861 6064 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:09:26.0875 6064 UI0Detect - ok
13:09:26.0913 6064 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:09:26.0924 6064 uliagpkx - ok
13:09:26.0964 6064 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:09:26.0977 6064 umbus - ok
13:09:27.0007 6064 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:09:27.0019 6064 UmPass - ok
13:09:27.0133 6064 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:09:27.0161 6064 UNS ( UnsignedFile.Multi.Generic ) - warning
13:09:27.0161 6064 UNS - detected UnsignedFile.Multi.Generic (1)
13:09:27.0231 6064 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:09:27.0263 6064 upnphost - ok
13:09:27.0325 6064 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
13:09:27.0337 6064 USBAAPL64 - ok
13:09:27.0407 6064 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
13:09:27.0419 6064 usbccgp - ok
13:09:27.0480 6064 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:09:27.0495 6064 usbcir - ok
13:09:27.0549 6064 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
13:09:27.0561 6064 usbehci - ok
13:09:27.0616 6064 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
13:09:27.0631 6064 usbhub - ok
13:09:27.0714 6064 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
13:09:27.0725 6064 usbohci - ok
13:09:27.0753 6064 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:09:27.0766 6064 usbprint - ok
13:09:27.0847 6064 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:09:27.0859 6064 USBSTOR - ok
13:09:27.0889 6064 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
13:09:27.0901 6064 usbuhci - ok
13:09:28.0012 6064 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
13:09:28.0025 6064 usbvideo - ok
13:09:28.0051 6064 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:09:28.0080 6064 UxSms - ok
13:09:28.0127 6064 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
13:09:28.0141 6064 VaultSvc - ok
13:09:28.0185 6064 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:09:28.0194 6064 vdrvroot - ok
13:09:28.0274 6064 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
13:09:28.0291 6064 vds - ok
13:09:28.0362 6064 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:09:28.0377 6064 vga - ok
13:09:28.0395 6064 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:09:28.0426 6064 VgaSave - ok
13:09:28.0448 6064 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:09:28.0459 6064 vhdmp - ok
13:09:28.0478 6064 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:09:28.0487 6064 viaide - ok
13:09:28.0546 6064 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe
13:09:28.0551 6064 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - warning
13:09:28.0551 6064 VideAceWindowsService - detected UnsignedFile.Multi.Generic (1)
13:09:28.0630 6064 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:09:28.0640 6064 volmgr - ok
13:09:28.0670 6064 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:09:28.0682 6064 volmgrx - ok
13:09:28.0737 6064 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:09:28.0750 6064 volsnap - ok
13:09:28.0841 6064 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:09:28.0853 6064 vsmraid - ok
13:09:28.0907 6064 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
13:09:28.0935 6064 VSS - ok
13:09:28.0954 6064 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:09:28.0970 6064 vwifibus - ok
13:09:28.0985 6064 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:09:29.0001 6064 vwififlt - ok
13:09:29.0103 6064 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:09:29.0118 6064 vwifimp - ok
13:09:29.0155 6064 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:09:29.0191 6064 W32Time - ok
13:09:29.0218 6064 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:09:29.0229 6064 WacomPen - ok
13:09:29.0322 6064 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:09:29.0359 6064 WANARP - ok
13:09:29.0384 6064 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:09:29.0417 6064 Wanarpv6 - ok
13:09:29.0521 6064 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:09:29.0543 6064 WatAdminSvc - ok
13:09:29.0595 6064 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
13:09:29.0618 6064 wbengine - ok
13:09:29.0642 6064 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:09:29.0658 6064 WbioSrvc - ok
13:09:29.0701 6064 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
13:09:29.0716 6064 wcncsvc - ok
13:09:29.0777 6064 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:09:29.0791 6064 WcsPlugInService - ok
13:09:29.0936 6064 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:09:29.0945 6064 Wd - ok
13:09:30.0037 6064 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:09:30.0057 6064 Wdf01000 - ok
13:09:30.0084 6064 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:09:30.0102 6064 WdiServiceHost - ok
13:09:30.0115 6064 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:09:30.0132 6064 WdiSystemHost - ok
13:09:30.0194 6064 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
13:09:30.0209 6064 WebClient - ok
13:09:30.0239 6064 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:09:30.0273 6064 Wecsvc - ok
13:09:30.0293 6064 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:09:30.0322 6064 wercplsupport - ok
13:09:30.0419 6064 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:09:30.0452 6064 WerSvc - ok
13:09:30.0488 6064 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:09:30.0521 6064 WfpLwf - ok
13:09:30.0597 6064 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
13:09:30.0608 6064 WimFltr - ok
13:09:30.0635 6064 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:09:30.0644 6064 WIMMount - ok
13:09:30.0686 6064 WinDefend - ok
13:09:30.0690 6064 WinHttpAutoProxySvc - ok
13:09:30.0792 6064 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:09:30.0823 6064 Winmgmt - ok
13:09:30.0907 6064 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
13:09:30.0955 6064 WinRM - ok
13:09:31.0089 6064 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
13:09:31.0103 6064 WinUsb - ok
13:09:31.0146 6064 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:09:31.0168 6064 Wlansvc - ok
13:09:31.0210 6064 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:09:31.0222 6064 WmiAcpi - ok
13:09:31.0301 6064 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:09:31.0314 6064 wmiApSrv - ok
13:09:31.0356 6064 WMPNetworkSvc - ok
13:09:31.0421 6064 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:09:31.0434 6064 WPCSvc - ok
13:09:31.0472 6064 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
13:09:31.0486 6064 WPDBusEnum - ok
13:09:31.0527 6064 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:09:31.0557 6064 ws2ifsl - ok
13:09:31.0664 6064 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
13:09:31.0678 6064 wscsvc - ok
13:09:31.0724 6064 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
13:09:31.0737 6064 WSDPrintDevice - ok
13:09:31.0787 6064 WSearch - ok
13:09:31.0862 6064 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
13:09:31.0913 6064 wuauserv - ok
13:09:31.0981 6064 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:09:32.0012 6064 WudfPf - ok
13:09:32.0078 6064 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:09:32.0107 6064 WUDFRd - ok
13:09:32.0160 6064 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
13:09:32.0189 6064 wudfsvc - ok
13:09:32.0216 6064 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:09:32.0233 6064 WwanSvc - ok
13:09:32.0288 6064 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
13:09:32.0323 6064 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
13:09:32.0323 6064 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
13:09:32.0920 6064 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:09:32.0920 6064 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:09:32.0953 6064 Boot (0x1200) (f4e459cb895541dfb8a8d76022aa4b82) \Device\Harddisk0\DR0\Partition0
13:09:32.0957 6064 \Device\Harddisk0\DR0\Partition0 - ok
13:09:32.0990 6064 Boot (0x1200) (f7b2733a3145a7ead44f1427131703a1) \Device\Harddisk0\DR0\Partition1
13:09:32.0992 6064 \Device\Harddisk0\DR0\Partition1 - ok
13:09:32.0993 6064 ============================================================
13:09:32.0993 6064 Scan finished
13:09:32.0993 6064 ============================================================
13:09:33.0001 6744 Detected object count: 6
13:09:33.0001 6744 Actual detected object count: 6
13:10:31.0396 6744 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
13:10:31.0396 6744 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:10:31.0396 6744 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:10:31.0396 6744 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:10:31.0398 6744 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
13:10:31.0398 6744 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:10:31.0399 6744 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - skipped by user
13:10:31.0399 6744 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:10:31.0559 6744 \Device\Harddisk0\DR0\# - copied to quarantine
13:10:31.0560 6744 \Device\Harddisk0\DR0 - copied to quarantine
13:10:32.0027 6744 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
13:10:32.0028 6744 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
13:10:32.0032 6744 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
13:10:32.0036 6744 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
13:10:32.0039 6744 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
13:10:32.0064 6744 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
13:10:32.0184 6744 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
13:10:32.0397 6744 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
13:10:32.0403 6744 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
13:10:32.0405 6744 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
13:10:32.0483 6744 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
13:10:32.0486 6744 \Device\Harddisk0\DR0 - ok
13:10:32.0501 6744 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
13:10:32.0501 6744 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:10:32.0501 6744 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:11:21.0978 3232 Deinitialize success

Sorry for the wait, everyone has been really busy.
Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

during initialization... got "Unexpectederror 101" but my HD is running non-stop see your email

here is a link to a screen dump of the disk issue...

https://2img.net/h/i1218.photobucket.com/albums/dd413/zap_1961/diskgoinecrazy.jpg

https://2img.net/h/i1218.photobucket.com/albums/dd413/zap_1961/diskgoinecrazy.jpg

re-ran the online scan tool.... and becasue of the disk activity, this might take a real long time.... I'm concerend that I might burn up my HD. If you can check out that link I posted from the screen dump, maybe we can figure that out and then move back to this issue. The only thing I did outside my normal routine yesterday was let my PC hybernate on it's own rather than shutting it down..... and since then the HD activity has gone crazy.

okay let's rerun these:
Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

Then:

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Choose Change Parameters and make sure all the options are checked
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Note:It will also create a log in the C:\ directory.

OK, so I got the files and rebooted into safe mode and ran the files. Then I ran commy, it told me norton was on and said I should turn it off. So I click OK and it took and ran anyways. I tried to figure out how to turn off Norton in safe mode and could not figure it out..... and I thought in safe mode it was off anyways. I will paste the results next. When I ran TDSSKILLER if gives me the option to skip/quarantine/delete 5 files. They are LMS, UNS, Solidworks Licensing Service, VideAceWindowsService & \Device\harddisk0\DR0. I will quarantine all but the solidworks for now. I did not see how to generate a report, I will rerun again. It said it quarantined 13 items in total.

BTW, I can't remember if I told you yesterday Malwarebytes said it found a Trojan when I ran a quick scan. It claimed it was c:winsows\svchost.exe (Trojan.Agent) -> Quarantined and Deleted successfully.... It said I had to reboot to kill all the way, so I did restart and the HD problem was still there. I did not restart into "safe mode" however......

Last edited by zap_1961 on 29th March 2012, 7:15 pm; edited 1 time in total

*************** report from Commy ****************
ComboFix 12-03-29.02 - Scott 03/29/2012 8:33.3.8 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6069.4819 [GMT -7:00]
Running from: c:\users\Scott\Desktop\commy.exe
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\CCXPButton.ocx
.
.
((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-29 )))))))))))))))))))))))))))))))
.
.
2012-03-29 15:40 . 2012-03-29 15:40 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-03-29 15:40 . 2012-03-29 15:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-29 15:40 . 2012-03-29 15:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-28 18:33 . 2012-03-29 15:21 -------- d-----w- c:\users\Scott\Tracing
2012-03-28 18:04 . 2012-03-28 18:04 -------- d-----w- c:\program files (x86)\ESET
2012-03-23 22:58 . 2012-03-28 22:17 -------- d-----w- C:\Samsung adaptor board
2012-03-23 19:50 . 2012-03-28 17:12 -------- d-----w- C:\Samsung Image Head
2012-03-23 18:57 . 2012-03-28 23:00 -------- d-----w- C:\Samsung Image Processing
2012-03-21 20:05 . 2012-03-21 20:10 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-18 15:47 . 2012-03-18 15:47 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 15:47 . 2012-03-18 15:47 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-12 14:45 . 2012-03-12 14:45 -------- d-----w- C:\_OTL
2012-03-09 20:35 . 2012-03-09 20:35 -------- d-----w- c:\users\Scott\AppData\Roaming\Safer Networking
2012-03-09 20:33 . 2012-03-09 20:33 -------- d-----w- c:\program files (x86)\Safer Networking
2012-03-09 14:36 . 2012-03-28 15:17 -------- d-----w- c:\program files\Symantec
2012-03-09 14:36 . 2012-03-28 15:07 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-09 14:36 . 2012-03-09 14:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-03-09 14:33 . 2012-03-28 17:20 -------- d-----w- c:\windows\system32\drivers\NAVx64
2012-03-09 14:32 . 2012-03-09 14:33 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2012-03-09 14:29 . 2012-03-09 14:29 -------- d-----w- c:\programdata\PCSettings
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\users\Scott\AppData\Roaming\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\programdata\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-29 15:20 . 2010-11-29 18:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-02-22 20:43 . 2011-02-14 23:29 286720 ----a-w- c:\windows\iun505.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-14_23.56.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-01-18 16:20 . 2012-03-14 14:23 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2012-01-18 16:20 . 2012-03-19 14:35 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-10-29 16:21 . 2012-03-29 15:23 52538 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-29 15:23 37306 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-29 18:55 . 2012-03-29 15:23 14580 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1469825858-3757968985-3060953023-1001_UserData.bin
+ 2012-03-28 15:04 . 2012-01-17 22:33 37496 c:\windows\system32\drivers\NAVx64\1306020.00A\srtspx64.sys
- 2010-11-30 09:47 . 2012-03-13 14:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-30 09:47 . 2012-03-28 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-11 16:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-29 18:55 . 2012-03-29 15:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-29 18:55 . 2012-03-14 14:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-29 18:55 . 2012-03-14 14:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-29 18:55 . 2012-03-29 15:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-25 06:44 . 2012-03-25 06:44 25600 c:\windows\Installer\36663ca.msi
+ 2010-11-29 21:54 . 2012-03-23 00:35 3614 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-03-28 15:02 . 2012-01-17 22:45 4782 c:\windows\system32\drivers\NAVx64\1306020.00A\symvtcer.dat
+ 2012-03-29 15:20 . 2012-03-29 15:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-14 14:23 . 2012-03-14 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-29 15:20 . 2012-03-29 15:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-14 14:23 . 2012-03-14 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-17 17:56 . 2012-03-14 23:36 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-04-17 17:56 . 2012-03-21 14:25 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-28 18:02 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 18:02 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 02:04 . 2012-03-28 14:32 365944 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-11-30 05:02 . 2012-03-24 20:09 209962 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-03-14 14:28 627316 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-29 15:25 627316 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-14 14:28 107600 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-03-29 15:25 107600 c:\windows\system32\perfc009.dat
+ 2012-03-28 15:04 . 2012-01-17 22:46 405624 c:\windows\system32\drivers\NAVx64\1306020.00A\symnets.sys
+ 2012-03-28 15:04 . 2011-07-26 02:18 451192 c:\windows\system32\drivers\NAVx64\1306020.00A\symds64.sys
+ 2012-03-28 15:04 . 2012-01-17 22:33 738936 c:\windows\system32\drivers\NAVx64\1306020.00A\srtsp64.sys
+ 2012-03-28 15:04 . 2012-01-17 22:35 190072 c:\windows\system32\drivers\NAVx64\1306020.00A\ironx64.sys
+ 2012-03-28 15:04 . 2011-11-29 22:44 167048 c:\windows\system32\drivers\NAVx64\1306020.00A\ccsetx64.sys
+ 2009-07-14 05:12 . 2012-03-26 04:26 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-03-11 16:13 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-01-11 21:53 . 2011-05-09 20:01 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-11 21:53 . 2012-03-18 16:33 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-03-13 23:37 421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-29 15:05 421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:54 . 2012-03-28 18:02 2326528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 2326528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-03-28 15:04 . 2012-01-17 22:45 1092728 c:\windows\system32\drivers\NAVx64\1306020.00A\symefa64.sys
+ 2010-10-29 16:34 . 2012-03-29 15:05 3972504 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 02:34 . 2012-03-28 22:56 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-03-14 20:27 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-01-12 16:00 . 2012-03-29 15:05 60724228 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1469825858-3757968985-3060953023-1001-12288.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\NCH_EN\prxtbNCH0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-10-29 2429]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-14 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-2 1080608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-29 12862]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-1-5 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-03-03 1157240]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1306020.00A\ccSetx64.sys [x]
R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120327.002\IDSvia64.sys [2012-03-08 488568]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1306020.00A\Ironx64.SYS [x]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1306020.00A\SYMNETS.SYS [x]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
R2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-16 249648]
R2 Cadence License Manager;Cadence License Manager;c:\cadence\LicenseManager\lmgrd.exe [2010-01-11 1722704]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [x]
R2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe [2012-01-17 138232]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-08-17 1620584]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-08-17 235624]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-08 195336]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1306020.00A\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1306020.00A\SYMEFA64.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-28 2121320]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hn6tdypz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-03-29 08:43:18
ComboFix-quarantined-files.txt 2012-03-29 15:43
ComboFix2.txt 2012-03-18 17:11
ComboFix3.txt 2012-03-15 00:20
.
Pre-Run: 41,278,992,384 bytes free
Post-Run: 40,982,380,544 bytes free
.
- - End Of File - - 25A8C3EEA129802B28F48C9C185A9439

********* 032912 report 1 from TDSSKILLER ***************

*************** first 1/3 of report ********************

0:04:37.0903 1188 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
10:04:37.0903 1188 ============================================================
10:04:37.0903 1188 Current date / time: 2012/03/29 10:04:37.0903
10:04:37.0903 1188 SystemInfo:
10:04:37.0903 1188
10:04:37.0903 1188 OS Version: 6.1.7600 ServicePack: 0.0
10:04:37.0903 1188 Product type: Workstation
10:04:37.0903 1188 ComputerName: ZAPLAP2
10:04:37.0903 1188 UserName: Scott
10:04:37.0903 1188 Windows directory: C:\Windows
10:04:37.0903 1188 System windows directory: C:\Windows
10:04:37.0903 1188 Running under WOW64
10:04:37.0903 1188 Processor architecture: Intel x64
10:04:37.0903 1188 Number of processors: 8
10:04:37.0903 1188 Page size: 0x1000
10:04:37.0903 1188 Boot type: Safe boot
10:04:37.0903 1188 ============================================================
10:04:38.0402 1188 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:04:38.0402 1188 \Device\Harddisk0\DR0:
10:04:38.0402 1188 MBR used
10:04:38.0402 1188 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x12A147D1
10:04:38.0417 1188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1550F000, BlocksNum 0x35348800
10:04:38.0511 1188 Initialize success
10:04:38.0511 1188 ============================================================
10:04:54.0813 1004 ============================================================
10:04:54.0813 1004 Scan started
10:04:54.0813 1004 Mode: Manual;
10:04:54.0813 1004 ============================================================
10:04:55.0156 1004 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
10:04:55.0156 1004 1394ohci - ok
10:04:55.0203 1004 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
10:04:55.0203 1004 ACPI - ok
10:04:55.0234 1004 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
10:04:55.0234 1004 AcpiPmi - ok
10:04:55.0281 1004 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:04:55.0281 1004 adp94xx - ok
10:04:55.0312 1004 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:04:55.0312 1004 adpahci - ok
10:04:55.0343 1004 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:04:55.0343 1004 adpu320 - ok
10:04:55.0375 1004 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:04:55.0375 1004 AeLookupSvc - ok
10:04:55.0437 1004 AFBAgent (734d1ba96be6ad8d04e6afead569ea8a) C:\Windows\system32\FBAgent.exe
10:04:55.0437 1004 AFBAgent - ok
10:04:55.0515 1004 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
10:04:55.0515 1004 AFD - ok
10:04:55.0562 1004 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
10:04:55.0562 1004 agp440 - ok
10:04:55.0609 1004 aksdf (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\DRIVERS\aksdf.sys
10:04:55.0609 1004 aksdf - ok
10:04:55.0640 1004 aksfridge (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
10:04:55.0640 1004 aksfridge - ok
10:04:55.0671 1004 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
10:04:55.0671 1004 akshasp - ok
10:04:55.0687 1004 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
10:04:55.0687 1004 akshhl - ok
10:04:55.0733 1004 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
10:04:55.0733 1004 aksusb - ok
10:04:55.0765 1004 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:04:55.0765 1004 ALG - ok
10:04:55.0811 1004 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
10:04:55.0811 1004 aliide - ok
10:04:55.0843 1004 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
10:04:55.0843 1004 amdide - ok
10:04:55.0874 1004 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:04:55.0874 1004 AmdK8 - ok
10:04:55.0905 1004 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:04:55.0905 1004 AmdPPM - ok
10:04:55.0936 1004 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
10:04:55.0936 1004 amdsata - ok
10:04:55.0983 1004 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:04:55.0983 1004 amdsbs - ok
10:04:56.0045 1004 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
10:04:56.0045 1004 amdxata - ok
10:04:56.0108 1004 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
10:04:56.0108 1004 AmUStor - ok
10:04:56.0170 1004 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:04:56.0170 1004 AppID - ok
10:04:56.0217 1004 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:04:56.0217 1004 AppIDSvc - ok
10:04:56.0233 1004 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
10:04:56.0233 1004 Appinfo - ok
10:04:56.0326 1004 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:56.0326 1004 Apple Mobile Device - ok
10:04:56.0435 1004 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:04:56.0435 1004 arc - ok
10:04:56.0451 1004 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:04:56.0451 1004 arcsas - ok
10:04:56.0529 1004 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
10:04:56.0529 1004 ASLDRService - ok
10:04:56.0560 1004 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
10:04:56.0560 1004 ASMMAP64 - ok
10:04:56.0638 1004 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:56.0638 1004 AsyncMac - ok
10:04:56.0669 1004 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
10:04:56.0669 1004 atapi - ok
10:04:56.0747 1004 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
10:04:56.0763 1004 athr - ok
10:04:56.0825 1004 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
10:04:56.0825 1004 ATKGFNEXSrv - ok
10:04:56.0903 1004 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:04:56.0903 1004 AudioEndpointBuilder - ok
10:04:56.0935 1004 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:04:56.0935 1004 AudioSrv - ok
10:04:57.0028 1004 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
10:04:57.0028 1004 AxInstSV - ok
10:04:57.0091 1004 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:04:57.0091 1004 b06bdrv - ok
10:04:57.0153 1004 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:04:57.0153 1004 b57nd60a - ok
10:04:57.0293 1004 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:04:57.0293 1004 BBSvc - ok
10:04:57.0403 1004 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:04:57.0403 1004 BBUpdate - ok
10:04:57.0465 1004 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:04:57.0481 1004 BDESVC - ok
10:04:57.0543 1004 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:04:57.0543 1004 Beep - ok
10:04:57.0621 1004 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
10:04:57.0621 1004 BFE - ok
10:04:57.0777 1004 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:04:57.0777 1004 BHDrvx64 - ok
10:04:57.0871 1004 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
10:04:57.0871 1004 BITS - ok
10:04:57.0933 1004 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:04:57.0933 1004 blbdrive - ok
10:04:58.0011 1004 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:04:58.0011 1004 Bonjour Service - ok
10:04:58.0105 1004 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:04:58.0105 1004 bowser - ok
10:04:58.0151 1004 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:04:58.0151 1004 BrFiltLo - ok
10:04:58.0167 1004 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:04:58.0167 1004 BrFiltUp - ok
10:04:58.0261 1004 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:04:58.0261 1004 BridgeMP - ok
10:04:58.0292 1004 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
10:04:58.0292 1004 Browser - ok
10:04:58.0323 1004 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:04:58.0323 1004 Brserid - ok
10:04:58.0354 1004 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:04:58.0354 1004 BrSerWdm - ok
10:04:58.0401 1004 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:58.0401 1004 BrUsbMdm - ok
10:04:58.0401 1004 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:58.0401 1004 BrUsbSer - ok
10:04:58.0448 1004 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:04:58.0448 1004 BthEnum - ok
10:04:58.0495 1004 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:58.0495 1004 BTHMODEM - ok
10:04:58.0526 1004 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:04:58.0526 1004 BthPan - ok
10:04:58.0573 1004 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
10:04:58.0588 1004 BTHPORT - ok
10:04:58.0635 1004 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:04:58.0635 1004 bthserv - ok
10:04:58.0666 1004 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
10:04:58.0666 1004 BTHUSB - ok
10:04:58.0697 1004 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
10:04:58.0697 1004 btusbflt - ok
10:04:58.0744 1004 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
10:04:58.0744 1004 btwaudio - ok
10:04:58.0775 1004 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
10:04:58.0775 1004 btwavdt - ok
10:04:58.0869 1004 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:04:58.0869 1004 btwdins - ok
10:04:58.0963 1004 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:04:58.0963 1004 btwl2cap - ok
10:04:58.0994 1004 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
10:04:58.0994 1004 btwrchid - ok
10:04:59.0087 1004 Cadence License Manager (647cd6b1ae2b42b7f27706a6a72e3ddc) C:\Cadence\LicenseManager\lmgrd.exe
10:04:59.0103 1004 Cadence License Manager - ok
10:04:59.0165 1004 catchme - ok
10:04:59.0290 1004 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306020.00A\ccSetx64.sys
10:04:59.0290 1004 ccSet_NAV - ok
10:04:59.0337 1004 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:04:59.0337 1004 cdfs - ok
10:04:59.0415 1004 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:04:59.0415 1004 cdrom - ok
10:04:59.0462 1004 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:04:59.0462 1004 CertPropSvc - ok
10:04:59.0509 1004 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:04:59.0509 1004 circlass - ok
10:04:59.0540 1004 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:04:59.0540 1004 CLFS - ok
10:04:59.0602 1004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:59.0602 1004 clr_optimization_v2.0.50727_32 - ok
10:04:59.0649 1004 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:59.0649 1004 clr_optimization_v2.0.50727_64 - ok
10:04:59.0743 1004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:59.0743 1004 clr_optimization_v4.0.30319_32 - ok
10:04:59.0774 1004 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:59.0774 1004 clr_optimization_v4.0.30319_64 - ok
10:04:59.0867 1004 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:59.0883 1004 CmBatt - ok
10:04:59.0899 1004 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
10:04:59.0899 1004 cmdide - ok
10:04:59.0914 1004 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
10:04:59.0930 1004 CNG - ok
10:05:00.0039 1004 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:05:00.0039 1004 Compbatt - ok
10:05:00.0070 1004 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:05:00.0070 1004 CompositeBus - ok
10:05:00.0101 1004 COMSysApp - ok
10:05:00.0117 1004 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:05:00.0117 1004 crcdisk - ok
10:05:00.0211 1004 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
10:05:00.0211 1004 CryptSvc - ok
10:05:00.0273 1004 CYUSB (e9e37e84a5431b51cec9d4fd39534901) C:\Windows\system32\Drivers\CYUSB.sys
10:05:00.0273 1004 CYUSB - ok
10:05:00.0320 1004 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
10:05:00.0320 1004 DcomLaunch - ok
10:05:00.0367 1004 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:05:00.0367 1004 defragsvc - ok
10:05:00.0413 1004 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:05:00.0413 1004 DfsC - ok
10:05:00.0460 1004 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
10:05:00.0460 1004 Dhcp - ok
10:05:00.0507 1004 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:05:00.0507 1004 discache - ok
10:05:00.0569 1004 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:05:00.0569 1004 Disk - ok
10:05:00.0601 1004 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
10:05:00.0601 1004 Dnscache - ok
10:05:00.0647 1004 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
10:05:00.0647 1004 dot3svc - ok
10:05:00.0679 1004 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
10:05:00.0679 1004 DPS - ok
10:05:00.0725 1004 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:05:00.0725 1004 drmkaud - ok
10:05:00.0788 1004 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:05:00.0788 1004 DXGKrnl - ok
10:05:00.0835 1004 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:05:00.0835 1004 EapHost - ok
10:05:00.0928 1004 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:05:00.0944 1004 ebdrv - ok
10:05:01.0053 1004 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:05:01.0053 1004 eeCtrl - ok
10:05:01.0115 1004 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
10:05:01.0115 1004 EFS - ok
10:05:01.0209 1004 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
10:05:01.0209 1004 ehRecvr - ok
10:05:01.0225 1004 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:05:01.0225 1004 ehSched - ok
10:05:01.0349 1004 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:05:01.0349 1004 elxstor - ok
10:05:01.0396 1004 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
10:05:01.0396 1004 ErrDev - ok
10:05:01.0505 1004 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
10:05:01.0505 1004 ETD - ok
10:05:01.0568 1004 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:05:01.0568 1004 EventSystem - ok
10:05:01.0599 1004 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:05:01.0599 1004 exfat - ok
10:05:01.0630 1004 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:05:01.0630 1004 fastfat - ok
10:05:01.0693 1004 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
10:05:01.0693 1004 Fax - ok
10:05:01.0755 1004 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:05:01.0755 1004 fdc - ok
10:05:01.0802 1004 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:05:01.0802 1004 fdPHost - ok
10:05:01.0817 1004 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:05:01.0817 1004 FDResPub - ok
10:05:01.0833 1004 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:05:01.0833 1004 FileInfo - ok
10:05:01.0849 1004 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:05:01.0849 1004 Filetrace - ok
10:05:01.0880 1004 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:05:01.0880 1004 flpydisk - ok
10:05:01.0927 1004 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:05:01.0927 1004 FltMgr - ok
10:05:01.0973 1004 FLxHCIc (480e31b064e6f7b4eaab8b00437298b6) C:\Windows\system32\DRIVERS\FLxHCIc.sys
10:05:01.0973 1004 FLxHCIc - ok
10:05:02.0005 1004 FLxHCIh (e9cf4c5a0c31197351f89a1df4522b96) C:\Windows\system32\DRIVERS\FLxHCIh.sys
10:05:02.0005 1004 FLxHCIh - ok
10:05:02.0067 1004 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
10:05:02.0083 1004 FontCache - ok
10:05:02.0176 1004 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:05:02.0192 1004 FontCache3.0.0.0 - ok
10:05:02.0254 1004 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:05:02.0254 1004 FsDepends - ok
10:05:02.0285 1004 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
10:05:02.0285 1004 fssfltr - ok
10:05:02.0363 1004 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:05:02.0363 1004 fsssvc - ok
10:05:02.0441 1004 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:05:02.0441 1004 Fs_Rec - ok
10:05:02.0488 1004 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:05:02.0488 1004 fvevol - ok
10:05:02.0535 1004 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:05:02.0535 1004 gagp30kx - ok
10:05:02.0566 1004 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:05:02.0566 1004 GEARAspiWDM - ok
10:05:02.0613 1004 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
10:05:02.0613 1004 gpsvc - ok
10:05:02.0722 1004 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:05:02.0722 1004 gupdate - ok
10:05:02.0753 1004 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:05:02.0753 1004 gupdatem - ok
10:05:02.0816 1004 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:05:02.0816 1004 gusvc - ok
10:05:02.0956 1004 Hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
10:05:02.0956 1004 Hardlock - ok
10:05:02.0987 1004 hasplms - ok
10:05:03.0003 1004 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:05:03.0003 1004 hcw85cir - ok
10:05:03.0050 1004 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:05:03.0050 1004 HdAudAddService - ok
10:05:03.0128 1004 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:05:03.0128 1004 HDAudBus - ok
10:05:03.0159 1004 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:05:03.0159 1004 HECIx64 - ok
10:05:03.0175 1004 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:05:03.0175 1004 HidBatt - ok
10:05:03.0190 1004 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:05:03.0206 1004 HidBth - ok
10:05:03.0221 1004 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:05:03.0221 1004 HidIr - ok
10:05:03.0253 1004 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:05:03.0253 1004 hidserv - ok
10:05:03.0315 1004 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:05:03.0315 1004 HidUsb - ok
10:05:03.0362 1004 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
10:05:03.0362 1004 hkmsvc - ok
10:05:03.0377 1004 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
10:05:03.0393 1004 HomeGroupListener - ok
10:05:03.0440 1004 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
10:05:03.0440 1004 HomeGroupProvider - ok
10:05:03.0487 1004 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:05:03.0487 1004 HpSAMD - ok
10:05:03.0533 1004 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:05:03.0533 1004 HTTP - ok
10:05:03.0565 1004 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:05:03.0565 1004 hwpolicy - ok
10:05:03.0580 1004 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:05:03.0580 1004 i8042prt - ok
10:05:03.0611 1004 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
10:05:03.0611 1004 iaStor - ok
10:05:03.0689 1004 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
10:05:03.0689 1004 iaStorV - ok
10:05:03.0783 1004 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:05:03.0783 1004 idsvc - ok
10:05:03.0923 1004 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120327.002\IDSvia64.sys
10:05:03.0939 1004 IDSVia64 - ok
10:05:04.0048 1004 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:05:04.0048 1004 iirsp - ok
10:05:04.0095 1004 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
10:05:04.0095 1004 IKEEXT - ok
10:05:04.0204 1004 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
10:05:04.0220 1004 IntcAzAudAddService - ok
10:05:04.0267 1004 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
10:05:04.0267 1004 intelide - ok
10:05:04.0282 1004 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:05:04.0282 1004 intelppm - ok
10:05:04.0329 1004 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:05:04.0329 1004 IPBusEnum - ok
10:05:04.0345 1004 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:05:04.0345 1004 IpFilterDriver - ok
10:05:04.0376 1004 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
10:05:04.0391 1004 iphlpsvc - ok
10:05:04.0454 1004 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:05:04.0454 1004 IPMIDRV - ok
10:05:04.0469 1004 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:05:04.0469 1004 IPNAT - ok
10:05:04.0532 1004 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe
10:05:04.0547 1004 iPod Service - ok
10:05:04.0625 1004 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:05:04.0625 1004 IRENUM - ok
10:05:04.0641 1004 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
10:05:04.0641 1004 isapnp - ok
10:05:04.0672 1004 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
10:05:04.0672 1004 iScsiPrt - ok
10:05:04.0703 1004 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:05:04.0703 1004 kbdclass - ok
10:05:04.0735 1004 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
10:05:04.0735 1004 kbdhid - ok
10:05:04.0781 1004 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
10:05:04.0781 1004 kbfiltr - ok
10:05:04.0813 1004 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:04.0813 1004 KeyIso - ok
10:05:04.0844 1004 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
10:05:04.0844 1004 KSecDD - ok
10:05:04.0875 1004 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
10:05:04.0875 1004 KSecPkg - ok
10:05:04.0906 1004 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:05:04.0906 1004 ksthunk - ok
10:05:04.0953 1004 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:05:04.0953 1004 KtmRm - ok
10:05:05.0015 1004 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
10:05:05.0015 1004 L1C - ok
10:05:05.0078 1004 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
10:05:05.0078 1004 LanmanServer - ok
10:05:05.0140 1004 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
10:05:05.0140 1004 LanmanWorkstation - ok
10:05:05.0171 1004 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:05:05.0171 1004 lltdio - ok
10:05:05.0203 1004 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:05:05.0203 1004 lltdsvc - ok
10:05:05.0234 1004 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:05:05.0234 1004 lmhosts - ok
10:05:05.0312 1004 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:05:05.0312 1004 LMS - ok
10:05:05.0421 1004 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:05:05.0421 1004 LSI_FC - ok
10:05:05.0437 1004 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:05:05.0437 1004 LSI_SAS - ok
10:05:05.0499 1004 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:05:05.0499 1004 LSI_SAS2 - ok
10:05:05.0530 1004 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:05:05.0530 1004 LSI_SCSI - ok
10:05:05.0561 1004 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:05:05.0577 1004 luafv - ok
10:05:05.0593 1004 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
10:05:05.0593 1004 Mcx2Svc - ok
10:05:05.0624 1004 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:05:05.0624 1004 megasas - ok
10:05:05.0655 1004 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:05:05.0655 1004 MegaSR - ok
10:05:05.0749 1004 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:05:05.0764 1004 Microsoft Office Groove Audit Service - ok
10:05:05.0842 1004 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:05:05.0842 1004 MMCSS - ok
10:05:05.0873 1004 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:05:05.0873 1004 Modem - ok
10:05:05.0905 1004 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:05:05.0905 1004 monitor - ok
10:05:05.0936 1004 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:05:05.0936 1004 mouclass - ok
10:05:05.0967 1004 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:05:05.0967 1004 mouhid - ok
10:05:05.0983 1004 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
10:05:05.0983 1004 mountmgr - ok
10:05:06.0014 1004 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
10:05:06.0014 1004 mpio - ok

**************** 2/3 of the report ***********************
1
10:05:06.0045 1004 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:05:06.0045 1004 mpsdrv - ok
10:05:06.0076 1004 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
10:05:06.0076 1004 MpsSvc - ok
10:05:06.0107 1004 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
10:05:06.0107 1004 MRxDAV - ok
10:05:06.0139 1004 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:05:06.0139 1004 mrxsmb - ok
10:05:06.0185 1004 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:05:06.0185 1004 mrxsmb10 - ok
10:05:06.0201 1004 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:05:06.0201 1004 mrxsmb20 - ok
10:05:06.0232 1004 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
10:05:06.0232 1004 msahci - ok
10:05:06.0263 1004 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
10:05:06.0263 1004 msdsm - ok
10:05:06.0295 1004 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:05:06.0310 1004 MSDTC - ok
10:05:06.0373 1004 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:05:06.0373 1004 Msfs - ok
10:05:06.0388 1004 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:05:06.0388 1004 mshidkmdf - ok
10:05:06.0419 1004 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
10:05:06.0419 1004 msisadrv - ok
10:05:06.0451 1004 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:05:06.0451 1004 MSiSCSI - ok
10:05:06.0482 1004 msiserver - ok
10:05:06.0529 1004 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:05:06.0529 1004 MSKSSRV - ok
10:05:06.0560 1004 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:05:06.0560 1004 MSPCLOCK - ok
10:05:06.0575 1004 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:05:06.0575 1004 MSPQM - ok
10:05:06.0591 1004 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
10:05:06.0591 1004 MsRPC - ok
10:05:06.0622 1004 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:05:06.0622 1004 mssmbios - ok
10:05:06.0653 1004 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:05:06.0653 1004 MSTEE - ok
10:05:06.0669 1004 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:05:06.0669 1004 MTConfig - ok
10:05:06.0716 1004 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
10:05:06.0716 1004 MTsensor - ok
10:05:06.0747 1004 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:05:06.0747 1004 Mup - ok
10:05:06.0778 1004 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
10:05:06.0794 1004 napagent - ok
10:05:06.0841 1004 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:05:06.0841 1004 NativeWifiP - ok
10:05:07.0012 1004 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe
10:05:07.0012 1004 NAV - ok
10:05:07.0153 1004 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120328.002\ENG64.SYS
10:05:07.0153 1004 NAVENG - ok
10:05:07.0246 1004 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120328.002\EX64.SYS
10:05:07.0262 1004 NAVEX15 - ok
10:05:07.0355 1004 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
10:05:07.0371 1004 NDIS - ok
10:05:07.0402 1004 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:05:07.0402 1004 NdisCap - ok
10:05:07.0449 1004 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:05:07.0449 1004 NdisTapi - ok
10:05:07.0465 1004 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
10:05:07.0465 1004 Ndisuio - ok
10:05:07.0511 1004 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:05:07.0511 1004 NdisWan - ok
10:05:07.0527 1004 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
10:05:07.0527 1004 NDProxy - ok
10:05:07.0558 1004 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:05:07.0558 1004 NetBIOS - ok
10:05:07.0589 1004 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
10:05:07.0589 1004 NetBT - ok
10:05:07.0621 1004 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:07.0621 1004 Netlogon - ok
10:05:07.0667 1004 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:05:07.0667 1004 Netman - ok
10:05:07.0699 1004 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:05:07.0699 1004 netprofm - ok
10:05:07.0777 1004 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:05:07.0777 1004 NetTcpPortSharing - ok
10:05:07.0839 1004 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:05:07.0839 1004 nfrd960 - ok
10:05:07.0886 1004 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
10:05:07.0901 1004 NlaSvc - ok
10:05:07.0917 1004 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:05:07.0917 1004 Npfs - ok
10:05:07.0948 1004 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:05:07.0948 1004 nsi - ok
10:05:07.0979 1004 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:05:07.0979 1004 nsiproxy - ok
10:05:08.0042 1004 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
10:05:08.0057 1004 Ntfs - ok
10:05:08.0073 1004 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:05:08.0089 1004 Null - ok
10:05:08.0120 1004 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
10:05:08.0120 1004 NVHDA - ok
10:05:08.0354 1004 nvlddmkm (240e2667aa8a63bcdf253c11a44c465c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:05:08.0416 1004 nvlddmkm - ok
10:05:08.0479 1004 nvpciflt (7e11307e8e48ee6ff73faca6c62e3be4) C:\Windows\system32\DRIVERS\nvpciflt.sys
10:05:08.0479 1004 nvpciflt - ok
10:05:08.0541 1004 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
10:05:08.0541 1004 nvraid - ok
10:05:08.0588 1004 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
10:05:08.0588 1004 nvstor - ok
10:05:08.0635 1004 nvsvc (7d77a2b349017a7b9eaef105a22e8b36) C:\Windows\system32\nvvsvc.exe
10:05:08.0635 1004 nvsvc - ok
10:05:08.0728 1004 nvUpdatusService (e0ecb3c5c905b4942d3740373605a31a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:05:08.0744 1004 nvUpdatusService - ok
10:05:08.0822 1004 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
10:05:08.0822 1004 nv_agp - ok
10:05:08.0931 1004 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:05:08.0931 1004 odserv - ok
10:05:09.0009 1004 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
10:05:09.0009 1004 ohci1394 - ok
10:05:09.0103 1004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:05:09.0103 1004 ose - ok
10:05:09.0165 1004 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:05:09.0181 1004 p2pimsvc - ok
10:05:09.0212 1004 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:05:09.0212 1004 p2psvc - ok
10:05:09.0259 1004 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:05:09.0259 1004 Parport - ok
10:05:09.0274 1004 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
10:05:09.0274 1004 partmgr - ok
10:05:09.0305 1004 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:05:09.0305 1004 PcaSvc - ok
10:05:09.0337 1004 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
10:05:09.0337 1004 pci - ok
10:05:09.0352 1004 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:05:09.0352 1004 pciide - ok
10:05:09.0368 1004 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:05:09.0368 1004 pcmcia - ok
10:05:09.0383 1004 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:05:09.0383 1004 pcw - ok
10:05:09.0430 1004 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:05:09.0430 1004 PEAUTH - ok
10:05:09.0477 1004 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:05:09.0477 1004 PerfHost - ok
10:05:09.0555 1004 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
10:05:09.0571 1004 pla - ok
10:05:09.0617 1004 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
10:05:09.0617 1004 PlugPlay - ok
10:05:09.0649 1004 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:05:09.0649 1004 PNRPAutoReg - ok
10:05:09.0664 1004 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:05:09.0664 1004 PNRPsvc - ok
10:05:09.0695 1004 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
10:05:09.0711 1004 PolicyAgent - ok
10:05:09.0742 1004 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:05:09.0742 1004 Power - ok
10:05:09.0789 1004 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
10:05:09.0789 1004 PptpMiniport - ok
10:05:09.0805 1004 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:05:09.0805 1004 Processor - ok
10:05:09.0851 1004 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
10:05:09.0851 1004 ProfSvc - ok
10:05:09.0898 1004 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:09.0898 1004 ProtectedStorage - ok
10:05:09.0961 1004 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
10:05:09.0961 1004 Psched - ok
10:05:10.0007 1004 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:05:10.0007 1004 ql2300 - ok
10:05:10.0039 1004 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:05:10.0039 1004 ql40xx - ok
10:05:10.0085 1004 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:05:10.0085 1004 QWAVE - ok
10:05:10.0148 1004 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:05:10.0148 1004 QWAVEdrv - ok
10:05:10.0179 1004 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:05:10.0179 1004 RasAcd - ok
10:05:10.0210 1004 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:05:10.0210 1004 RasAgileVpn - ok
10:05:10.0241 1004 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:05:10.0241 1004 RasAuto - ok
10:05:10.0273 1004 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:05:10.0288 1004 Rasl2tp - ok
10:05:10.0304 1004 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
10:05:10.0304 1004 RasMan - ok
10:05:10.0351 1004 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:05:10.0351 1004 RasPppoe - ok
10:05:10.0351 1004 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:05:10.0351 1004 RasSstp - ok
10:05:10.0382 1004 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
10:05:10.0382 1004 rdbss - ok
10:05:10.0397 1004 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:05:10.0397 1004 rdpbus - ok
10:05:10.0429 1004 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:05:10.0429 1004 RDPCDD - ok
10:05:10.0460 1004 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:05:10.0460 1004 RDPENCDD - ok
10:05:10.0491 1004 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:05:10.0491 1004 RDPREFMP - ok
10:05:10.0522 1004 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
10:05:10.0522 1004 RDPWD - ok
10:05:10.0553 1004 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
10:05:10.0553 1004 rdyboost - ok
10:05:10.0585 1004 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:05:10.0600 1004 RemoteAccess - ok
10:05:10.0616 1004 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:05:10.0631 1004 RemoteRegistry - ok
10:05:10.0678 1004 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:05:10.0678 1004 RFCOMM - ok
10:05:10.0772 1004 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:05:10.0787 1004 RichVideo - ok
10:05:10.0865 1004 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:05:10.0865 1004 RpcEptMapper - ok
10:05:10.0897 1004 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:05:10.0897 1004 RpcLocator - ok
10:05:10.0928 1004 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
10:05:10.0928 1004 RpcSs - ok
10:05:10.0959 1004 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:05:10.0959 1004 rspndr - ok
10:05:10.0990 1004 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:10.0990 1004 SamSs - ok
10:05:11.0006 1004 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
10:05:11.0006 1004 sbp2port - ok
10:05:11.0053 1004 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:05:11.0053 1004 SCardSvr - ok
10:05:11.0068 1004 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
10:05:11.0084 1004 scfilter - ok
10:05:11.0131 1004 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
10:05:11.0146 1004 Schedule - ok
10:05:11.0162 1004 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:05:11.0162 1004 SCPolicySvc - ok
10:05:11.0209 1004 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
10:05:11.0209 1004 SDRSVC - ok
10:05:11.0240 1004 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:05:11.0240 1004 secdrv - ok
10:05:11.0271 1004 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
10:05:11.0271 1004 seclogon - ok
10:05:11.0287 1004 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
10:05:11.0302 1004 SENS - ok
10:05:11.0318 1004 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:05:11.0318 1004 SensrSvc - ok
10:05:11.0365 1004 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:05:11.0365 1004 Serenum - ok
10:05:11.0380 1004 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:05:11.0380 1004 Serial - ok
10:05:11.0396 1004 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:05:11.0396 1004 sermouse - ok
10:05:11.0443 1004 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
10:05:11.0458 1004 SessionEnv - ok
10:05:11.0474 1004 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
10:05:11.0474 1004 sffdisk - ok
10:05:11.0521 1004 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:05:11.0521 1004 sffp_mmc - ok
10:05:11.0536 1004 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:05:11.0536 1004 sffp_sd - ok
10:05:11.0552 1004 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:05:11.0552 1004 sfloppy - ok
10:05:11.0614 1004 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:05:11.0630 1004 SharedAccess - ok
10:05:11.0661 1004 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
10:05:11.0677 1004 ShellHWDetection - ok
10:05:11.0755 1004 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
10:05:11.0755 1004 SiSGbeLH - ok
10:05:11.0786 1004 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:05:11.0786 1004 SiSRaid2 - ok
10:05:11.0833 1004 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:05:11.0833 1004 SiSRaid4 - ok
10:05:11.0911 1004 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:05:11.0911 1004 Smb - ok
10:05:11.0957 1004 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:05:11.0957 1004 SNMPTRAP - ok
10:05:12.0035 1004 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
10:05:12.0051 1004 SNP2UVC - ok
10:05:12.0160 1004 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
10:05:12.0160 1004 SolidWorks Licensing Service - ok
10:05:12.0223 1004 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:05:12.0223 1004 spldr - ok
10:05:12.0285 1004 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
10:05:12.0285 1004 Spooler - ok
10:05:12.0363 1004 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
10:05:12.0379 1004 sppsvc - ok
10:05:12.0410 1004 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:05:12.0410 1004 sppuinotify - ok
10:05:12.0519 1004 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SRTSP64.SYS
10:05:12.0535 1004 SRTSP - ok
10:05:12.0675 1004 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NAVx64\1306020.00A\SRTSPX64.SYS
10:05:12.0675 1004 SRTSPX - ok
10:05:12.0769 1004 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
10:05:12.0769 1004 srv - ok
10:05:12.0800 1004 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
10:05:12.0815 1004 srv2 - ok
10:05:12.0847 1004 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
10:05:12.0847 1004 srvnet - ok
10:05:12.0956 1004 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:05:12.0956 1004 SSDPSRV - ok
10:05:12.0971 1004 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:05:12.0971 1004 SstpSvc - ok
10:05:13.0049 1004 Stereo Service (9029786ee426ce2a01e1d8d4c493c363) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:05:13.0049 1004 Stereo Service - ok
10:05:13.0112 1004 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:05:13.0112 1004 stexstor - ok
10:05:13.0159 1004 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
10:05:13.0159 1004 stisvc - ok
10:05:13.0174 1004 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:05:13.0190 1004 swenum - ok
10:05:13.0221 1004 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:05:13.0221 1004 swprv - ok
10:05:13.0346 1004 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYMDS64.SYS
10:05:13.0346 1004 SymDS - ok
10:05:13.0517 1004 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYMEFA64.SYS
10:05:13.0517 1004 SymEFA - ok
10:05:13.0611 1004 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:05:13.0611 1004 SymEvent - ok
10:05:13.0705 1004 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1306020.00A\Ironx64.SYS
10:05:13.0705 1004 SymIRON - ok
10:05:13.0861 1004 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SYMNETS.SYS
10:05:13.0861 1004 SymNetS - ok
10:05:13.0923 1004 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
10:05:13.0939 1004 SysMain - ok
10:05:13.0970 1004 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
10:05:13.0970 1004 TabletInputService - ok
10:05:14.0001 1004 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
10:05:14.0001 1004 TapiSrv - ok
10:05:14.0032 1004 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:05:14.0032 1004 TBS - ok
10:05:14.0126 1004 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
10:05:14.0126 1004 Tcpip - ok
10:05:14.0188 1004 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
10:05:14.0188 1004 TCPIP6 - ok
10:05:14.0219 1004 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
10:05:14.0219 1004 tcpipreg - ok
10:05:14.0266 1004 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:05:14.0266 1004 TDPIPE - ok
10:05:14.0282 1004 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:05:14.0282 1004 TDTCP - ok
10:05:14.0313 1004 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
10:05:14.0329 1004 tdx - ok
10:05:14.0360 1004 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
10:05:14.0360 1004 TermDD - ok
10:05:14.0391 1004 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
10:05:14.0407 1004 TermService - ok
10:05:14.0438 1004 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:05:14.0438 1004 Themes - ok
10:05:14.0469 1004 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:05:14.0469 1004 THREADORDER - ok
10:05:14.0516 1004 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:05:14.0516 1004 TrkWks - ok
10:05:14.0563 1004 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
10:05:14.0563 1004 TrustedInstaller - ok
10:05:14.0625 1004 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:05:14.0625 1004 tssecsrv - ok
10:05:14.0672 1004 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
10:05:14.0672 1004 tunnel - ok
10:05:14.0703 1004 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
10:05:14.0703 1004 TurboB - ok
10:05:14.0734 1004 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:05:14.0734 1004 TurboBoost - ok
10:05:14.0812 1004 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:05:14.0812 1004 uagp35 - ok
10:05:14.0843 1004 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
10:05:14.0843 1004 udfs - ok
10:05:14.0890 1004 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:05:14.0890 1004 UI0Detect - ok
10:05:14.0921 1004 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:05:14.0921 1004 uliagpkx - ok
10:05:14.0953 1004 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
10:05:14.0953 1004 umbus - ok
10:05:14.0984 1004 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:05:14.0984 1004 UmPass - ok
10:05:15.0077 1004 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:05:15.0093 1004 UNS - ok
10:05:15.0171 1004 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:05:15.0171 1004 upnphost - ok
10:05:15.0218 1004 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
10:05:15.0218 1004 USBAAPL64 - ok
10:05:15.0249 1004 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
10:05:15.0249 1004 usbccgp - ok
10:05:15.0327 1004 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
10:05:15.0327 1004 usbcir - ok
10:05:15.0358 1004 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
10:05:15.0374 1004 usbehci - ok
10:05:15.0467 1004 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
10:05:15.0467 1004 usbhub - ok
10:05:15.0483 1004 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
10:05:15.0483 1004 usbohci - ok
10:05:15.0530 1004 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:05:15.0530 1004 usbprint - ok
10:05:15.0561 1004 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:05:15.0561 1004 USBSTOR - ok
10:05:15.0608 1004 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
10:05:15.0608 1004 usbuhci - ok
10:05:15.0701 1004 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
10:05:15.0701 1004 usbvideo - ok
10:05:15.0733 1004 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:05:15.0733 1004 UxSms - ok
10:05:15.0764 1004 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:15.0764 1004 VaultSvc - ok
10:05:15.0811 1004 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:05:15.0811 1004 vdrvroot - ok
10:05:15.0857 1004 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
10:05:15.0857 1004 vds - ok
10:05:15.0904 1004 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:05:15.0904 1004 vga - ok
10:05:15.0935 1004 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:05:15.0935 1004 VgaSave - ok
10:05:15.0951 1004 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
10:05:15.0951 1004 vhdmp - ok
10:05:15.0982 1004 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
10:05:15.0982 1004 viaide - ok
10:05:16.0045 1004 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe
10:05:16.0045 1004 VideAceWindowsService - ok
10:05:16.0138 1004 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
10:05:16.0138 1004 volmgr - ok
10:05:16.0154 1004 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
10:05:16.0154 1004 volmgrx - ok
10:05:16.0201 1004 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
10:05:16.0201 1004 volsnap - ok
10:05:16.0294 1004 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:05:16.0294 1004 vsmraid - ok
10:05:16.0357 1004 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
10:05:16.0372 1004 VSS - ok
10:05:16.0388 1004 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:05:16.0388 1004 vwifibus - ok
10:05:16.0419 1004 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:05:16.0419 1004 vwififlt - ok
10:05:16.0481 1004 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:05:16.0481 1004 vwifimp - ok
10:05:16.0513 1004 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:05:16.0528 1004 W32Time - ok
10:05:16.0544 1004 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:05:16.0544 1004 WacomPen - ok
10:05:16.0622 1004 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:05:16.0622 1004 WANARP - ok
10:05:16.0637 1004 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:05:16.0637 1004 Wanarpv6 - ok
10:05:16.0731 1004 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:05:16.0747 1004 WatAdminSvc - ok
10:05:16.0809 1004 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
10:05:16.0809 1004 wbengine - ok
10:05:16.0856 1004 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:05:16.0856 1004 WbioSrvc - ok
10:05:16.0903 1004 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
10:05:16.0903 1004 wcncsvc - ok
10:05:16.0949 1004 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:05:16.0949 1004 WcsPlugInService - ok
10:05:16.0981 1004 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:05:16.0981 1004 Wd - ok
10:05:17.0027 1004 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:05:17.0027 1004 Wdf01000 - ok
10:05:17.0043 1004 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:05:17.0043 1004 WdiServiceHost - ok
10:05:17.0059 1004 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:05:17.0059 1004 WdiSystemHost - ok
10:05:17.0105 1004 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
10:05:17.0105 1004 WebClient - ok
10:05:17.0137 1004 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:05:17.0137 1004 Wecsvc - ok
10:05:17.0168 1004 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:05:17.0168 1004 wercplsupport - ok
10:05:17.0215 1004 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:05:17.0215 1004 WerSvc - ok
10:05:17.0261 1004 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:05:17.0261 1004 WfpLwf - ok
10:05:17.0293 1004 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
10:05:17.0293 1004 WimFltr - ok
10:05:17.0324 1004 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:05:17.0324 1004 WIMMount - ok
10:05:17.0355 1004 WinDefend - ok
10:05:17.0386 1004 WinHttpAutoProxySvc - ok
10:05:17.0480 1004 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:05:17.0480 1004 Winmgmt - ok
10:05:17.0542 1004 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
10:05:17.0558 1004 WinRM - ok
10:05:17.0667 1004 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
10:05:17.0667 1004 WinUsb - ok
10:05:17.0714 1004 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:05:17.0729 1004 Wlansvc - ok
10:05:17.0745 1004 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:05:17.0745 1004 WmiAcpi - ok
10:05:17.0839 1004 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:05:17.0839 1004 wmiApSrv - ok
10:05:17.0885 1004 WMPNetworkSvc - ok
10:05:17.0948 1004 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:05:17.0948 1004 WPCSvc - ok
10:05:17.0979 1004 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
10:05:17.0979 1004 WPDBusEnum - ok
10:05:18.0010 1004 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:05:18.0010 1004 ws2ifsl - ok
10:05:18.0119 1004 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
10:05:18.0119 1004 wscsvc - ok
10:05:18.0166 1004 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:05:18.0166 1004 WSDPrintDevice - ok
10:05:18.0182 1004 WSearch - ok
10:05:18.0244 1004 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
10:05:18.0260 1004 wuauserv - ok
10:05:18.0307 1004 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
10:05:18.0307 1004 WudfPf - ok
10:05:18.0400 1004 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:05:18.0400 1004 WUDFRd - ok
10:05:18.0431 1004 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
10:05:18.0431 1004 wudfsvc - ok
10:05:18.0447 1004 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:05:18.0447 1004 WwanSvc - ok
10:05:18.0494 1004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:05:18.0556 1004 \Device\Harddisk0\DR0 - ok
10:05:18.0572 1004 Boot (0x1200) (f4e459cb895541dfb8a8d76022aa4b82) \Device\Harddisk0\DR0\Partition0
10:05:18.0572 1004 \Device\Harddisk0\DR0\Partition0 - ok
10:05:18.0587 1004 Boot (0x1200) (f7b2733a3145a7ead44f1427131703a1) \Device\Harddisk0\DR0\Partition1
10:05:18.0587 1004 \Device\Harddisk0\DR0\Partition1 - ok

******************** 3/3 of the report ***************

10:05:18.0587 1004 ============================================================
10:05:18.0587 1004 Scan finished
10:05:18.0587 1004 ============================================================
10:05:18.0587 1464 Detected object count: 0
10:05:18.0587 1464 Actual detected object count: 0
10:05:51.0675 1876 ============================================================
10:05:51.0675 1876 Scan started
10:05:51.0675 1876 Mode: Manual; SigCheck; TDLFS;
10:05:51.0675 1876 ============================================================
10:05:51.0909 1876 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
10:05:51.0956 1876 1394ohci - ok
10:05:52.0003 1876 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
10:05:52.0018 1876 ACPI - ok
10:05:52.0034 1876 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
10:05:52.0034 1876 AcpiPmi - ok
10:05:52.0127 1876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:05:52.0143 1876 adp94xx - ok
10:05:52.0190 1876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:05:52.0205 1876 adpahci - ok
10:05:52.0299 1876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:05:52.0315 1876 adpu320 - ok
10:05:52.0361 1876 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:05:52.0393 1876 AeLookupSvc - ok
10:05:52.0439 1876 AFBAgent (734d1ba96be6ad8d04e6afead569ea8a) C:\Windows\system32\FBAgent.exe
10:05:52.0455 1876 AFBAgent - ok
10:05:52.0502 1876 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
10:05:52.0517 1876 AFD - ok
10:05:52.0533 1876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
10:05:52.0549 1876 agp440 - ok
10:05:52.0595 1876 aksdf (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\DRIVERS\aksdf.sys
10:05:52.0611 1876 aksdf - ok
10:05:52.0689 1876 aksfridge (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
10:05:52.0689 1876 aksfridge - ok
10:05:52.0736 1876 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
10:05:52.0736 1876 akshasp - ok
10:05:52.0783 1876 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
10:05:52.0783 1876 akshhl - ok
10:05:52.0814 1876 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
10:05:52.0814 1876 aksusb - ok
10:05:52.0845 1876 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:05:52.0861 1876 ALG - ok
10:05:52.0907 1876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
10:05:52.0923 1876 aliide - ok
10:05:52.0939 1876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
10:05:52.0939 1876 amdide - ok
10:05:52.0970 1876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:05:52.0970 1876 AmdK8 - ok
10:05:53.0048 1876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:05:53.0063 1876 AmdPPM - ok
10:05:53.0095 1876 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
10:05:53.0110 1876 amdsata - ok
10:05:53.0141 1876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:05:53.0141 1876 amdsbs - ok
10:05:53.0204 1876 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
10:05:53.0204 1876 amdxata - ok
10:05:53.0235 1876 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
10:05:53.0235 1876 AmUStor - ok
10:05:53.0282 1876 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:05:53.0297 1876 AppID - ok
10:05:53.0313 1876 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:05:53.0360 1876 AppIDSvc - ok
10:05:53.0360 1876 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
10:05:53.0375 1876 Appinfo - ok
10:05:53.0453 1876 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:05:53.0469 1876 Apple Mobile Device - ok
10:05:53.0547 1876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:05:53.0547 1876 arc - ok
10:05:53.0578 1876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:05:53.0578 1876 arcsas - ok
10:05:53.0641 1876 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
10:05:53.0641 1876 ASLDRService - ok
10:05:53.0656 1876 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
10:05:53.0672 1876 ASMMAP64 - ok
10:05:53.0750 1876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:05:53.0781 1876 AsyncMac - ok
10:05:53.0812 1876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
10:05:53.0812 1876 atapi - ok
10:05:53.0921 1876 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
10:05:53.0937 1876 athr - ok
10:05:53.0999 1876 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
10:05:53.0999 1876 ATKGFNEXSrv - ok
10:05:54.0077 1876 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:05:54.0124 1876 AudioEndpointBuilder - ok
10:05:54.0140 1876 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:05:54.0187 1876 AudioSrv - ok
10:05:54.0218 1876 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
10:05:54.0233 1876 AxInstSV - ok
10:05:54.0280 1876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:05:54.0296 1876 b06bdrv - ok
10:05:54.0358 1876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:05:54.0374 1876 b57nd60a - ok
10:05:54.0452 1876 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:05:54.0467 1876 BBSvc - ok
10:05:54.0514 1876 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:05:54.0514 1876 BBUpdate - ok
10:05:54.0592 1876 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:05:54.0592 1876 BDESVC - ok
10:05:54.0639 1876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:05:54.0670 1876 Beep - ok
10:05:54.0764 1876 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
10:05:54.0795 1876 BFE - ok
10:05:54.0935 1876 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:05:54.0951 1876 BHDrvx64 - ok
10:05:55.0013 1876 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
10:05:55.0060 1876 BITS - ok
10:05:55.0107 1876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:05:55.0123 1876 blbdrive - ok
10:05:55.0201 1876 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:05:55.0216 1876 Bonjour Service - ok
10:05:55.0294 1876 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:05:55.0310 1876 bowser - ok
10:05:55.0357 1876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:05:55.0372 1876 BrFiltLo - ok
10:05:55.0388 1876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:05:55.0388 1876 BrFiltUp - ok
10:05:55.0419 1876 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:05:55.0450 1876 BridgeMP - ok
10:05:55.0481 1876 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
10:05:55.0513 1876 Browser - ok
10:05:55.0575 1876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:05:55.0575 1876 Brserid - ok
10:05:55.0606 1876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:05:55.0622 1876 BrSerWdm - ok
10:05:55.0637 1876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:05:55.0653 1876 BrUsbMdm - ok
10:05:55.0684 1876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:05:55.0684 1876 BrUsbSer - ok
10:05:55.0762 1876 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:05:55.0762 1876 BthEnum - ok
10:05:55.0825 1876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:05:55.0825 1876 BTHMODEM - ok
10:05:55.0856 1876 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:05:55.0871 1876 BthPan - ok
10:05:55.0934 1876 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
10:05:55.0949 1876 BTHPORT - ok
10:05:55.0996 1876 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:05:56.0027 1876 bthserv - ok
10:05:56.0059 1876 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
10:05:56.0059 1876 BTHUSB - ok
10:05:56.0105 1876 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
10:05:56.0105 1876 btusbflt - ok
10:05:56.0183 1876 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
10:05:56.0199 1876 btwaudio - ok
10:05:56.0230 1876 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
10:05:56.0230 1876 btwavdt - ok
10:05:56.0293 1876 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:05:56.0308 1876 btwdins - ok
10:05:56.0386 1876 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:05:56.0386 1876 btwl2cap - ok
10:05:56.0402 1876 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
10:05:56.0402 1876 btwrchid - ok
10:05:56.0464 1876 Cadence License Manager (647cd6b1ae2b42b7f27706a6a72e3ddc) C:\Cadence\LicenseManager\lmgrd.exe
10:05:56.0495 1876 Cadence License Manager - ok
10:05:56.0511 1876 catchme - ok
10:05:56.0636 1876 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306020.00A\ccSetx64.sys
10:05:56.0636 1876 ccSet_NAV - ok
10:05:56.0729 1876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:05:56.0776 1876 cdfs - ok
10:05:56.0792 1876 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:05:56.0807 1876 cdrom - ok
10:05:56.0823 1876 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:05:56.0870 1876 CertPropSvc - ok
10:05:56.0917 1876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:05:56.0932 1876 circlass - ok
10:05:56.0963 1876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:05:56.0979 1876 CLFS - ok
10:05:57.0041 1876 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:05:57.0041 1876 clr_optimization_v2.0.50727_32 - ok
10:05:57.0104 1876 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:05:57.0104 1876 clr_optimization_v2.0.50727_64 - ok
10:05:57.0182 1876 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:05:57.0197 1876 clr_optimization_v4.0.30319_32 - ok
10:05:57.0275 1876 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:05:57.0291 1876 clr_optimization_v4.0.30319_64 - ok
10:05:57.0369 1876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:05:57.0369 1876 CmBatt - ok
10:05:57.0431 1876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
10:05:57.0447 1876 cmdide - ok
10:05:57.0525 1876 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
10:05:57.0541 1876 CNG - ok
10:05:57.0587 1876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:05:57.0587 1876 Compbatt - ok
10:05:57.0665 1876 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:05:57.0681 1876 CompositeBus - ok
10:05:57.0697 1876 COMSysApp - ok
10:05:57.0712 1876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:05:57.0712 1876 crcdisk - ok
10:05:57.0759 1876 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
10:05:57.0790 1876 CryptSvc - ok
10:05:57.0821 1876 CYUSB (e9e37e84a5431b51cec9d4fd39534901) C:\Windows\system32\Drivers\CYUSB.sys
10:05:57.0837 1876 CYUSB - ok
10:05:57.0868 1876 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
10:05:57.0915 1876 DcomLaunch - ok
10:05:57.0946 1876 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:05:57.0977 1876 defragsvc - ok
10:05:58.0024 1876 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:05:58.0040 1876 DfsC - ok
10:05:58.0102 1876 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
10:05:58.0118 1876 Dhcp - ok
10:05:58.0165 1876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:05:58.0211 1876 discache - ok
10:05:58.0289 1876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:05:58.0305 1876 Disk - ok
10:05:58.0352 1876 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
10:05:58.0367 1876 Dnscache - ok
10:05:58.0430 1876 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
10:05:58.0477 1876 dot3svc - ok
10:05:58.0492 1876 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
10:05:58.0523 1876 DPS - ok
10:05:58.0570 1876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:05:58.0586 1876 drmkaud - ok
10:05:58.0648 1876 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:05:58.0664 1876 DXGKrnl - ok
10:05:58.0742 1876 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:05:58.0773 1876 EapHost - ok
10:05:58.0867 1876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:05:58.0913 1876 ebdrv - ok
10:05:59.0007 1876 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:05:59.0023 1876 eeCtrl - ok
10:05:59.0085 1876 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
10:05:59.0101 1876 EFS - ok
10:05:59.0163 1876 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
10:05:59.0179 1876 ehRecvr - ok
10:05:59.0225 1876 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:05:59.0225 1876 ehSched - ok
10:05:59.0303 1876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:05:59.0319 1876 elxstor - ok
10:05:59.0350 1876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
10:05:59.0366 1876 ErrDev - ok
10:05:59.0381 1876 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
10:05:59.0397 1876 ETD - ok
10:05:59.0475 1876 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:05:59.0522 1876 EventSystem - ok
10:05:59.0553 1876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:05:59.0600 1876 exfat - ok
10:05:59.0631 1876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:05:59.0662 1876 fastfat - ok
10:05:59.0709 1876 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
10:05:59.0725 1876 Fax - ok
10:05:59.0771 1876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:05:59.0787 1876 fdc - ok
10:05:59.0803 1876 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:05:59.0834 1876 fdPHost - ok
10:05:59.0849 1876 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:05:59.0881 1876 FDResPub - ok
10:05:59.0959 1876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:05:59.0959 1876 FileInfo - ok
10:05:59.0990 1876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:06:00.0021 1876 Filetrace - ok
10:06:00.0037 1876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:06:00.0037 1876 flpydisk - ok
10:06:00.0068 1876 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:06:00.0083 1876 FltMgr - ok
10:06:00.0115 1876 FLxHCIc (480e31b064e6f7b4eaab8b00437298b6) C:\Windows\system32\DRIVERS\FLxHCIc.sys
10:06:00.0115 1876 FLxHCIc - ok
10:06:00.0146 1876 FLxHCIh (e9cf4c5a0c31197351f89a1df4522b96) C:\Windows\system32\DRIVERS\FLxHCIh.sys
10:06:00.0146 1876 FLxHCIh - ok
10:06:00.0208 1876 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
10:06:00.0224 1876 FontCache - ok
10:06:00.0302 1876 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:06:00.0302 1876 FontCache3.0.0.0 - ok
10:06:00.0364 1876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:06:00.0364 1876 FsDepends - ok
10:06:00.0395 1876 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
10:06:00.0411 1876 fssfltr - ok
10:06:00.0473 1876 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:06:00.0489 1876 fsssvc - ok
10:06:00.0551 1876 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:06:00.0551 1876 Fs_Rec - ok
10:06:00.0598 1876 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:06:00.0614 1876 fvevol - ok
10:06:00.0645 1876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:06:00.0661 1876 gagp30kx - ok
10:06:00.0676 1876 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:06:00.0676 1876 GEARAspiWDM - ok
10:06:00.0739 1876 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
10:06:00.0754 1876 gpsvc - ok
10:06:00.0832 1876 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:00.0848 1876 gupdate - ok
10:06:00.0863 1876 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:00.0863 1876 gupdatem - ok
10:06:00.0895 1876 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:06:00.0895 1876 gusvc - ok
10:06:00.0988 1876 Hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
10:06:01.0004 1876 Hardlock - ok
10:06:01.0019 1876 hasplms - ok
10:06:01.0066 1876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:06:01.0066 1876 hcw85cir - ok
10:06:01.0129 1876 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:06:01.0144 1876 HdAudAddService - ok
10:06:01.0175 1876 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:06:01.0191 1876 HDAudBus - ok
10:06:01.0269 1876 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:06:01.0285 1876 HECIx64 - ok
10:06:01.0300 1876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:06:01.0300 1876 HidBatt - ok
10:06:01.0331 1876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:06:01.0347 1876 HidBth - ok
10:06:01.0378 1876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:06:01.0394 1876 HidIr - ok
10:06:01.0425 1876 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:06:01.0456 1876 hidserv - ok
10:06:01.0487 1876 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:06:01.0503 1876 HidUsb - ok
10:06:01.0534 1876 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
10:06:01.0581 1876 hkmsvc - ok
10:06:01.0612 1876 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
10:06:01.0628 1876 HomeGroupListener - ok
10:06:01.0659 1876 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
10:06:01.0675 1876 HomeGroupProvider - ok
10:06:01.0706 1876 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:06:01.0721 1876 HpSAMD - ok
10:06:01.0753 1876 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:06:01.0784 1876 HTTP - ok
10:06:01.0815 1876 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:06:01.0831 1876 hwpolicy - ok
10:06:01.0877 1876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:06:01.0893 1876 i8042prt - ok
10:06:01.0940 1876 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
10:06:01.0940 1876 iaStor - ok
10:06:02.0049 1876 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
10:06:02.0065 1876 iaStorV - ok
10:06:02.0111 1876 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:06:02.0127 1876 idsvc - ok
10:06:02.0283 1876 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120327.002\IDSvia64.sys
10:06:02.0283 1876 IDSVia64 - ok
10:06:02.0361 1876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:06:02.0361 1876 iirsp - ok
10:06:02.0423 1876 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
10:06:02.0455 1876 IKEEXT - ok
10:06:02.0533 1876 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys

****************** second run of TDSSKILLER Report ****************
************ first 1/3 of the second report ************************

10:04:37.0903 1188 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
10:04:37.0903 1188 ============================================================
10:04:37.0903 1188 Current date / time: 2012/03/29 10:04:37.0903
10:04:37.0903 1188 SystemInfo:
10:04:37.0903 1188
10:04:37.0903 1188 OS Version: 6.1.7600 ServicePack: 0.0
10:04:37.0903 1188 Product type: Workstation
10:04:37.0903 1188 ComputerName: ZAPLAP2
10:04:37.0903 1188 UserName: Scott
10:04:37.0903 1188 Windows directory: C:\Windows
10:04:37.0903 1188 System windows directory: C:\Windows
10:04:37.0903 1188 Running under WOW64
10:04:37.0903 1188 Processor architecture: Intel x64
10:04:37.0903 1188 Number of processors: 8
10:04:37.0903 1188 Page size: 0x1000
10:04:37.0903 1188 Boot type: Safe boot
10:04:37.0903 1188 ============================================================
10:04:38.0402 1188 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:04:38.0402 1188 \Device\Harddisk0\DR0:
10:04:38.0402 1188 MBR used
10:04:38.0402 1188 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x12A147D1
10:04:38.0417 1188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1550F000, BlocksNum 0x35348800
10:04:38.0511 1188 Initialize success
10:04:38.0511 1188 ============================================================
10:04:54.0813 1004 ============================================================
10:04:54.0813 1004 Scan started
10:04:54.0813 1004 Mode: Manual;
10:04:54.0813 1004 ============================================================
10:04:55.0156 1004 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
10:04:55.0156 1004 1394ohci - ok
10:04:55.0203 1004 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
10:04:55.0203 1004 ACPI - ok
10:04:55.0234 1004 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
10:04:55.0234 1004 AcpiPmi - ok
10:04:55.0281 1004 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:04:55.0281 1004 adp94xx - ok
10:04:55.0312 1004 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:04:55.0312 1004 adpahci - ok
10:04:55.0343 1004 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:04:55.0343 1004 adpu320 - ok
10:04:55.0375 1004 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:04:55.0375 1004 AeLookupSvc - ok
10:04:55.0437 1004 AFBAgent (734d1ba96be6ad8d04e6afead569ea8a) C:\Windows\system32\FBAgent.exe
10:04:55.0437 1004 AFBAgent - ok
10:04:55.0515 1004 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
10:04:55.0515 1004 AFD - ok
10:04:55.0562 1004 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
10:04:55.0562 1004 agp440 - ok
10:04:55.0609 1004 aksdf (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\DRIVERS\aksdf.sys
10:04:55.0609 1004 aksdf - ok
10:04:55.0640 1004 aksfridge (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
10:04:55.0640 1004 aksfridge - ok
10:04:55.0671 1004 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
10:04:55.0671 1004 akshasp - ok
10:04:55.0687 1004 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
10:04:55.0687 1004 akshhl - ok
10:04:55.0733 1004 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
10:04:55.0733 1004 aksusb - ok
10:04:55.0765 1004 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:04:55.0765 1004 ALG - ok
10:04:55.0811 1004 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
10:04:55.0811 1004 aliide - ok
10:04:55.0843 1004 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
10:04:55.0843 1004 amdide - ok
10:04:55.0874 1004 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:04:55.0874 1004 AmdK8 - ok
10:04:55.0905 1004 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:04:55.0905 1004 AmdPPM - ok
10:04:55.0936 1004 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
10:04:55.0936 1004 amdsata - ok
10:04:55.0983 1004 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:04:55.0983 1004 amdsbs - ok
10:04:56.0045 1004 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
10:04:56.0045 1004 amdxata - ok
10:04:56.0108 1004 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
10:04:56.0108 1004 AmUStor - ok
10:04:56.0170 1004 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:04:56.0170 1004 AppID - ok
10:04:56.0217 1004 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:04:56.0217 1004 AppIDSvc - ok
10:04:56.0233 1004 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
10:04:56.0233 1004 Appinfo - ok
10:04:56.0326 1004 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:56.0326 1004 Apple Mobile Device - ok
10:04:56.0435 1004 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:04:56.0435 1004 arc - ok
10:04:56.0451 1004 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:04:56.0451 1004 arcsas - ok
10:04:56.0529 1004 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
10:04:56.0529 1004 ASLDRService - ok
10:04:56.0560 1004 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
10:04:56.0560 1004 ASMMAP64 - ok
10:04:56.0638 1004 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:56.0638 1004 AsyncMac - ok
10:04:56.0669 1004 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
10:04:56.0669 1004 atapi - ok
10:04:56.0747 1004 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
10:04:56.0763 1004 athr - ok
10:04:56.0825 1004 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
10:04:56.0825 1004 ATKGFNEXSrv - ok
10:04:56.0903 1004 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:04:56.0903 1004 AudioEndpointBuilder - ok
10:04:56.0935 1004 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:04:56.0935 1004 AudioSrv - ok
10:04:57.0028 1004 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
10:04:57.0028 1004 AxInstSV - ok
10:04:57.0091 1004 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:04:57.0091 1004 b06bdrv - ok
10:04:57.0153 1004 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:04:57.0153 1004 b57nd60a - ok
10:04:57.0293 1004 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:04:57.0293 1004 BBSvc - ok
10:04:57.0403 1004 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:04:57.0403 1004 BBUpdate - ok
10:04:57.0465 1004 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:04:57.0481 1004 BDESVC - ok
10:04:57.0543 1004 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:04:57.0543 1004 Beep - ok
10:04:57.0621 1004 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
10:04:57.0621 1004 BFE - ok
10:04:57.0777 1004 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:04:57.0777 1004 BHDrvx64 - ok
10:04:57.0871 1004 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
10:04:57.0871 1004 BITS - ok
10:04:57.0933 1004 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:04:57.0933 1004 blbdrive - ok
10:04:58.0011 1004 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:04:58.0011 1004 Bonjour Service - ok
10:04:58.0105 1004 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:04:58.0105 1004 bowser - ok
10:04:58.0151 1004 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:04:58.0151 1004 BrFiltLo - ok
10:04:58.0167 1004 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:04:58.0167 1004 BrFiltUp - ok
10:04:58.0261 1004 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:04:58.0261 1004 BridgeMP - ok
10:04:58.0292 1004 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
10:04:58.0292 1004 Browser - ok
10:04:58.0323 1004 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:04:58.0323 1004 Brserid - ok
10:04:58.0354 1004 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:04:58.0354 1004 BrSerWdm - ok
10:04:58.0401 1004 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:58.0401 1004 BrUsbMdm - ok
10:04:58.0401 1004 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:58.0401 1004 BrUsbSer - ok
10:04:58.0448 1004 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:04:58.0448 1004 BthEnum - ok
10:04:58.0495 1004 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:58.0495 1004 BTHMODEM - ok
10:04:58.0526 1004 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:04:58.0526 1004 BthPan - ok
10:04:58.0573 1004 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
10:04:58.0588 1004 BTHPORT - ok
10:04:58.0635 1004 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:04:58.0635 1004 bthserv - ok
10:04:58.0666 1004 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
10:04:58.0666 1004 BTHUSB - ok
10:04:58.0697 1004 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
10:04:58.0697 1004 btusbflt - ok
10:04:58.0744 1004 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
10:04:58.0744 1004 btwaudio - ok
10:04:58.0775 1004 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
10:04:58.0775 1004 btwavdt - ok
10:04:58.0869 1004 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:04:58.0869 1004 btwdins - ok
10:04:58.0963 1004 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:04:58.0963 1004 btwl2cap - ok
10:04:58.0994 1004 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
10:04:58.0994 1004 btwrchid - ok
10:04:59.0087 1004 Cadence License Manager (647cd6b1ae2b42b7f27706a6a72e3ddc) C:\Cadence\LicenseManager\lmgrd.exe
10:04:59.0103 1004 Cadence License Manager - ok
10:04:59.0165 1004 catchme - ok
10:04:59.0290 1004 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306020.00A\ccSetx64.sys
10:04:59.0290 1004 ccSet_NAV - ok
10:04:59.0337 1004 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:04:59.0337 1004 cdfs - ok
10:04:59.0415 1004 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:04:59.0415 1004 cdrom - ok
10:04:59.0462 1004 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:04:59.0462 1004 CertPropSvc - ok
10:04:59.0509 1004 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:04:59.0509 1004 circlass - ok
10:04:59.0540 1004 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:04:59.0540 1004 CLFS - ok
10:04:59.0602 1004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:59.0602 1004 clr_optimization_v2.0.50727_32 - ok
10:04:59.0649 1004 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:59.0649 1004 clr_optimization_v2.0.50727_64 - ok
10:04:59.0743 1004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:59.0743 1004 clr_optimization_v4.0.30319_32 - ok
10:04:59.0774 1004 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:59.0774 1004 clr_optimization_v4.0.30319_64 - ok
10:04:59.0867 1004 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:59.0883 1004 CmBatt - ok
10:04:59.0899 1004 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
10:04:59.0899 1004 cmdide - ok
10:04:59.0914 1004 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
10:04:59.0930 1004 CNG - ok
10:05:00.0039 1004 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:05:00.0039 1004 Compbatt - ok
10:05:00.0070 1004 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:05:00.0070 1004 CompositeBus - ok
10:05:00.0101 1004 COMSysApp - ok
10:05:00.0117 1004 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:05:00.0117 1004 crcdisk - ok
10:05:00.0211 1004 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
10:05:00.0211 1004 CryptSvc - ok
10:05:00.0273 1004 CYUSB (e9e37e84a5431b51cec9d4fd39534901) C:\Windows\system32\Drivers\CYUSB.sys
10:05:00.0273 1004 CYUSB - ok
10:05:00.0320 1004 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
10:05:00.0320 1004 DcomLaunch - ok
10:05:00.0367 1004 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:05:00.0367 1004 defragsvc - ok
10:05:00.0413 1004 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:05:00.0413 1004 DfsC - ok
10:05:00.0460 1004 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
10:05:00.0460 1004 Dhcp - ok
10:05:00.0507 1004 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:05:00.0507 1004 discache - ok
10:05:00.0569 1004 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:05:00.0569 1004 Disk - ok
10:05:00.0601 1004 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
10:05:00.0601 1004 Dnscache - ok
10:05:00.0647 1004 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
10:05:00.0647 1004 dot3svc - ok
10:05:00.0679 1004 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
10:05:00.0679 1004 DPS - ok
10:05:00.0725 1004 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:05:00.0725 1004 drmkaud - ok
10:05:00.0788 1004 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:05:00.0788 1004 DXGKrnl - ok
10:05:00.0835 1004 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:05:00.0835 1004 EapHost - ok
10:05:00.0928 1004 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:05:00.0944 1004 ebdrv - ok
10:05:01.0053 1004 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:05:01.0053 1004 eeCtrl - ok
10:05:01.0115 1004 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
10:05:01.0115 1004 EFS - ok
10:05:01.0209 1004 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
10:05:01.0209 1004 ehRecvr - ok
10:05:01.0225 1004 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:05:01.0225 1004 ehSched - ok
10:05:01.0349 1004 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:05:01.0349 1004 elxstor - ok
10:05:01.0396 1004 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
10:05:01.0396 1004 ErrDev - ok
10:05:01.0505 1004 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
10:05:01.0505 1004 ETD - ok
10:05:01.0568 1004 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:05:01.0568 1004 EventSystem - ok
10:05:01.0599 1004 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:05:01.0599 1004 exfat - ok
10:05:01.0630 1004 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:05:01.0630 1004 fastfat - ok
10:05:01.0693 1004 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
10:05:01.0693 1004 Fax - ok
10:05:01.0755 1004 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:05:01.0755 1004 fdc - ok
10:05:01.0802 1004 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:05:01.0802 1004 fdPHost - ok
10:05:01.0817 1004 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:05:01.0817 1004 FDResPub - ok
10:05:01.0833 1004 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:05:01.0833 1004 FileInfo - ok
10:05:01.0849 1004 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:05:01.0849 1004 Filetrace - ok
10:05:01.0880 1004 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:05:01.0880 1004 flpydisk - ok
10:05:01.0927 1004 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:05:01.0927 1004 FltMgr - ok
10:05:01.0973 1004 FLxHCIc (480e31b064e6f7b4eaab8b00437298b6) C:\Windows\system32\DRIVERS\FLxHCIc.sys
10:05:01.0973 1004 FLxHCIc - ok
10:05:02.0005 1004 FLxHCIh (e9cf4c5a0c31197351f89a1df4522b96) C:\Windows\system32\DRIVERS\FLxHCIh.sys
10:05:02.0005 1004 FLxHCIh - ok
10:05:02.0067 1004 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
10:05:02.0083 1004 FontCache - ok
10:05:02.0176 1004 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:05:02.0192 1004 FontCache3.0.0.0 - ok
10:05:02.0254 1004 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:05:02.0254 1004 FsDepends - ok
10:05:02.0285 1004 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
10:05:02.0285 1004 fssfltr - ok
10:05:02.0363 1004 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:05:02.0363 1004 fsssvc - ok
10:05:02.0441 1004 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:05:02.0441 1004 Fs_Rec - ok
10:05:02.0488 1004 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:05:02.0488 1004 fvevol - ok
10:05:02.0535 1004 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:05:02.0535 1004 gagp30kx - ok
10:05:02.0566 1004 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:05:02.0566 1004 GEARAspiWDM - ok
10:05:02.0613 1004 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
10:05:02.0613 1004 gpsvc - ok
10:05:02.0722 1004 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:05:02.0722 1004 gupdate - ok
10:05:02.0753 1004 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:05:02.0753 1004 gupdatem - ok
10:05:02.0816 1004 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:05:02.0816 1004 gusvc - ok
10:05:02.0956 1004 Hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
10:05:02.0956 1004 Hardlock - ok
10:05:02.0987 1004 hasplms - ok
10:05:03.0003 1004 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:05:03.0003 1004 hcw85cir - ok
10:05:03.0050 1004 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:05:03.0050 1004 HdAudAddService - ok
10:05:03.0128 1004 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:05:03.0128 1004 HDAudBus - ok
10:05:03.0159 1004 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:05:03.0159 1004 HECIx64 - ok
10:05:03.0175 1004 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:05:03.0175 1004 HidBatt - ok
10:05:03.0190 1004 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:05:03.0206 1004 HidBth - ok
10:05:03.0221 1004 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:05:03.0221 1004 HidIr - ok
10:05:03.0253 1004 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:05:03.0253 1004 hidserv - ok
10:05:03.0315 1004 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:05:03.0315 1004 HidUsb - ok
10:05:03.0362 1004 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
10:05:03.0362 1004 hkmsvc - ok
10:05:03.0377 1004 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
10:05:03.0393 1004 HomeGroupListener - ok
10:05:03.0440 1004 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
10:05:03.0440 1004 HomeGroupProvider - ok
10:05:03.0487 1004 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:05:03.0487 1004 HpSAMD - ok
10:05:03.0533 1004 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:05:03.0533 1004 HTTP - ok
10:05:03.0565 1004 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:05:03.0565 1004 hwpolicy - ok
10:05:03.0580 1004 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:05:03.0580 1004 i8042prt - ok
10:05:03.0611 1004 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
10:05:03.0611 1004 iaStor - ok
10:05:03.0689 1004 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
10:05:03.0689 1004 iaStorV - ok
10:05:03.0783 1004 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:05:03.0783 1004 idsvc - ok
10:05:03.0923 1004 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120327.002\IDSvia64.sys
10:05:03.0939 1004 IDSVia64 - ok
10:05:04.0048 1004 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:05:04.0048 1004 iirsp - ok
10:05:04.0095 1004 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
10:05:04.0095 1004 IKEEXT - ok
10:05:04.0204 1004 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
10:05:04.0220 1004 IntcAzAudAddService - ok
10:05:04.0267 1004 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
10:05:04.0267 1004 intelide - ok
10:05:04.0282 1004 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:05:04.0282 1004 intelppm - ok
10:05:04.0329 1004 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:05:04.0329 1004 IPBusEnum - ok
10:05:04.0345 1004 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:05:04.0345 1004 IpFilterDriver - ok
10:05:04.0376 1004 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
10:05:04.0391 1004 iphlpsvc - ok
10:05:04.0454 1004 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:05:04.0454 1004 IPMIDRV - ok
10:05:04.0469 1004 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:05:04.0469 1004 IPNAT - ok
10:05:04.0532 1004 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe
10:05:04.0547 1004 iPod Service - ok
10:05:04.0625 1004 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:05:04.0625 1004 IRENUM - ok
10:05:04.0641 1004 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
10:05:04.0641 1004 isapnp - ok
10:05:04.0672 1004 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
10:05:04.0672 1004 iScsiPrt - ok
10:05:04.0703 1004 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:05:04.0703 1004 kbdclass - ok
10:05:04.0735 1004 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
10:05:04.0735 1004 kbdhid - ok
10:05:04.0781 1004 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
10:05:04.0781 1004 kbfiltr - ok
10:05:04.0813 1004 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:04.0813 1004 KeyIso - ok
10:05:04.0844 1004 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
10:05:04.0844 1004 KSecDD - ok
10:05:04.0875 1004 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
10:05:04.0875 1004 KSecPkg - ok
10:05:04.0906 1004 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:05:04.0906 1004 ksthunk - ok
10:05:04.0953 1004 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:05:04.0953 1004 KtmRm - ok
10:05:05.0015 1004 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
10:05:05.0015 1004 L1C - ok
10:05:05.0078 1004 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
10:05:05.0078 1004 LanmanServer - ok
10:05:05.0140 1004 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
10:05:05.0140 1004 LanmanWorkstation - ok
10:05:05.0171 1004 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:05:05.0171 1004 lltdio - ok
10:05:05.0203 1004 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:05:05.0203 1004 lltdsvc - ok
10:05:05.0234 1004 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:05:05.0234 1004 lmhosts - ok
10:05:05.0312 1004 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:05:05.0312 1004 LMS - ok
10:05:05.0421 1004 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:05:05.0421 1004 LSI_FC - ok
10:05:05.0437 1004 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:05:05.0437 1004 LSI_SAS - ok
10:05:05.0499 1004 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:05:05.0499 1004 LSI_SAS2 - ok
10:05:05.0530 1004 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:05:05.0530 1004 LSI_SCSI - ok
10:05:05.0561 1004 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:05:05.0577 1004 luafv - ok
10:05:05.0593 1004 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
10:05:05.0593 1004 Mcx2Svc - ok
10:05:05.0624 1004 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:05:05.0624 1004 megasas - ok
10:05:05.0655 1004 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:05:05.0655 1004 MegaSR - ok
10:05:05.0749 1004 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:05:05.0764 1004 Microsoft Office Groove Audit Service - ok
10:05:05.0842 1004 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:05:05.0842 1004 MMCSS - ok
10:05:05.0873 1004 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:05:05.0873 1004 Modem - ok
10:05:05.0905 1004 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:05:05.0905 1004 monitor - ok
10:05:05.0936 1004 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:05:05.0936 1004 mouclass - ok
10:05:05.0967 1004 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:05:05.0967 1004 mouhid - ok
10:05:05.0983 1004 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
10:05:05.0983 1004 mountmgr - ok
10:05:06.0014 1004 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
10:05:06.0014 1004 mpio - ok
10:05:06.0045 1004 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:05:06.0045 1004 mpsdrv - ok
10:05:06.0076 1004 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
10:05:06.0076 1004 MpsSvc - ok
10:05:06.0107 1004 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
10:05:06.0107 1004 MRxDAV - ok
10:05:06.0139 1004 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:05:06.0139 1004 mrxsmb - ok
10:05:06.0185 1004 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:05:06.0185 1004 mrxsmb10 - ok
10:05:06.0201 1004 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:05:06.0201 1004 mrxsmb20 - ok
10:05:06.0232 1004 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
10:05:06.0232 1004 msahci - ok
10:05:06.0263 1004 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
10:05:06.0263 1004 msdsm - ok
10:05:06.0295 1004 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:05:06.0310 1004 MSDTC - ok
10:05:06.0373 1004 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:05:06.0373 1004 Msfs - ok
10:05:06.0388 1004 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:05:06.0388 1004 mshidkmdf - ok
10:05:06.0419 1004 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
10:05:06.0419 1004 msisadrv - ok
10:05:06.0451 1004 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:05:06.0451 1004 MSiSCSI - ok
10:05:06.0482 1004 msiserver - ok
10:05:06.0529 1004 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:05:06.0529 1004 MSKSSRV - ok
10:05:06.0560 1004 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:05:06.0560 1004 MSPCLOCK - ok
10:05:06.0575 1004 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:05:06.0575 1004 MSPQM - ok
10:05:06.0591 1004 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
10:05:06.0591 1004 MsRPC - ok
10:05:06.0622 1004 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:05:06.0622 1004 mssmbios - ok
10:05:06.0653 1004 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:05:06.0653 1004 MSTEE - ok
10:05:06.0669 1004 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:05:06.0669 1004 MTConfig - ok
10:05:06.0716 1004 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
10:05:06.0716 1004 MTsensor - ok
10:05:06.0747 1004 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:05:06.0747 1004 Mup - ok
10:05:06.0778 1004 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
10:05:06.0794 1004 napagent - ok
10:05:06.0841 1004 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:05:06.0841 1004 NativeWifiP - ok
10:05:07.0012 1004 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe
10:05:07.0012 1004 NAV - ok
10:05:07.0153 1004 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120328.002\ENG64.SYS
10:05:07.0153 1004 NAVENG - ok
10:05:07.0246 1004 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120328.002\EX64.SYS
10:05:07.0262 1004 NAVEX15 - ok
10:05:07.0355 1004 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
10:05:07.0371 1004 NDIS - ok
10:05:07.0402 1004 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:05:07.0402 1004 NdisCap - ok
10:05:07.0449 1004 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:05:07.0449 1004 NdisTapi - ok
10:05:07.0465 1004 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
10:05:07.0465 1004 Ndisuio - ok
10:05:07.0511 1004 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:05:07.0511 1004 NdisWan - ok
10:05:07.0527 1004 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
10:05:07.0527 1004 NDProxy - ok
10:05:07.0558 1004 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:05:07.0558 1004 NetBIOS - ok
10:05:07.0589 1004 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
10:05:07.0589 1004 NetBT - ok
10:05:07.0621 1004 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:07.0621 1004 Netlogon - ok
10:05:07.0667 1004 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:05:07.0667 1004 Netman - ok
10:05:07.0699 1004 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:05:07.0699 1004 netprofm - ok
10:05:07.0777 1004 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:05:07.0777 1004 NetTcpPortSharing - ok
10:05:07.0839 1004 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:05:07.0839 1004 nfrd960 - ok
10:05:07.0886 1004 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
10:05:07.0901 1004 NlaSvc - ok
10:05:07.0917 1004 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:05:07.0917 1004 Npfs - ok
10:05:07.0948 1004 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:05:07.0948 1004 nsi - ok
10:05:07.0979 1004 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:05:07.0979 1004 nsiproxy - ok
10:05:08.0042 1004 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
10:05:08.0057 1004 Ntfs - ok
10:05:08.0073 1004 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:05:08.0089 1004 Null - ok
10:05:08.0120 1004 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
10:05:08.0120 1004 NVHDA - ok
10:05:08.0354 1004 nvlddmkm (240e2667aa8a63bcdf253c11a44c465c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:05:08.0416 1004 nvlddmkm - ok
10:05:08.0479 1004 nvpciflt (7e11307e8e48ee6ff73faca6c62e3be4) C:\Windows\system32\DRIVERS\nvpciflt.sys
10:05:08.0479 1004 nvpciflt - ok
10:05:08.0541 1004 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
10:05:08.0541 1004 nvraid - ok
10:05:08.0588 1004 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
10:05:08.0588 1004 nvstor - ok
10:05:08.0635 1004 nvsvc (7d77a2b349017a7b9eaef105a22e8b36) C:\Windows\system32\nvvsvc.exe
10:05:08.0635 1004 nvsvc - ok
10:05:08.0728 1004 nvUpdatusService (e0ecb3c5c905b4942d3740373605a31a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:05:08.0744 1004 nvUpdatusService - ok
10:05:08.0822 1004 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
10:05:08.0822 1004 nv_agp - ok
10:05:08.0931 1004 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:05:08.0931 1004 odserv - ok
10:05:09.0009 1004 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
10:05:09.0009 1004 ohci1394 - ok
10:05:09.0103 1004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:05:09.0103 1004 ose - ok
10:05:09.0165 1004 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:05:09.0181 1004 p2pimsvc - ok
10:05:09.0212 1004 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:05:09.0212 1004 p2psvc - ok
10:05:09.0259 1004 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:05:09.0259 1004 Parport - ok
10:05:09.0274 1004 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
10:05:09.0274 1004 partmgr - ok
10:05:09.0305 1004 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:05:09.0305 1004 PcaSvc - ok
10:05:09.0337 1004 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
10:05:09.0337 1004 pci - ok
10:05:09.0352 1004 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:05:09.0352 1004 pciide - ok
10:05:09.0368 1004 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:05:09.0368 1004 pcmcia - ok
10:05:09.0383 1004 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:05:09.0383 1004 pcw - ok
10:05:09.0430 1004 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:05:09.0430 1004 PEAUTH - ok
10:05:09.0477 1004 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:05:09.0477 1004 PerfHost - ok
10:05:09.0555 1004 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
10:05:09.0571 1004 pla - ok
10:05:09.0617 1004 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
10:05:09.0617 1004 PlugPlay - ok
10:05:09.0649 1004 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:05:09.0649 1004 PNRPAutoReg - ok
10:05:09.0664 1004 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:05:09.0664 1004 PNRPsvc - ok
10:05:09.0695 1004 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
10:05:09.0711 1004 PolicyAgent - ok
10:05:09.0742 1004 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:05:09.0742 1004 Power - ok
10:05:09.0789 1004 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
10:05:09.0789 1004 PptpMiniport - ok
10:05:09.0805 1004 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:05:09.0805 1004 Processor - ok
10:05:09.0851 1004 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
10:05:09.0851 1004 ProfSvc - ok
10:05:09.0898 1004 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:09.0898 1004 ProtectedStorage - ok
10:05:09.0961 1004 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
10:05:09.0961 1004 Psched - ok
10:05:10.0007 1004 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:05:10.0007 1004 ql2300 - ok
10:05:10.0039 1004 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:05:10.0039 1004 ql40xx - ok
10:05:10.0085 1004 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:05:10.0085 1004 QWAVE - ok
10:05:10.0148 1004 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:05:10.0148 1004 QWAVEdrv - ok
10:05:10.0179 1004 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:05:10.0179 1004 RasAcd - ok
10:05:10.0210 1004 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:05:10.0210 1004 RasAgileVpn - ok
10:05:10.0241 1004 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:05:10.0241 1004 RasAuto - ok
10:05:10.0273 1004 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:05:10.0288 1004 Rasl2tp - ok
10:05:10.0304 1004 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
10:05:10.0304 1004 RasMan - ok
10:05:10.0351 1004 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:05:10.0351 1004 RasPppoe - ok
10:05:10.0351 1004 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:05:10.0351 1004 RasSstp - ok
10:05:10.0382 1004 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
10:05:10.0382 1004 rdbss - ok
10:05:10.0397 1004 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:05:10.0397 1004 rdpbus - ok
10:05:10.0429 1004 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:05:10.0429 1004 RDPCDD - ok
10:05:10.0460 1004 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:05:10.0460 1004 RDPENCDD - ok
10:05:10.0491 1004 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:05:10.0491 1004 RDPREFMP - ok
10:05:10.0522 1004 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
10:05:10.0522 1004 RDPWD - ok
10:05:10.0553 1004 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
10:05:10.0553 1004 rdyboost - ok
10:05:10.0585 1004 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:05:10.0600 1004 RemoteAccess - ok
10:05:10.0616 1004 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:05:10.0631 1004 RemoteRegistry - ok
10:05:10.0678 1004 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:05:10.0678 1004 RFCOMM - ok
10:05:10.0772 1004 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:05:10.0787 1004 RichVideo - ok
10:05:10.0865 1004 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:05:10.0865 1004 RpcEptMapper - ok
10:05:10.0897 1004 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:05:10.0897 1004 RpcLocator - ok
10:05:10.0928 1004 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
10:05:10.0928 1004 RpcSs - ok
10:05:10.0959 1004 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:05:10.0959 1004 rspndr - ok
10:05:10.0990 1004 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:10.0990 1004 SamSs - ok
10:05:11.0006 1004 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
10:05:11.0006 1004 sbp2port - ok
10:05:11.0053 1004 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:05:11.0053 1004 SCardSvr - ok
10:05:11.0068 1004 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
10:05:11.0084 1004 scfilter - ok
10:05:11.0131 1004 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
10:05:11.0146 1004 Schedule - ok
10:05:11.0162 1004 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:05:11.0162 1004 SCPolicySvc - ok
10:05:11.0209 1004 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
10:05:11.0209 1004 SDRSVC - ok
10:05:11.0240 1004 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:05:11.0240 1004 secdrv - ok
10:05:11.0271 1004 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
10:05:11.0271 1004 seclogon - ok
10:05:11.0287 1004 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
10:05:11.0302 1004 SENS - ok
10:05:11.0318 1004 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:05:11.0318 1004 SensrSvc - ok
10:05:11.0365 1004 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:05:11.0365 1004 Serenum - ok
10:05:11.0380 1004 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:05:11.0380 1004 Serial - ok
10:05:11.0396 1004 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:05:11.0396 1004 sermouse - ok
10:05:11.0443 1004 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
10:05:11.0458 1004 SessionEnv - ok
10:05:11.0474 1004 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
10:05:11.0474 1004 sffdisk - ok
10:05:11.0521 1004 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:05:11.0521 1004 sffp_mmc - ok
10:05:11.0536 1004 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:05:11.0536 1004 sffp_sd - ok
10:05:11.0552 1004 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:05:11.0552 1004 sfloppy - ok
10:05:11.0614 1004 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:05:11.0630 1004 SharedAccess - ok
10:05:11.0661 1004 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
10:05:11.0677 1004 ShellHWDetection - ok
10:05:11.0755 1004 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
10:05:11.0755 1004 SiSGbeLH - ok
10:05:11.0786 1004 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:05:11.0786 1004 SiSRaid2 - ok
10:05:11.0833 1004 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:05:11.0833 1004 SiSRaid4 - ok
10:05:11.0911 1004 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:05:11.0911 1004 Smb - ok
10:05:11.0957 1004 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:05:11.0957 1004 SNMPTRAP - ok
10:05:12.0035 1004 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
10:05:12.0051 1004 SNP2UVC - ok
10:05:12.0160 1004 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
10:05:12.0160 1004 SolidWorks Licensing Service - ok
10:05:12.0223 1004 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:05:12.0223 1004 spldr - ok
10:05:12.0285 1004 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
10:05:12.0285 1004 Spooler - ok
10:05:12.0363 1004 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
10:05:12.0379 1004 sppsvc - ok
10:05:12.0410 1004 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:05:12.0410 1004 sppuinotify - ok
10:05:12.0519 1004 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SRTSP64.SYS
10:05:12.0535 1004 SRTSP - ok
10:05:12.0675 1004 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NAVx64\1306020.00A\SRTSPX64.SYS
10:05:12.0675 1004 SRTSPX - ok
10:05:12.0769 1004 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
10:05:12.0769 1004 srv - ok
10:05:12.0800 1004 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
10:05:12.0815 1004 srv2 - ok
10:05:12.0847 1004 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
10:05:12.0847 1004 srvnet - ok
10:05:12.0956 1004 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:05:12.0956 1004 SSDPSRV - ok
10:05:12.0971 1004 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:05:12.0971 1004 SstpSvc - ok
10:05:13.0049 1004 Stereo Service (9029786ee426ce2a01e1d8d4c493c363) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:05:13.0049 1004 Stereo Service - ok
10:05:13.0112 1004 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:05:13.0112 1004 stexstor - ok
10:05:13.0159 1004 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
10:05:13.0159 1004 stisvc - ok
10:05:13.0174 1004 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:05:13.0190 1004 swenum - ok
10:05:13.0221 1004 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:05:13.0221 1004 swprv - ok
10:05:13.0346 1004 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYMDS64.SYS
10:05:13.0346 1004 SymDS - ok
10:05:13.0517 1004 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYMEFA64.SYS
10:05:13.0517 1004 SymEFA - ok
10:05:13.0611 1004 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:05:13.0611 1004 SymEvent - ok
10:05:13.0705 1004 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1306020.00A\Ironx64.SYS
10:05:13.0705 1004 SymIRON - ok
10:05:13.0861 1004 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SYMNETS.SYS
10:05:13.0861 1004 SymNetS - ok
10:05:13.0923 1004 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
10:05:13.0939 1004 SysMain - ok
10:05:13.0970 1004 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
10:05:13.0970 1004 TabletInputService - ok
10:05:14.0001 1004 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
10:05:14.0001 1004 TapiSrv - ok

****************** 2nd TDSSKILLER Report ********************
***************** second third of that report *******************


10:05:14.0032 1004 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:05:14.0032 1004 TBS - ok
10:05:14.0126 1004 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
10:05:14.0126 1004 Tcpip - ok
10:05:14.0188 1004 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
10:05:14.0188 1004 TCPIP6 - ok
10:05:14.0219 1004 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
10:05:14.0219 1004 tcpipreg - ok
10:05:14.0266 1004 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:05:14.0266 1004 TDPIPE - ok
10:05:14.0282 1004 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:05:14.0282 1004 TDTCP - ok
10:05:14.0313 1004 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
10:05:14.0329 1004 tdx - ok
10:05:14.0360 1004 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
10:05:14.0360 1004 TermDD - ok
10:05:14.0391 1004 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
10:05:14.0407 1004 TermService - ok
10:05:14.0438 1004 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:05:14.0438 1004 Themes - ok
10:05:14.0469 1004 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:05:14.0469 1004 THREADORDER - ok
10:05:14.0516 1004 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:05:14.0516 1004 TrkWks - ok
10:05:14.0563 1004 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
10:05:14.0563 1004 TrustedInstaller - ok
10:05:14.0625 1004 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:05:14.0625 1004 tssecsrv - ok
10:05:14.0672 1004 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
10:05:14.0672 1004 tunnel - ok
10:05:14.0703 1004 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
10:05:14.0703 1004 TurboB - ok
10:05:14.0734 1004 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:05:14.0734 1004 TurboBoost - ok
10:05:14.0812 1004 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:05:14.0812 1004 uagp35 - ok
10:05:14.0843 1004 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
10:05:14.0843 1004 udfs - ok
10:05:14.0890 1004 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:05:14.0890 1004 UI0Detect - ok
10:05:14.0921 1004 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:05:14.0921 1004 uliagpkx - ok
10:05:14.0953 1004 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
10:05:14.0953 1004 umbus - ok
10:05:14.0984 1004 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:05:14.0984 1004 UmPass - ok
10:05:15.0077 1004 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:05:15.0093 1004 UNS - ok
10:05:15.0171 1004 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:05:15.0171 1004 upnphost - ok
10:05:15.0218 1004 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
10:05:15.0218 1004 USBAAPL64 - ok
10:05:15.0249 1004 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
10:05:15.0249 1004 usbccgp - ok
10:05:15.0327 1004 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
10:05:15.0327 1004 usbcir - ok
10:05:15.0358 1004 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
10:05:15.0374 1004 usbehci - ok
10:05:15.0467 1004 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
10:05:15.0467 1004 usbhub - ok
10:05:15.0483 1004 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
10:05:15.0483 1004 usbohci - ok
10:05:15.0530 1004 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:05:15.0530 1004 usbprint - ok
10:05:15.0561 1004 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:05:15.0561 1004 USBSTOR - ok
10:05:15.0608 1004 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
10:05:15.0608 1004 usbuhci - ok
10:05:15.0701 1004 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
10:05:15.0701 1004 usbvideo - ok
10:05:15.0733 1004 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:05:15.0733 1004 UxSms - ok
10:05:15.0764 1004 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:05:15.0764 1004 VaultSvc - ok
10:05:15.0811 1004 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:05:15.0811 1004 vdrvroot - ok
10:05:15.0857 1004 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
10:05:15.0857 1004 vds - ok
10:05:15.0904 1004 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:05:15.0904 1004 vga - ok
10:05:15.0935 1004 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:05:15.0935 1004 VgaSave - ok
10:05:15.0951 1004 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
10:05:15.0951 1004 vhdmp - ok
10:05:15.0982 1004 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
10:05:15.0982 1004 viaide - ok
10:05:16.0045 1004 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe
10:05:16.0045 1004 VideAceWindowsService - ok
10:05:16.0138 1004 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
10:05:16.0138 1004 volmgr - ok
10:05:16.0154 1004 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
10:05:16.0154 1004 volmgrx - ok
10:05:16.0201 1004 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
10:05:16.0201 1004 volsnap - ok
10:05:16.0294 1004 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:05:16.0294 1004 vsmraid - ok
10:05:16.0357 1004 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
10:05:16.0372 1004 VSS - ok
10:05:16.0388 1004 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:05:16.0388 1004 vwifibus - ok
10:05:16.0419 1004 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:05:16.0419 1004 vwififlt - ok
10:05:16.0481 1004 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:05:16.0481 1004 vwifimp - ok
10:05:16.0513 1004 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:05:16.0528 1004 W32Time - ok
10:05:16.0544 1004 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:05:16.0544 1004 WacomPen - ok
10:05:16.0622 1004 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:05:16.0622 1004 WANARP - ok
10:05:16.0637 1004 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:05:16.0637 1004 Wanarpv6 - ok
10:05:16.0731 1004 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:05:16.0747 1004 WatAdminSvc - ok
10:05:16.0809 1004 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
10:05:16.0809 1004 wbengine - ok
10:05:16.0856 1004 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:05:16.0856 1004 WbioSrvc - ok
10:05:16.0903 1004 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
10:05:16.0903 1004 wcncsvc - ok
10:05:16.0949 1004 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:05:16.0949 1004 WcsPlugInService - ok
10:05:16.0981 1004 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:05:16.0981 1004 Wd - ok
10:05:17.0027 1004 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:05:17.0027 1004 Wdf01000 - ok
10:05:17.0043 1004 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:05:17.0043 1004 WdiServiceHost - ok
10:05:17.0059 1004 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:05:17.0059 1004 WdiSystemHost - ok
10:05:17.0105 1004 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
10:05:17.0105 1004 WebClient - ok
10:05:17.0137 1004 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:05:17.0137 1004 Wecsvc - ok
10:05:17.0168 1004 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:05:17.0168 1004 wercplsupport - ok
10:05:17.0215 1004 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:05:17.0215 1004 WerSvc - ok
10:05:17.0261 1004 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:05:17.0261 1004 WfpLwf - ok
10:05:17.0293 1004 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
10:05:17.0293 1004 WimFltr - ok
10:05:17.0324 1004 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:05:17.0324 1004 WIMMount - ok
10:05:17.0355 1004 WinDefend - ok
10:05:17.0386 1004 WinHttpAutoProxySvc - ok
10:05:17.0480 1004 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:05:17.0480 1004 Winmgmt - ok
10:05:17.0542 1004 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
10:05:17.0558 1004 WinRM - ok
10:05:17.0667 1004 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
10:05:17.0667 1004 WinUsb - ok
10:05:17.0714 1004 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:05:17.0729 1004 Wlansvc - ok
10:05:17.0745 1004 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:05:17.0745 1004 WmiAcpi - ok
10:05:17.0839 1004 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:05:17.0839 1004 wmiApSrv - ok
10:05:17.0885 1004 WMPNetworkSvc - ok
10:05:17.0948 1004 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:05:17.0948 1004 WPCSvc - ok
10:05:17.0979 1004 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
10:05:17.0979 1004 WPDBusEnum - ok
10:05:18.0010 1004 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:05:18.0010 1004 ws2ifsl - ok
10:05:18.0119 1004 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
10:05:18.0119 1004 wscsvc - ok
10:05:18.0166 1004 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:05:18.0166 1004 WSDPrintDevice - ok
10:05:18.0182 1004 WSearch - ok
10:05:18.0244 1004 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
10:05:18.0260 1004 wuauserv - ok
10:05:18.0307 1004 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
10:05:18.0307 1004 WudfPf - ok
10:05:18.0400 1004 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:05:18.0400 1004 WUDFRd - ok
10:05:18.0431 1004 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
10:05:18.0431 1004 wudfsvc - ok
10:05:18.0447 1004 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:05:18.0447 1004 WwanSvc - ok
10:05:18.0494 1004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:05:18.0556 1004 \Device\Harddisk0\DR0 - ok
10:05:18.0572 1004 Boot (0x1200) (f4e459cb895541dfb8a8d76022aa4b82) \Device\Harddisk0\DR0\Partition0
10:05:18.0572 1004 \Device\Harddisk0\DR0\Partition0 - ok
10:05:18.0587 1004 Boot (0x1200) (f7b2733a3145a7ead44f1427131703a1) \Device\Harddisk0\DR0\Partition1
10:05:18.0587 1004 \Device\Harddisk0\DR0\Partition1 - ok
10:05:18.0587 1004 ============================================================
10:05:18.0587 1004 Scan finished
10:05:18.0587 1004 ============================================================
10:05:18.0587 1464 Detected object count: 0
10:05:18.0587 1464 Actual detected object count: 0
10:05:51.0675 1876 ============================================================
10:05:51.0675 1876 Scan started
10:05:51.0675 1876 Mode: Manual; SigCheck; TDLFS;
10:05:51.0675 1876 ============================================================
10:05:51.0909 1876 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
10:05:51.0956 1876 1394ohci - ok
10:05:52.0003 1876 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
10:05:52.0018 1876 ACPI - ok
10:05:52.0034 1876 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
10:05:52.0034 1876 AcpiPmi - ok
10:05:52.0127 1876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:05:52.0143 1876 adp94xx - ok
10:05:52.0190 1876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:05:52.0205 1876 adpahci - ok
10:05:52.0299 1876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:05:52.0315 1876 adpu320 - ok
10:05:52.0361 1876 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:05:52.0393 1876 AeLookupSvc - ok
10:05:52.0439 1876 AFBAgent (734d1ba96be6ad8d04e6afead569ea8a) C:\Windows\system32\FBAgent.exe
10:05:52.0455 1876 AFBAgent - ok
10:05:52.0502 1876 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
10:05:52.0517 1876 AFD - ok
10:05:52.0533 1876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
10:05:52.0549 1876 agp440 - ok
10:05:52.0595 1876 aksdf (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\DRIVERS\aksdf.sys
10:05:52.0611 1876 aksdf - ok
10:05:52.0689 1876 aksfridge (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
10:05:52.0689 1876 aksfridge - ok
10:05:52.0736 1876 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
10:05:52.0736 1876 akshasp - ok
10:05:52.0783 1876 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
10:05:52.0783 1876 akshhl - ok
10:05:52.0814 1876 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
10:05:52.0814 1876 aksusb - ok
10:05:52.0845 1876 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:05:52.0861 1876 ALG - ok
10:05:52.0907 1876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
10:05:52.0923 1876 aliide - ok
10:05:52.0939 1876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
10:05:52.0939 1876 amdide - ok
10:05:52.0970 1876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:05:52.0970 1876 AmdK8 - ok
10:05:53.0048 1876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:05:53.0063 1876 AmdPPM - ok
10:05:53.0095 1876 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
10:05:53.0110 1876 amdsata - ok
10:05:53.0141 1876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:05:53.0141 1876 amdsbs - ok
10:05:53.0204 1876 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
10:05:53.0204 1876 amdxata - ok
10:05:53.0235 1876 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
10:05:53.0235 1876 AmUStor - ok
10:05:53.0282 1876 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:05:53.0297 1876 AppID - ok
10:05:53.0313 1876 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:05:53.0360 1876 AppIDSvc - ok
10:05:53.0360 1876 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
10:05:53.0375 1876 Appinfo - ok
10:05:53.0453 1876 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:05:53.0469 1876 Apple Mobile Device - ok
10:05:53.0547 1876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:05:53.0547 1876 arc - ok
10:05:53.0578 1876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:05:53.0578 1876 arcsas - ok
10:05:53.0641 1876 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
10:05:53.0641 1876 ASLDRService - ok
10:05:53.0656 1876 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
10:05:53.0672 1876 ASMMAP64 - ok
10:05:53.0750 1876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:05:53.0781 1876 AsyncMac - ok
10:05:53.0812 1876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
10:05:53.0812 1876 atapi - ok
10:05:53.0921 1876 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
10:05:53.0937 1876 athr - ok
10:05:53.0999 1876 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
10:05:53.0999 1876 ATKGFNEXSrv - ok
10:05:54.0077 1876 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:05:54.0124 1876 AudioEndpointBuilder - ok
10:05:54.0140 1876 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
10:05:54.0187 1876 AudioSrv - ok
10:05:54.0218 1876 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
10:05:54.0233 1876 AxInstSV - ok
10:05:54.0280 1876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:05:54.0296 1876 b06bdrv - ok
10:05:54.0358 1876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:05:54.0374 1876 b57nd60a - ok
10:05:54.0452 1876 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:05:54.0467 1876 BBSvc - ok
10:05:54.0514 1876 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:05:54.0514 1876 BBUpdate - ok
10:05:54.0592 1876 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:05:54.0592 1876 BDESVC - ok
10:05:54.0639 1876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:05:54.0670 1876 Beep - ok
10:05:54.0764 1876 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
10:05:54.0795 1876 BFE - ok
10:05:54.0935 1876 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:05:54.0951 1876 BHDrvx64 - ok
10:05:55.0013 1876 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
10:05:55.0060 1876 BITS - ok
10:05:55.0107 1876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:05:55.0123 1876 blbdrive - ok
10:05:55.0201 1876 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:05:55.0216 1876 Bonjour Service - ok
10:05:55.0294 1876 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:05:55.0310 1876 bowser - ok
10:05:55.0357 1876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:05:55.0372 1876 BrFiltLo - ok
10:05:55.0388 1876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:05:55.0388 1876 BrFiltUp - ok
10:05:55.0419 1876 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:05:55.0450 1876 BridgeMP - ok
10:05:55.0481 1876 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
10:05:55.0513 1876 Browser - ok
10:05:55.0575 1876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:05:55.0575 1876 Brserid - ok
10:05:55.0606 1876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:05:55.0622 1876 BrSerWdm - ok
10:05:55.0637 1876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:05:55.0653 1876 BrUsbMdm - ok
10:05:55.0684 1876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:05:55.0684 1876 BrUsbSer - ok
10:05:55.0762 1876 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:05:55.0762 1876 BthEnum - ok
10:05:55.0825 1876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:05:55.0825 1876 BTHMODEM - ok
10:05:55.0856 1876 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:05:55.0871 1876 BthPan - ok
10:05:55.0934 1876 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
10:05:55.0949 1876 BTHPORT - ok
10:05:55.0996 1876 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:05:56.0027 1876 bthserv - ok
10:05:56.0059 1876 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
10:05:56.0059 1876 BTHUSB - ok
10:05:56.0105 1876 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
10:05:56.0105 1876 btusbflt - ok
10:05:56.0183 1876 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
10:05:56.0199 1876 btwaudio - ok
10:05:56.0230 1876 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
10:05:56.0230 1876 btwavdt - ok
10:05:56.0293 1876 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:05:56.0308 1876 btwdins - ok
10:05:56.0386 1876 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:05:56.0386 1876 btwl2cap - ok
10:05:56.0402 1876 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
10:05:56.0402 1876 btwrchid - ok
10:05:56.0464 1876 Cadence License Manager (647cd6b1ae2b42b7f27706a6a72e3ddc) C:\Cadence\LicenseManager\lmgrd.exe
10:05:56.0495 1876 Cadence License Manager - ok
10:05:56.0511 1876 catchme - ok
10:05:56.0636 1876 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306020.00A\ccSetx64.sys
10:05:56.0636 1876 ccSet_NAV - ok
10:05:56.0729 1876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:05:56.0776 1876 cdfs - ok
10:05:56.0792 1876 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:05:56.0807 1876 cdrom - ok
10:05:56.0823 1876 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:05:56.0870 1876 CertPropSvc - ok
10:05:56.0917 1876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:05:56.0932 1876 circlass - ok
10:05:56.0963 1876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:05:56.0979 1876 CLFS - ok
10:05:57.0041 1876 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:05:57.0041 1876 clr_optimization_v2.0.50727_32 - ok
10:05:57.0104 1876 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:05:57.0104 1876 clr_optimization_v2.0.50727_64 - ok
10:05:57.0182 1876 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:05:57.0197 1876 clr_optimization_v4.0.30319_32 - ok
10:05:57.0275 1876 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:05:57.0291 1876 clr_optimization_v4.0.30319_64 - ok
10:05:57.0369 1876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:05:57.0369 1876 CmBatt - ok
10:05:57.0431 1876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
10:05:57.0447 1876 cmdide - ok
10:05:57.0525 1876 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
10:05:57.0541 1876 CNG - ok
10:05:57.0587 1876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:05:57.0587 1876 Compbatt - ok
10:05:57.0665 1876 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:05:57.0681 1876 CompositeBus - ok
10:05:57.0697 1876 COMSysApp - ok
10:05:57.0712 1876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:05:57.0712 1876 crcdisk - ok
10:05:57.0759 1876 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
10:05:57.0790 1876 CryptSvc - ok
10:05:57.0821 1876 CYUSB (e9e37e84a5431b51cec9d4fd39534901) C:\Windows\system32\Drivers\CYUSB.sys
10:05:57.0837 1876 CYUSB - ok
10:05:57.0868 1876 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
10:05:57.0915 1876 DcomLaunch - ok
10:05:57.0946 1876 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:05:57.0977 1876 defragsvc - ok
10:05:58.0024 1876 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:05:58.0040 1876 DfsC - ok
10:05:58.0102 1876 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
10:05:58.0118 1876 Dhcp - ok
10:05:58.0165 1876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:05:58.0211 1876 discache - ok
10:05:58.0289 1876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:05:58.0305 1876 Disk - ok
10:05:58.0352 1876 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
10:05:58.0367 1876 Dnscache - ok
10:05:58.0430 1876 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
10:05:58.0477 1876 dot3svc - ok
10:05:58.0492 1876 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
10:05:58.0523 1876 DPS - ok
10:05:58.0570 1876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:05:58.0586 1876 drmkaud - ok
10:05:58.0648 1876 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:05:58.0664 1876 DXGKrnl - ok
10:05:58.0742 1876 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:05:58.0773 1876 EapHost - ok
10:05:58.0867 1876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:05:58.0913 1876 ebdrv - ok
10:05:59.0007 1876 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:05:59.0023 1876 eeCtrl - ok
10:05:59.0085 1876 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
10:05:59.0101 1876 EFS - ok
10:05:59.0163 1876 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
10:05:59.0179 1876 ehRecvr - ok
10:05:59.0225 1876 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:05:59.0225 1876 ehSched - ok
10:05:59.0303 1876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:05:59.0319 1876 elxstor - ok
10:05:59.0350 1876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
10:05:59.0366 1876 ErrDev - ok
10:05:59.0381 1876 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
10:05:59.0397 1876 ETD - ok
10:05:59.0475 1876 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:05:59.0522 1876 EventSystem - ok
10:05:59.0553 1876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:05:59.0600 1876 exfat - ok
10:05:59.0631 1876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:05:59.0662 1876 fastfat - ok
10:05:59.0709 1876 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
10:05:59.0725 1876 Fax - ok
10:05:59.0771 1876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:05:59.0787 1876 fdc - ok
10:05:59.0803 1876 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:05:59.0834 1876 fdPHost - ok
10:05:59.0849 1876 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:05:59.0881 1876 FDResPub - ok
10:05:59.0959 1876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:05:59.0959 1876 FileInfo - ok
10:05:59.0990 1876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:06:00.0021 1876 Filetrace - ok
10:06:00.0037 1876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:06:00.0037 1876 flpydisk - ok
10:06:00.0068 1876 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:06:00.0083 1876 FltMgr - ok
10:06:00.0115 1876 FLxHCIc (480e31b064e6f7b4eaab8b00437298b6) C:\Windows\system32\DRIVERS\FLxHCIc.sys
10:06:00.0115 1876 FLxHCIc - ok
10:06:00.0146 1876 FLxHCIh (e9cf4c5a0c31197351f89a1df4522b96) C:\Windows\system32\DRIVERS\FLxHCIh.sys
10:06:00.0146 1876 FLxHCIh - ok
10:06:00.0208 1876 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
10:06:00.0224 1876 FontCache - ok
10:06:00.0302 1876 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:06:00.0302 1876 FontCache3.0.0.0 - ok
10:06:00.0364 1876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:06:00.0364 1876 FsDepends - ok
10:06:00.0395 1876 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
10:06:00.0411 1876 fssfltr - ok
10:06:00.0473 1876 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:06:00.0489 1876 fsssvc - ok
10:06:00.0551 1876 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:06:00.0551 1876 Fs_Rec - ok
10:06:00.0598 1876 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:06:00.0614 1876 fvevol - ok
10:06:00.0645 1876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:06:00.0661 1876 gagp30kx - ok
10:06:00.0676 1876 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:06:00.0676 1876 GEARAspiWDM - ok
10:06:00.0739 1876 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
10:06:00.0754 1876 gpsvc - ok
10:06:00.0832 1876 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:00.0848 1876 gupdate - ok
10:06:00.0863 1876 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:00.0863 1876 gupdatem - ok
10:06:00.0895 1876 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:06:00.0895 1876 gusvc - ok
10:06:00.0988 1876 Hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
10:06:01.0004 1876 Hardlock - ok
10:06:01.0019 1876 hasplms - ok
10:06:01.0066 1876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:06:01.0066 1876 hcw85cir - ok
10:06:01.0129 1876 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:06:01.0144 1876 HdAudAddService - ok
10:06:01.0175 1876 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:06:01.0191 1876 HDAudBus - ok
10:06:01.0269 1876 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:06:01.0285 1876 HECIx64 - ok
10:06:01.0300 1876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:06:01.0300 1876 HidBatt - ok
10:06:01.0331 1876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:06:01.0347 1876 HidBth - ok
10:06:01.0378 1876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:06:01.0394 1876 HidIr - ok
10:06:01.0425 1876 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:06:01.0456 1876 hidserv - ok
10:06:01.0487 1876 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:06:01.0503 1876 HidUsb - ok
10:06:01.0534 1876 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
10:06:01.0581 1876 hkmsvc - ok
10:06:01.0612 1876 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
10:06:01.0628 1876 HomeGroupListener - ok
10:06:01.0659 1876 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
10:06:01.0675 1876 HomeGroupProvider - ok
10:06:01.0706 1876 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:06:01.0721 1876 HpSAMD - ok
10:06:01.0753 1876 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:06:01.0784 1876 HTTP - ok
10:06:01.0815 1876 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:06:01.0831 1876 hwpolicy - ok
10:06:01.0877 1876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:06:01.0893 1876 i8042prt - ok
10:06:01.0940 1876 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
10:06:01.0940 1876 iaStor - ok
10:06:02.0049 1876 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
10:06:02.0065 1876 iaStorV - ok
10:06:02.0111 1876 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:06:02.0127 1876 idsvc - ok
10:06:02.0283 1876 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120327.002\IDSvia64.sys
10:06:02.0283 1876 IDSVia64 - ok
10:06:02.0361 1876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:06:02.0361 1876 iirsp - ok
10:06:02.0423 1876 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
10:06:02.0455 1876 IKEEXT - ok
10:06:02.0533 1876 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
10:06:02.0579 1876 IntcAzAudAddService - ok
10:06:02.0611 1876 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
10:06:02.0611 1876 intelide - ok
10:06:02.0642 1876 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:06:02.0642 1876 intelppm - ok
10:06:02.0704 1876 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:06:02.0735 1876 IPBusEnum - ok
10:06:02.0767 1876 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:06:02.0798 1876 IpFilterDriver - ok
10:06:02.0829 1876 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
10:06:02.0876 1876 iphlpsvc - ok
10:06:02.0891 1876 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:06:02.0907 1876 IPMIDRV - ok
10:06:02.0923 1876 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:06:02.0954 1876 IPNAT - ok
10:06:03.0016 1876 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe
10:06:03.0047 1876 iPod Service - ok
10:06:03.0110 1876 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:06:03.0125 1876 IRENUM - ok
10:06:03.0141 1876 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
10:06:03.0157 1876 isapnp - ok
10:06:03.0188 1876 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
10:06:03.0188 1876 iScsiPrt - ok
10:06:03.0219 1876 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:06:03.0219 1876 kbdclass - ok
10:06:03.0235 1876 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
10:06:03.0250 1876 kbdhid - ok
10:06:03.0281 1876 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
10:06:03.0281 1876 kbfiltr - ok
10:06:03.0313 1876 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:06:03.0313 1876 KeyIso - ok
10:06:03.0344 1876 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
10:06:03.0359 1876 KSecDD - ok
10:06:03.0375 1876 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
10:06:03.0375 1876 KSecPkg - ok
10:06:03.0391 1876 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:06:03.0437 1876 ksthunk - ok
10:06:03.0453 1876 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:06:03.0500 1876 KtmRm - ok
10:06:03.0515 1876 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
10:06:03.0531 1876 L1C - ok
10:06:03.0562 1876 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
10:06:03.0578 1876 LanmanServer - ok
10:06:03.0609 1876 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
10:06:03.0640 1876 LanmanWorkstation - ok
10:06:03.0671 1876 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:06:03.0703 1876 lltdio - ok
10:06:03.0734 1876 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:06:03.0765 1876 lltdsvc - ok
10:06:03.0781 1876 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:06:03.0812 1876 lmhosts - ok
10:06:03.0890 1876 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:06:03.0890 1876 LMS ( UnsignedFile.Multi.Generic ) - warning
10:06:03.0890 1876 LMS - detected UnsignedFile.Multi.Generic (1)
10:06:03.0968 1876 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:06:03.0968 1876 LSI_FC - ok
10:06:03.0983 1876 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:06:03.0999 1876 LSI_SAS - ok
10:06:04.0015 1876 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:06:04.0030 1876 LSI_SAS2 - ok
10:06:04.0046 1876 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:06:04.0061 1876 LSI_SCSI - ok
10:06:04.0077 1876 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:06:04.0124 1876 luafv - ok
10:06:04.0139 1876 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
10:06:04.0155 1876 Mcx2Svc - ok
10:06:04.0186 1876 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:06:04.0186 1876 megasas - ok
10:06:04.0217 1876 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:06:04.0233 1876 MegaSR - ok
10:06:04.0327 1876 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:06:04.0327 1876 Microsoft Office Groove Audit Service - ok
10:06:04.0405 1876 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

*********************** second TDSSKILLER Report ***************
***************** last third of the report **********************


10:06:04.0436 1876 MMCSS - ok
10:06:04.0467 1876 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:06:04.0498 1876 Modem - ok
10:06:04.0514 1876 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:06:04.0529 1876 monitor - ok
10:06:04.0545 1876 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:06:04.0561 1876 mouclass - ok
10:06:04.0561 1876 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:06:04.0576 1876 mouhid - ok
10:06:04.0592 1876 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
10:06:04.0607 1876 mountmgr - ok
10:06:04.0623 1876 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
10:06:04.0639 1876 mpio - ok
10:06:04.0654 1876 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:06:04.0685 1876 mpsdrv - ok
10:06:04.0732 1876 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
10:06:04.0763 1876 MpsSvc - ok
10:06:04.0810 1876 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
10:06:04.0826 1876 MRxDAV - ok
10:06:04.0857 1876 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:06:04.0873 1876 mrxsmb - ok
10:06:04.0904 1876 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:06:04.0919 1876 mrxsmb10 - ok
10:06:05.0013 1876 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:06:05.0013 1876 mrxsmb20 - ok
10:06:05.0044 1876 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
10:06:05.0060 1876 msahci - ok
10:06:05.0107 1876 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
10:06:05.0122 1876 msdsm - ok
10:06:05.0153 1876 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:06:05.0169 1876 MSDTC - ok
10:06:05.0216 1876 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:06:05.0247 1876 Msfs - ok
10:06:05.0263 1876 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:06:05.0294 1876 mshidkmdf - ok
10:06:05.0309 1876 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
10:06:05.0325 1876 msisadrv - ok
10:06:05.0356 1876 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:06:05.0387 1876 MSiSCSI - ok
10:06:05.0387 1876 msiserver - ok
10:06:05.0434 1876 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:06:05.0465 1876 MSKSSRV - ok
10:06:05.0481 1876 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:06:05.0528 1876 MSPCLOCK - ok
10:06:05.0528 1876 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:06:05.0559 1876 MSPQM - ok
10:06:05.0590 1876 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
10:06:05.0606 1876 MsRPC - ok
10:06:05.0621 1876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:06:05.0637 1876 mssmbios - ok
10:06:05.0653 1876 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:06:05.0684 1876 MSTEE - ok
10:06:05.0715 1876 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:06:05.0715 1876 MTConfig - ok
10:06:05.0746 1876 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
10:06:05.0762 1876 MTsensor - ok
10:06:05.0824 1876 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:06:05.0824 1876 Mup - ok
10:06:05.0855 1876 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
10:06:05.0902 1876 napagent - ok
10:06:05.0949 1876 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:06:05.0965 1876 NativeWifiP - ok
10:06:06.0121 1876 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe
10:06:06.0136 1876 NAV - ok
10:06:06.0245 1876 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120328.002\ENG64.SYS
10:06:06.0261 1876 NAVENG - ok
10:06:06.0308 1876 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120328.002\EX64.SYS
10:06:06.0355 1876 NAVEX15 - ok
10:06:06.0448 1876 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
10:06:06.0464 1876 NDIS - ok
10:06:06.0479 1876 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:06:06.0511 1876 NdisCap - ok
10:06:06.0542 1876 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:06:06.0573 1876 NdisTapi - ok
10:06:06.0589 1876 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
10:06:06.0620 1876 Ndisuio - ok
10:06:06.0651 1876 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:06:06.0682 1876 NdisWan - ok
10:06:06.0698 1876 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
10:06:06.0745 1876 NDProxy - ok
10:06:06.0760 1876 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:06:06.0791 1876 NetBIOS - ok
10:06:06.0807 1876 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
10:06:06.0854 1876 NetBT - ok
10:06:06.0869 1876 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:06:06.0885 1876 Netlogon - ok
10:06:06.0916 1876 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:06:06.0947 1876 Netman - ok
10:06:06.0979 1876 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:06:07.0010 1876 netprofm - ok
10:06:07.0072 1876 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:06:07.0072 1876 NetTcpPortSharing - ok
10:06:07.0135 1876 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:06:07.0150 1876 nfrd960 - ok
10:06:07.0197 1876 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
10:06:07.0228 1876 NlaSvc - ok
10:06:07.0306 1876 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:06:07.0353 1876 Npfs - ok
10:06:07.0369 1876 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:06:07.0400 1876 nsi - ok
10:06:07.0415 1876 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:06:07.0462 1876 nsiproxy - ok
10:06:07.0525 1876 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
10:06:07.0556 1876 Ntfs - ok
10:06:07.0587 1876 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:06:07.0618 1876 Null - ok
10:06:07.0649 1876 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
10:06:07.0649 1876 NVHDA - ok
10:06:07.0899 1876 nvlddmkm (240e2667aa8a63bcdf253c11a44c465c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:06:08.0086 1876 nvlddmkm - ok
10:06:08.0102 1876 nvpciflt (7e11307e8e48ee6ff73faca6c62e3be4) C:\Windows\system32\DRIVERS\nvpciflt.sys
10:06:08.0102 1876 nvpciflt - ok
10:06:08.0149 1876 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
10:06:08.0164 1876 nvraid - ok
10:06:08.0195 1876 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
10:06:08.0211 1876 nvstor - ok
10:06:08.0242 1876 nvsvc (7d77a2b349017a7b9eaef105a22e8b36) C:\Windows\system32\nvvsvc.exe
10:06:08.0258 1876 nvsvc - ok
10:06:08.0336 1876 nvUpdatusService (e0ecb3c5c905b4942d3740373605a31a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:06:08.0367 1876 nvUpdatusService - ok
10:06:08.0445 1876 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
10:06:08.0445 1876 nv_agp - ok
10:06:08.0570 1876 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:06:08.0570 1876 odserv - ok
10:06:08.0648 1876 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
10:06:08.0663 1876 ohci1394 - ok
10:06:08.0726 1876 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:06:08.0741 1876 ose - ok
10:06:08.0804 1876 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:06:08.0819 1876 p2pimsvc - ok
10:06:08.0851 1876 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:06:08.0866 1876 p2psvc - ok
10:06:08.0897 1876 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:06:08.0913 1876 Parport - ok
10:06:08.0929 1876 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
10:06:08.0929 1876 partmgr - ok
10:06:08.0960 1876 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:06:08.0975 1876 PcaSvc - ok
10:06:09.0038 1876 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
10:06:09.0053 1876 pci - ok
10:06:09.0069 1876 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:06:09.0069 1876 pciide - ok
10:06:09.0085 1876 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:06:09.0100 1876 pcmcia - ok
10:06:09.0116 1876 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:06:09.0131 1876 pcw - ok
10:06:09.0225 1876 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:06:09.0256 1876 PEAUTH - ok
10:06:09.0303 1876 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:06:09.0319 1876 PerfHost - ok
10:06:09.0397 1876 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
10:06:09.0443 1876 pla - ok
10:06:09.0490 1876 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
10:06:09.0506 1876 PlugPlay - ok
10:06:09.0521 1876 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:06:09.0537 1876 PNRPAutoReg - ok
10:06:09.0553 1876 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:06:09.0568 1876 PNRPsvc - ok
10:06:09.0599 1876 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
10:06:09.0646 1876 PolicyAgent - ok
10:06:09.0677 1876 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:06:09.0709 1876 Power - ok
10:06:09.0755 1876 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
10:06:09.0787 1876 PptpMiniport - ok
10:06:09.0802 1876 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:06:09.0818 1876 Processor - ok
10:06:09.0833 1876 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
10:06:09.0880 1876 ProfSvc - ok
10:06:09.0911 1876 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:06:09.0911 1876 ProtectedStorage - ok
10:06:09.0943 1876 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
10:06:09.0989 1876 Psched - ok
10:06:10.0036 1876 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:06:10.0067 1876 ql2300 - ok
10:06:10.0083 1876 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:06:10.0099 1876 ql40xx - ok
10:06:10.0192 1876 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:06:10.0208 1876 QWAVE - ok
10:06:10.0239 1876 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:06:10.0255 1876 QWAVEdrv - ok
10:06:10.0270 1876 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:06:10.0301 1876 RasAcd - ok
10:06:10.0333 1876 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:06:10.0364 1876 RasAgileVpn - ok
10:06:10.0379 1876 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:06:10.0426 1876 RasAuto - ok
10:06:10.0457 1876 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:06:10.0489 1876 Rasl2tp - ok
10:06:10.0520 1876 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
10:06:10.0551 1876 RasMan - ok
10:06:10.0613 1876 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:06:10.0645 1876 RasPppoe - ok
10:06:10.0645 1876 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:06:10.0691 1876 RasSstp - ok
10:06:10.0707 1876 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
10:06:10.0754 1876 rdbss - ok
10:06:10.0769 1876 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:06:10.0785 1876 rdpbus - ok
10:06:10.0785 1876 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:06:10.0832 1876 RDPCDD - ok
10:06:10.0847 1876 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:06:10.0879 1876 RDPENCDD - ok
10:06:10.0894 1876 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:06:10.0925 1876 RDPREFMP - ok
10:06:10.0957 1876 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
10:06:10.0988 1876 RDPWD - ok
10:06:11.0019 1876 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
10:06:11.0019 1876 rdyboost - ok
10:06:11.0050 1876 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:06:11.0081 1876 RemoteAccess - ok
10:06:11.0113 1876 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:06:11.0144 1876 RemoteRegistry - ok
10:06:11.0175 1876 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:06:11.0191 1876 RFCOMM - ok
10:06:11.0269 1876 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:06:11.0284 1876 RichVideo - ok
10:06:11.0347 1876 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:06:11.0378 1876 RpcEptMapper - ok
10:06:11.0409 1876 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:06:11.0425 1876 RpcLocator - ok
10:06:11.0456 1876 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
10:06:11.0503 1876 RpcSs - ok
10:06:11.0534 1876 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:06:11.0565 1876 rspndr - ok
10:06:11.0596 1876 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:06:11.0612 1876 SamSs - ok
10:06:11.0674 1876 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
10:06:11.0674 1876 sbp2port - ok
10:06:11.0721 1876 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:06:11.0752 1876 SCardSvr - ok
10:06:11.0799 1876 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
10:06:11.0830 1876 scfilter - ok
10:06:11.0893 1876 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
10:06:11.0908 1876 Schedule - ok
10:06:11.0939 1876 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
10:06:11.0971 1876 SCPolicySvc - ok
10:06:12.0002 1876 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
10:06:12.0002 1876 SDRSVC - ok
10:06:12.0033 1876 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:06:12.0064 1876 secdrv - ok
10:06:12.0095 1876 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
10:06:12.0127 1876 seclogon - ok
10:06:12.0142 1876 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
10:06:12.0173 1876 SENS - ok
10:06:12.0189 1876 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:06:12.0205 1876 SensrSvc - ok
10:06:12.0236 1876 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:06:12.0251 1876 Serenum - ok
10:06:12.0267 1876 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:06:12.0283 1876 Serial - ok
10:06:12.0298 1876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:06:12.0314 1876 sermouse - ok
10:06:12.0329 1876 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
10:06:12.0376 1876 SessionEnv - ok
10:06:12.0407 1876 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
10:06:12.0423 1876 sffdisk - ok
10:06:12.0439 1876 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:06:12.0454 1876 sffp_mmc - ok
10:06:12.0470 1876 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:06:12.0485 1876 sffp_sd - ok
10:06:12.0501 1876 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:06:12.0501 1876 sfloppy - ok
10:06:12.0595 1876 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:06:12.0626 1876 SharedAccess - ok
10:06:12.0673 1876 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
10:06:12.0688 1876 ShellHWDetection - ok
10:06:12.0719 1876 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
10:06:12.0735 1876 SiSGbeLH - ok
10:06:12.0751 1876 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:06:12.0751 1876 SiSRaid2 - ok
10:06:12.0782 1876 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:06:12.0782 1876 SiSRaid4 - ok
10:06:12.0797 1876 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:06:12.0844 1876 Smb - ok
10:06:12.0907 1876 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:06:12.0922 1876 SNMPTRAP - ok
10:06:12.0985 1876 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
10:06:13.0016 1876 SNP2UVC - ok
10:06:13.0109 1876 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
10:06:13.0109 1876 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:06:13.0109 1876 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:06:13.0187 1876 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:06:13.0203 1876 spldr - ok
10:06:13.0234 1876 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
10:06:13.0250 1876 Spooler - ok
10:06:13.0328 1876 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
10:06:13.0375 1876 sppsvc - ok
10:06:13.0406 1876 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:06:13.0437 1876 sppuinotify - ok
10:06:13.0531 1876 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SRTSP64.SYS
10:06:13.0546 1876 SRTSP - ok
10:06:13.0687 1876 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NAVx64\1306020.00A\SRTSPX64.SYS
10:06:13.0687 1876 SRTSPX - ok
10:06:13.0796 1876 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
10:06:13.0811 1876 srv - ok
10:06:13.0843 1876 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
10:06:13.0858 1876 srv2 - ok
10:06:13.0921 1876 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
10:06:13.0936 1876 srvnet - ok
10:06:13.0967 1876 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:06:13.0999 1876 SSDPSRV - ok
10:06:14.0030 1876 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:06:14.0061 1876 SstpSvc - ok
10:06:14.0139 1876 Stereo Service (9029786ee426ce2a01e1d8d4c493c363) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:06:14.0139 1876 Stereo Service - ok
10:06:14.0217 1876 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:06:14.0217 1876 stexstor - ok
10:06:14.0264 1876 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
10:06:14.0279 1876 stisvc - ok
10:06:14.0295 1876 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:06:14.0311 1876 swenum - ok
10:06:14.0342 1876 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:06:14.0389 1876 swprv - ok
10:06:14.0482 1876 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYMDS64.SYS
10:06:14.0498 1876 SymDS - ok
10:06:14.0654 1876 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYMEFA64.SYS
10:06:14.0669 1876 SymEFA - ok
10:06:14.0763 1876 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:06:14.0763 1876 SymEvent - ok
10:06:14.0841 1876 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1306020.00A\Ironx64.SYS
10:06:14.0841 1876 SymIRON - ok
10:06:14.0935 1876 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SYMNETS.SYS
10:06:14.0950 1876 SymNetS - ok
10:06:15.0184 1876 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
10:06:15.0215 1876 SysMain - ok
10:06:15.0309 1876 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
10:06:15.0325 1876 TabletInputService - ok
10:06:15.0387 1876 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
10:06:15.0418 1876 TapiSrv - ok
10:06:15.0449 1876 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:06:15.0481 1876 TBS - ok
10:06:15.0715 1876 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
10:06:15.0746 1876 Tcpip - ok
10:06:15.0808 1876 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
10:06:15.0839 1876 TCPIP6 - ok
10:06:15.0855 1876 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
10:06:15.0886 1876 tcpipreg - ok
10:06:15.0917 1876 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:06:15.0949 1876 TDPIPE - ok
10:06:15.0964 1876 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:06:15.0995 1876 TDTCP - ok
10:06:16.0027 1876 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
10:06:16.0058 1876 tdx - ok
10:06:16.0073 1876 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
10:06:16.0073 1876 TermDD - ok
10:06:16.0120 1876 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
10:06:16.0167 1876 TermService - ok
10:06:16.0183 1876 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:06:16.0198 1876 Themes - ok
10:06:16.0229 1876 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:06:16.0261 1876 THREADORDER - ok
10:06:16.0292 1876 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:06:16.0323 1876 TrkWks - ok
10:06:16.0370 1876 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
10:06:16.0370 1876 TrustedInstaller - ok
10:06:16.0417 1876 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:06:16.0448 1876 tssecsrv - ok
10:06:16.0479 1876 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
10:06:16.0510 1876 tunnel - ok
10:06:16.0541 1876 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
10:06:16.0557 1876 TurboB - ok
10:06:16.0588 1876 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:06:16.0604 1876 TurboBoost - ok
10:06:16.0666 1876 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:06:16.0682 1876 uagp35 - ok
10:06:16.0697 1876 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
10:06:16.0744 1876 udfs - ok
10:06:16.0791 1876 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:06:16.0807 1876 UI0Detect - ok
10:06:16.0838 1876 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:06:16.0853 1876 uliagpkx - ok
10:06:16.0869 1876 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
10:06:16.0885 1876 umbus - ok
10:06:16.0900 1876 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:06:16.0916 1876 UmPass - ok
10:06:17.0025 1876 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:06:17.0056 1876 UNS ( UnsignedFile.Multi.Generic ) - warning
10:06:17.0056 1876 UNS - detected UnsignedFile.Multi.Generic (1)
10:06:17.0134 1876 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:06:17.0181 1876 upnphost - ok
10:06:17.0212 1876 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
10:06:17.0212 1876 USBAAPL64 - ok
10:06:17.0275 1876 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
10:06:17.0290 1876 usbccgp - ok
10:06:17.0321 1876 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
10:06:17.0337 1876 usbcir - ok
10:06:17.0399 1876 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
10:06:17.0415 1876 usbehci - ok
10:06:17.0462 1876 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
10:06:17.0477 1876 usbhub - ok
10:06:17.0555 1876 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
10:06:17.0555 1876 usbohci - ok
10:06:17.0587 1876 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:06:17.0602 1876 usbprint - ok
10:06:17.0680 1876 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:06:17.0696 1876 USBSTOR - ok
10:06:17.0711 1876 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
10:06:17.0727 1876 usbuhci - ok
10:06:17.0789 1876 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
10:06:17.0805 1876 usbvideo - ok
10:06:17.0821 1876 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:06:17.0852 1876 UxSms - ok
10:06:17.0899 1876 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
10:06:17.0914 1876 VaultSvc - ok
10:06:17.0930 1876 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:06:17.0945 1876 vdrvroot - ok
10:06:17.0977 1876 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
10:06:17.0992 1876 vds - ok
10:06:18.0039 1876 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:06:18.0055 1876 vga - ok
10:06:18.0070 1876 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:06:18.0117 1876 VgaSave - ok
10:06:18.0133 1876 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
10:06:18.0133 1876 vhdmp - ok
10:06:18.0164 1876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
10:06:18.0164 1876 viaide - ok
10:06:18.0211 1876 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe
10:06:18.0211 1876 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - warning
10:06:18.0211 1876 VideAceWindowsService - detected UnsignedFile.Multi.Generic (1)
10:06:18.0289 1876 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
10:06:18.0304 1876 volmgr - ok
10:06:18.0320 1876 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
10:06:18.0335 1876 volmgrx - ok
10:06:18.0382 1876 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
10:06:18.0382 1876 volsnap - ok
10:06:18.0413 1876 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:06:18.0429 1876 vsmraid - ok
10:06:18.0491 1876 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
10:06:18.0507 1876 VSS - ok
10:06:18.0538 1876 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:06:18.0554 1876 vwifibus - ok
10:06:18.0569 1876 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:06:18.0585 1876 vwififlt - ok
10:06:18.0601 1876 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:06:18.0616 1876 vwifimp - ok
10:06:18.0663 1876 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:06:18.0694 1876 W32Time - ok
10:06:18.0725 1876 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:06:18.0741 1876 WacomPen - ok
10:06:18.0757 1876 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:06:18.0788 1876 WANARP - ok
10:06:18.0803 1876 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:06:18.0835 1876 Wanarpv6 - ok
10:06:18.0897 1876 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:06:18.0913 1876 WatAdminSvc - ok
10:06:18.0975 1876 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
10:06:18.0991 1876 wbengine - ok
10:06:19.0022 1876 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:06:19.0037 1876 WbioSrvc - ok
10:06:19.0069 1876 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
10:06:19.0069 1876 wcncsvc - ok
10:06:19.0100 1876 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:06:19.0100 1876 WcsPlugInService - ok
10:06:19.0147 1876 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:06:19.0147 1876 Wd - ok
10:06:19.0178 1876 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:06:19.0193 1876 Wdf01000 - ok
10:06:19.0225 1876 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:06:19.0240 1876 WdiServiceHost - ok
10:06:19.0256 1876 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:06:19.0271 1876 WdiSystemHost - ok
10:06:19.0318 1876 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
10:06:19.0334 1876 WebClient - ok
10:06:19.0349 1876 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:06:19.0396 1876 Wecsvc - ok
10:06:19.0412 1876 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:06:19.0443 1876 wercplsupport - ok
10:06:19.0474 1876 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:06:19.0505 1876 WerSvc - ok
10:06:19.0537 1876 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:06:19.0568 1876 WfpLwf - ok
10:06:19.0615 1876 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
10:06:19.0615 1876 WimFltr - ok
10:06:19.0646 1876 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:06:19.0662 1876 WIMMount - ok
10:06:19.0693 1876 WinDefend - ok
10:06:19.0693 1876 WinHttpAutoProxySvc - ok
10:06:19.0786 1876 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:06:19.0833 1876 Winmgmt - ok
10:06:19.0896 1876 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
10:06:19.0958 1876 WinRM - ok
10:06:20.0005 1876 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
10:06:20.0020 1876 WinUsb - ok
10:06:20.0052 1876 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:06:20.0067 1876 Wlansvc - ok
10:06:20.0208 1876 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:06:20.0208 1876 WmiAcpi - ok
10:06:20.0286 1876 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:06:20.0301 1876 wmiApSrv - ok
10:06:20.0332 1876 WMPNetworkSvc - ok
10:06:20.0395 1876 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:06:20.0410 1876 WPCSvc - ok
10:06:20.0426 1876 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
10:06:20.0442 1876 WPDBusEnum - ok
10:06:20.0473 1876 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:06:20.0504 1876 ws2ifsl - ok
10:06:20.0535 1876 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
10:06:20.0551 1876 wscsvc - ok
10:06:20.0582 1876 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:06:20.0598 1876 WSDPrintDevice - ok
10:06:20.0644 1876 WSearch - ok
10:06:20.0722 1876 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
10:06:20.0785 1876 wuauserv - ok
10:06:20.0816 1876 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
10:06:20.0847 1876 WudfPf - ok
10:06:20.0878 1876 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:06:20.0910 1876 WUDFRd - ok
10:06:20.0941 1876 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
10:06:20.0972 1876 wudfsvc - ok
10:06:20.0988 1876 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:06:21.0003 1876 WwanSvc - ok
10:06:21.0034 1876 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:06:21.0112 1876 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:06:21.0112 1876 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:06:21.0128 1876 Boot (0x1200) (f4e459cb895541dfb8a8d76022aa4b82) \Device\Harddisk0\DR0\Partition0
10:06:21.0128 1876 \Device\Harddisk0\DR0\Partition0 - ok
10:06:21.0144 1876 Boot (0x1200) (f7b2733a3145a7ead44f1427131703a1) \Device\Harddisk0\DR0\Partition1
10:06:21.0144 1876 \Device\Harddisk0\DR0\Partition1 - ok
10:06:21.0144 1876 ============================================================
10:06:21.0144 1876 Scan finished
10:06:21.0144 1876 ============================================================
10:06:21.0159 0388 Detected object count: 5
10:06:21.0159 0388 Actual detected object count: 5
10:07:09.0566 0388 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - copied to quarantine
10:07:09.0566 0388 LMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:07:09.0566 0388 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:09.0566 0388 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:07:09.0628 0388 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - copied to quarantine
10:07:09.0628 0388 UNS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:07:09.0660 0388 C:\ExpressGateUtil\VAWinService.exe - copied to quarantine
10:07:09.0660 0388 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:07:09.0706 0388 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
10:07:09.0706 0388 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
10:07:09.0706 0388 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
10:07:09.0706 0388 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
10:07:09.0706 0388 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
10:07:09.0722 0388 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
10:07:09.0738 0388 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
10:07:09.0816 0388 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
10:07:09.0816 0388 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
10:07:09.0816 0388 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
10:07:09.0816 0388 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

zap_1961 wrote:

*************** report from Commy ****************
ComboFix 12-03-29.02 - Scott 03/29/2012 8:33.3.8 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6069.4819 [GMT -7]
Running from: c:\users\Scott\Desktop\commy.exe
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\CCXPButton.ocx
.
.
((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-29 )))))))))))))))))))))))))))))))
.
.
2012-03-29 15:40 . 2012-03-29 15:40 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-03-29 15:40 . 2012-03-29 15:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-29 15:40 . 2012-03-29 15:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-28 18:33 . 2012-03-29 15:21 -------- d-----w- c:\users\Scott\Tracing
2012-03-28 18:04 . 2012-03-28 18:04 -------- d-----w- c:\program files (x86)\ESET
2012-03-23 22:58 . 2012-03-28 22:17 -------- d-----w- C:\Samsung adaptor board
2012-03-23 19:50 . 2012-03-28 17:12 -------- d-----w- C:\Samsung Image Head
2012-03-23 18:57 . 2012-03-28 23:00 -------- d-----w- C:\Samsung Image Processing
2012-03-21 20:05 . 2012-03-21 20:10 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-18 15:47 . 2012-03-18 15:47 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 15:47 . 2012-03-18 15:47 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-12 14:45 . 2012-03-12 14:45 -------- d-----w- C:\_OTL
2012-03-09 20:35 . 2012-03-09 20:35 -------- d-----w- c:\users\Scott\AppData\Roaming\Safer Networking
2012-03-09 20:33 . 2012-03-09 20:33 -------- d-----w- c:\program files (x86)\Safer Networking
2012-03-09 14:36 . 2012-03-28 15:17 -------- d-----w- c:\program files\Symantec
2012-03-09 14:36 . 2012-03-28 15:07 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-09 14:36 . 2012-03-09 14:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-03-09 14:33 . 2012-03-28 17:20 -------- d-----w- c:\windows\system32\drivers\NAVx64
2012-03-09 14:32 . 2012-03-09 14:33 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2012-03-09 14:29 . 2012-03-09 14:29 -------- d-----w- c:\programdata\PCSettings
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\users\Scott\AppData\Roaming\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-08 18:46 . 2012-03-08 18:46 -------- d-----w- c:\programdata\Malwarebytes
2012-03-08 18:46 . 2010-04-29 22:39 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-29 15:20 . 2010-11-29 18:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-02-22 20:43 . 2011-02-14 23:29 286720 ----a-w- c:\windows\iun505.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-14_23.56.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-01-18 16:20 . 2012-03-14 14:23 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2012-01-18 16:20 . 2012-03-19 14:35 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-10-29 16:21 . 2012-03-29 15:23 52538 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-29 15:23 37306 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-29 18:55 . 2012-03-29 15:23 14580 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1469825858-3757968985-3060953023-1001_UserData.bin
+ 2012-03-28 15:04 . 2012-01-17 22:33 37496 c:\windows\system32\drivers\NAVx64\1306020.00A\srtspx64.sys
- 2010-11-30 09:47 . 2012-03-13 14:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-30 09:47 . 2012-03-28 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-11 16:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-29 18:55 . 2012-03-29 15:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-29 18:55 . 2012-03-14 14:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-29 18:55 . 2012-03-14 14:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-29 18:55 . 2012-03-29 15:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-25 06:44 . 2012-03-25 06:44 25600 c:\windows\Installer\36663ca.msi
+ 2010-11-29 21:54 . 2012-03-23 00:35 3614 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-03-28 15:02 . 2012-01-17 22:45 4782 c:\windows\system32\drivers\NAVx64\1306020.00A\symvtcer.dat
+ 2012-03-29 15:20 . 2012-03-29 15:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-14 14:23 . 2012-03-14 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-29 15:20 . 2012-03-29 15:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-14 14:23 . 2012-03-14 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-17 17:56 . 2012-03-14 23:36 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-04-17 17:56 . 2012-03-21 14:25 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-28 18:02 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 18:02 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 02:04 . 2012-03-28 14:32 365944 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-11-30 05:02 . 2012-03-24 20:09 209962 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-03-14 14:28 627316 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-29 15:25 627316 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-14 14:28 107600 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-03-29 15:25 107600 c:\windows\system32\perfc009.dat
+ 2012-03-28 15:04 . 2012-01-17 22:46 405624 c:\windows\system32\drivers\NAVx64\1306020.00A\symnets.sys
+ 2012-03-28 15:04 . 2011-07-26 02:18 451192 c:\windows\system32\drivers\NAVx64\1306020.00A\symds64.sys
+ 2012-03-28 15:04 . 2012-01-17 22:33 738936 c:\windows\system32\drivers\NAVx64\1306020.00A\srtsp64.sys
+ 2012-03-28 15:04 . 2012-01-17 22:35 190072 c:\windows\system32\drivers\NAVx64\1306020.00A\ironx64.sys
+ 2012-03-28 15:04 . 2011-11-29 22:44 167048 c:\windows\system32\drivers\NAVx64\1306020.00A\ccsetx64.sys
+ 2009-07-14 05:12 . 2012-03-26 04:26 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-03-11 16:13 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-01-11 21:53 . 2011-05-09 20:01 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-11 21:53 . 2012-03-18 16:33 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-03-13 23:37 421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-29 15:05 421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:54 . 2012-03-28 18:02 2326528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-14 23:36 2326528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-03-28 15:04 . 2012-01-17 22:45 1092728 c:\windows\system32\drivers\NAVx64\1306020.00A\symefa64.sys
+ 2010-10-29 16:34 . 2012-03-29 15:05 3972504 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 02:34 . 2012-03-28 22:56 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-03-14 20:27 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-01-12 16:00 . 2012-03-29 15:05 60724228 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1469825858-3757968985-3060953023-1001-12288.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\NCH_EN\prxtbNCH0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files (x86)\NCH_EN\prxtbNCH0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-10-29 2429]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-14 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-2 1080608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-29 12862]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-1-5 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-03-03 1157240]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1306020.00A\ccSetx64.sys [x]
R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120327.002\IDSvia64.sys [2012-03-08 488568]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1306020.00A\Ironx64.SYS [x]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1306020.00A\SYMNETS.SYS [x]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
R2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-16 249648]
R2 Cadence License Manager;Cadence License Manager;c:\cadence\LicenseManager\lmgrd.exe [2010-01-11 1722704]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [x]
R2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe [2012-01-17 138232]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-08-17 1620584]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-08-17 235624]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-08 195336]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 135664]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1306020.00A\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1306020.00A\SYMEFA64.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-29 16:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-28 2121320]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hn6tdypz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-03-29 08:43:18
ComboFix-quarantined-files.txt 2012-03-29 15:43
ComboFix2.txt 2012-03-18 17:11
ComboFix3.txt 2012-03-15 00:20
.
Pre-Run: 41,278,992,384 bytes free
Post-Run: 40,982,380,544 bytes free
.
- - End Of File - - 25A8C3EEA129802B28F48C9C185A9439