Премини към съдържанието
Magdalena Matanova

Запитване относно ntoskrnl.exe - Do you want to allow it to access ..[РЕШЕН]

Препоръчан отговор


Здравейте!

Бях отворила темата в друг раздела, но ми препоръчаха да споделя проблема(ако мога да го нарека така) тук при вас.

Използвам Windows7. Досега не съм имала проблеми, но вчера още с пускането на компютъра и ми се появи прозорец с това съдържание:

NT Kernel System has changed since the last time you used it. This could happen if you have updated it recently. Click Detail to see more information. Do you want to allow it to access the network?Yes/No/Details

The executable has changed since the last time you used C:\Windows\system32\ntoskrnl.exe

File Version: 6.1.7601.17727

File Description: NT Kernel & System

File Path: C:\Windows\system32\ntoskrnl.exe

Digital Signature:

Process ID: 0x0 (Hexadecimal) 0 (Decimal)

Connection origin: remote initiated

Protocol: TCP

Local Address: 192.168.0.100

Local Port: 2869 (ICSLAP - ICSLAP)

Remote Name:

Remote Address: xxx.xxx.x.x

Remote Port: 1

Ethernet packet details:

Ethernet II (Packet Length: 74)

Destination: xx-xx-xx-xx-xx

Source: xx-xx-xx-xx-xx-xx

Type: IP (0x0800)

Internet Protocol

Version: 4

Header Length: 20 bytes

Flags:

.1.. = Don't fragment: Set

..0. = More fragments: Not set

Fragment offset:0

Time to live: 64

Protocol: 0x6 (TCP - Transmission Control Protocol)

Header checksum: 0x51b6 (Correct)

Source: xxx.xxx.x.x

Destination: xxx.xxx.x.xxx

Transmission Control Protocol (TCP)

Source port: 1

Destination port: 2869

Sequence number: 667486093

Acknowledgment number: 0

Header length: 40

Flags:

0... .... = Congestion Window Reduce (CWR): Not set

.0.. .... = ECN-Echo: Not set

..0. .... = Urgent: Not set

...0 .... = Acknowledgment: Not set

.... 0... = Push: Not set

.... .0.. = Reset: Not set

.... ..1. = Syn: Set

.... ...0 = Fin: Not set

Checksum: 0xbc6f (Correct)

Data (0 Bytes)

Binary dump of the packet:

0000: XX XX XX XX XX XX F8 D1 : 11 4A 54 2E 08 00 45 00 | .r.]h....JT...E.

0010: 00 3C 02 B5 40 00 40 06 : B6 51 C0 A8 00 01 C0 A8 | .<..@.@..Q......

0020: XX XX 00 01 0B 35 27 C9 : 07 8D 00 00 00 00 A0 02 | .d...5'.........

0030: 16 D0 6F BC 00 00 02 04 : 05 B4 04 02 08 0A 00 00 | ..o.............

0040: 05 38 00 00 00 00 01 03 : 03 01 | .8........

и бях :shock11:

В крайна сметка натиснах "да".

Напоследък започнах много да се притеснявам от вирусчета и др. подобни, тъй като тегля много филми/сериали. Всеки ден си пускам АВ за проверка(Symantec Endpoint Protection, която си е настроена да си се update-ва) и програмката Spybot search&destroy.

Не знам дали ме е хванала параноята или наистина има проблем, но нещо много бавно ми работи компютърът и започна да забавя от време на време. Като отворя диспечера със задачите, виждам, че на процесора % са до 70-85, а след 1 сек. спадат веднага на към 10-20%.(не съм наясно дали това е нормално?). А в CPU списъка със задачи сред първите 3 с най-висок процент е System с описание ntoskrnl.exe.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте и добре дошли в нашия скромен подраздел.:)Тук ние проверяваме и почистваме компютърните системи от зловреден софтуер..Имаме и някои по особени изисквания..!Като за начало прочетете и подгответе дневници с програмата DDS от тази тема: Системата ми е инфектирана - Какво да правя сега? На базата на тях ще видим с какво си имаме работа, дали имате проблем с вируси и ще вземем решение за следващи действия.:)

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря за бързото включване!!! Това е съдържанието на DDS.txt DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Magdalena at 16:30:50 on 2012-03-30 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.6051.3958 [GMT 3:00] . AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\INSTALL'S\WordWeb\wweb32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll BHO: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - D:\INSTALL'S\QUICKfind\PlugIns\IEHelp.dll BHO: KMPlayer Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: KMPlayer Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB: KMPlayer Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [WordWeb] "D:\INSTALL'S\WordWeb\wweb32.exe" -startup uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\MAGDAL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VDOWNL~1.LNK - D:\INSTALL'S\VDownloader\VDownloader.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:149 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB TCP: NameServer = 192.168.0.1 TCP: Interfaces\{E868BEFC-E4F7-43A1-A18E-E33988076617} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{E868BEFC-E4F7-43A1-A18E-E33988076617}\35C61646F6C656469602146425544444F4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E868BEFC-E4F7-43A1-A18E-E33988076617}\472716E63702530213330393 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{E868BEFC-E4F7-43A1-A18E-E33988076617}\6594651434F4D4F5E45445 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E868BEFC-E4F7-43A1-A18E-E33988076617}\E4544574541425 : DHCPNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Magdalena\AppData\Roaming\Mozilla\Firefox\Profiles\faesx0lq.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\InhatchTeam\Inhatch\npinhatch.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-11-11 25960] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-12-2 89600] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-11 2009704] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-6 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472] R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-11-8 1839776] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-11 2655768] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-11-4 58128] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-10-19 274432] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-18 138360] R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-11-4 59904] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-6-21 25496] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-11-11 56344] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETwNs64.sys [2011-8-3 8604672] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-11 406632] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008] S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2010-11-4 53008] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-6-21 34200] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-11-11 174184] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-12-1 20992] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-11-11 250984] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-12-1 59392] S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-11 1255736] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2012-03-14 23:45:43 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-14 23:45:42 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-14 23:45:41 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-14 07:56:30 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-03-14 07:56:26 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-14 07:56:25 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-14 07:52:03 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-14 07:52:02 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-14 07:52:02 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-14 07:51:49 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-14 07:51:49 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-03-14 07:51:49 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-14 07:51:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-14 07:51:48 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys . ==================== Find3M ==================== . 2012-02-25 18:47:05 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2010-01-26 08:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe . ============= FINISH: 16:31:34,00 =============== A tova na Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 11.11.2011 г. 03:32:49 System Uptime: 30.3.2012 г. 15:20:55 (1 hours ago) . Motherboard: Dell Inc. | | 0FXK2Y Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz | CPU 1 | 792/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 98 GiB total, 13,611 GiB free. D: is FIXED (NTFS) - 499 GiB total, 267,949 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP46: 15.3.2012 г. 01:43:12 - Windows Update RP47: 28.3.2012 г. 01:43:02 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent 7-Zip 4.65 (x64 edition) Adobe AIR Adobe Flash Player 11 ActiveX 64-bit Adobe Flash Player 11 Plugin 64-bit Adobe Photoshop CS Adobe Photoshop Lightroom 3.2 64-bit Adobe Reader X (10.1.2) Ashampoo Burning Studio 6 FREE Ask Toolbar ATI Catalyst Install Manager Codec Pack - All In 1 6.0.3.0 Dell Digital Delivery Dell Driver Download Manager Dell Touchpad IDT Audio Inhatch web plugins Intel PROSet Wireless Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Intel® WiDi Intel® Wireless Display K-Lite Codec Pack 5.9.0 (Full) LiveUpdate 3.3 (Symantec Corporation) Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 8.0.1 (x86 bg) Notepad++ NVIDIA 3D Vision Driver 268.30 NVIDIA Control Panel 268.30 NVIDIA Graphics Driver 268.30 NVIDIA HD Audio Driver 1.2.22.1 NVIDIA Install Application NVIDIA Optimus 1.0.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components Oxford Advanced Learner's Dictionary - 7th Edition QUICKfind server v1.1 Quickset64 Realtek Ethernet Controller Driver Realtek USB 2.0 Card Reader Renesas Electronics USB 3.0 Host Controller Driver SA Dictionary 2008 Beta 4 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Skype™ 5.8 Spybot - Search & Destroy Symantec Endpoint Protection The KMPlayer (remove only) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) uTorrentBar Toolbar VDownloader 3.8.974 Veetle TV VINN VLC media player 1.1.7 Winamp Winamp Detector Plug-in WinPcap 4.1.1 WinRAR archiver WinZip WordWeb . ==== Event Viewer Messages From Past Week ======== . 29.3.2012 г. 18:31:51, Error: Service Control Manager [7023] - Услуга Security Center прекъсна със следната грешка: Услугата за удостоверяване е неизвестна. 29.3.2012 г. 18:31:47, Error: Service Control Manager [7023] - Услуга Server прекъсна със следната грешка: Услугата не е стартирана. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7038] - Услуга PolicyAgent не може да влезе като NT Authority\NetworkService с текущо конфигурираната парола, поради следната грешка: Заявката не се поддържа. За да осигурите правилното конфигуриране на услугата, използвайте конзолната добавка за услуги в конзолата на Microsoft за управление (MMC). 29.3.2012 г. 18:31:44, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не е стартирана. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7000] - Услуга Portable Device Enumerator Service не може да бъде стартирана поради следната грешка: В ход е изключване на системата. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7000] - Услуга LiveUpdate не може да бъде стартирана поради следната грешка: Каналът е затворен. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7000] - Услуга IPsec Policy Agent не може да бъде стартирана поради следната грешка: Услугата не стартира поради неуспешно влизане. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7000] - Услуга Diagnostic System Host не може да бъде стартирана поради следната грешка: В ход е изключване на системата. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7000] - Услуга Computer Browser не може да бъде стартирана поради следната грешка: В ход е изключване на системата. 29.3.2012 г. 18:31:44, Error: Service Control Manager [7000] - Услуга Application Experience не може да бъде стартирана поради следната грешка: В ход е изключване на системата. 29.3.2012 г. 18:29:21, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module неочаквано спря. Път до модула: C:\Windows\System32\IWMSSvc.dll 29.3.2012 г. 18:29:21, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module неочаквано спря. Път до модула: C:\Windows\System32\IWMSSvc.dll 29.3.2012 г. 18:29:11, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module неочаквано спря. Път до модула: C:\Windows\System32\IWMSSvc.dll 29.3.2012 г. 13:38:12, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module неочаквано спря. Път до модула: C:\Windows\System32\IWMSSvc.dll 27.3.2012 г. 19:59:08, Error: BTHUSB [17] - Възникна неопределена грешка в локалния Bluetooth адаптер и той няма да бъде използван. Драйверът е изключен. 24.3.2012 г. 18:15:44, Error: BTHUSB [17] - Възникна неопределена грешка в локалния Bluetooth адаптер и той няма да бъде използван. Драйверът е изключен. . ==== End Of File =========================== Включих си АВ отново....

Редактирано от Magdalena Matanova (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пусни един "System Restore" и върни системата към точка преди 1-2 седмици и виж как ще е ...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пусни един "System Restore" и върни системата към точка преди 1-2 седмици и виж как ще е ...

Благодаря за съвета, но ще изчакам отговора на някого от HJT Team-a :shy11:


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Деинсталирайте Ask Toolbar по стандартния начин.

Искам да направим по задълбочена проверка на системата,за да сме сигурни че не се касае за зловреден софтуер...:

Публикувано изображение Моля, изтеглете aswMBR и го запазете на вашия десктоп.

  • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
  • Изчакайте да изтегли дефинициите на avast!
  • От падащото меню посочете дял C:\ както е на снимката:
Публикувано изображение
  • Изберете Scan бутона, за да започне проверката.
  • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.
Публикувано изображение Моля,изтрийте изтрийте вашата версия на TDSSKiller , изтеглете последната версия на TDSSKiller - оттук и я запазете на вашия декстоп.
  • Стартирайте TDSSKiller.exe за да стартирате приложението. След това кликнете върху бутона Change parameters.

    Публикувано изображение

  • Сложете отметки пред Verify Driver Digital Signature и Detect TDLFS file system и натиснете ОК.

    Публикувано изображение

  • Натиснете бутона Start Scan.

    Публикувано изображение

  • Ако подозрителен обект бъде засечен, действието по подразбиране ще бъде Skip, кликнете върху Continue.

    Публикувано изображение

  • Ако зловредни обекти бъдат намерени, тогава от падащото меню ще имате три възможности.

    Бъдете сигурни, че избраното действие е Cure и натиснете върху Continue > Рестартирайте за да бъде завършена поправката.

    Публикувано изображение

    Забележка: Ако Cure бутона не е наличен от възможностите, тогава моля изберете Skip бутона, не избирайте Delete освен ако не сте инструктирани затова.

  • Лог файл ще бъде създаден в свободната директория на дял C:\ . Потърсете за лог с името "TDSSKiller.[Version]_[Date]_[Time]_log.txt" и копирайте съдържанието му в следващия си пост.

И защо искам тази проверка - знам че когато отворите Task Manager и там виждате работещо копие на ntoskrnl.exe това е силен индикатор за инфекция и наличието на зловреден софтуер..От вашето описание останах с убеждението че вие виждате ntoskrnl.exe в Task Manager или съм в грешка..?

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Avast все още сканира (нещо се спря за по-дълго на торент програмата, че имам много торенти :( ) и не вижда ntoskrnl.exe сред задачите, ами в графата Image е написано System, a срещу System в графата Description е написано NT Kernel and System

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добре,разбирам..изчакваме резултатите от сканиранията..!:) Супер се справяте..!:)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Налага ми се да излезна за около 2.5 часа, а сканирането все още не е завършено. Да я оставя ли програмата така и да си настроя лаптопа да не се изключва?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Няма проблем...след един час и аз ще излизам.....така че ....пожелавам лека вечер..!:)После ще продължим...!:)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Лелеее...3 часа сканиране :no-no:

Ето това излезе като резултат:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-03-30 17:03:39

-----------------------------

17:03:39.994 OS Version: Windows x64 6.1.7601 Service Pack 1

17:03:39.995 Number of processors: 4 586 0x2A07

17:03:39.997 ComputerName: MAGDALENA-PC UserName: Magdalena

17:03:40.919 Initialize success

17:04:50.590 AVAST engine defs: 12033000

17:05:07.647 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

17:05:07.652 Disk 0 Vendor: WDC_WD6400BPVT-75HXZT3 01.01A01 Size: 610480MB BusType: 11

17:05:07.691 Disk 0 MBR read successfully

17:05:07.697 Disk 0 MBR scan

17:05:07.710 Disk 0 Windows 7 default MBR code

17:05:07.717 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

17:05:07.739 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99900 MB offset 206848

17:05:07.772 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 510478 MB offset 204802048

17:05:07.814 Disk 0 scanning C:\Windows\system32\drivers

17:05:31.890 Service scanning

17:06:13.102 Modules scanning

17:06:13.116 Disk 0 trace - called modules:

17:06:13.156 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys

17:06:13.498 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006233060]

17:06:13.510 3 CLASSPNP.SYS[fffff8800196043f] -> nt!IofCallDriver -> [0xfffffa8005c7b250]

17:06:13.518 5 ACPI.sys[fffff88000fa77a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005c7d060]

17:06:14.349 AVAST engine scan C:\

20:14:01.081 Scan finished successfully

20:25:39.354 Disk 0 MBR has been saved successfully to "C:\Users\Magdalena\Desktop\MBR.dat"

20:25:39.370 The log file has been saved successfully to "C:\Users\Magdalena\Desktop\aswMBR.txt"

И фокусирах ntoskrnl.exe (надявам се не е това,което си мисля :mad: )

Сега да продължа ли със следващата стъпка-Касперски?

Edit: Забравих да пиша, че нямам диск за инсталация на Win7(пък още в началото пишеше да го отбележа) и също не знам доколко има връзка със случая, но мишката ми колабира чат-чат :) в смисъл спира да се движи или мноооого трудно с по милиметър-два помръдва, бутоните -ляв и десен си работят. Понякога като рестартирам си се оправя, но друг път трябва да изключа лаптопа и като включа е ок. Казаха ми, че може да е от някоя буба, но нищо не беше открито(освен една track-нещо си(не помня как беше точно) и съответно елиминирано) ама пак си забива мишока. Предполагам, че е някакъв hardware-ен проблем, а ми е още в гаранция, така че ще дам да го погледнат. :shy11:

Редактирано от Magdalena Matanova (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Сега да продължа ли със следващата стъпка-Касперски?

Да..!

До тук всичко е наред...Дневникът е чист...!:)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ще публикувам резултата на два пъти, понеже ми се изписва, че коментарът ми е мн дълъг част 1 23:01:14.0431 8908 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18 23:01:14.0775 8908 ============================================================ 23:01:14.0775 8908 Current date / time: 2012/03/30 23:01:14.0775 23:01:14.0775 8908 SystemInfo: 23:01:14.0776 8908 23:01:14.0776 8908 OS Version: 6.1.7601 ServicePack: 1.0 23:01:14.0776 8908 Product type: Workstation 23:01:14.0776 8908 ComputerName: MAGDALENA-PC 23:01:14.0776 8908 UserName: Magdalena 23:01:14.0776 8908 Windows directory: C:\Windows 23:01:14.0776 8908 System windows directory: C:\Windows 23:01:14.0777 8908 Running under WOW64 23:01:14.0777 8908 Processor architecture: Intel x64 23:01:14.0777 8908 Number of processors: 4 23:01:14.0777 8908 Page size: 0x1000 23:01:14.0777 8908 Boot type: Normal boot 23:01:14.0777 8908 ============================================================ 23:01:16.0360 8908 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:01:16.0374 8908 \Device\Harddisk0\DR0: 23:01:16.0402 8908 MBR used 23:01:16.0402 8908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 23:01:16.0402 8908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000 23:01:16.0402 8908 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x3E507000 23:01:16.0529 8908 Initialize success 23:01:16.0529 8908 ============================================================ 23:01:39.0332 5512 ============================================================ 23:01:39.0332 5512 Scan started 23:01:39.0332 5512 Mode: Manual; SigCheck; TDLFS; 23:01:39.0332 5512 ============================================================ 23:01:40.0656 5512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:01:40.0837 5512 1394ohci - ok 23:01:40.0895 5512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:01:40.0931 5512 ACPI - ok 23:01:40.0953 5512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:01:41.0049 5512 AcpiPmi - ok 23:01:41.0144 5512 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 23:01:41.0186 5512 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning 23:01:41.0187 5512 Adobe LM Service - detected UnsignedFile.Multi.Generic (1) 23:01:41.0274 5512 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 23:01:41.0294 5512 AdobeARMservice - ok 23:01:41.0424 5512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 23:01:41.0494 5512 adp94xx - ok 23:01:41.0527 5512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 23:01:41.0599 5512 adpahci - ok 23:01:41.0628 5512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 23:01:41.0674 5512 adpu320 - ok 23:01:41.0711 5512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 23:01:41.0898 5512 AeLookupSvc - ok 23:01:41.0996 5512 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 23:01:42.0046 5512 AESTFilters - ok 23:01:42.0174 5512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 23:01:42.0230 5512 AFD - ok 23:01:42.0281 5512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:01:42.0321 5512 agp440 - ok 23:01:42.0360 5512 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 23:01:42.0425 5512 ALG - ok 23:01:42.0457 5512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:01:42.0498 5512 aliide - ok 23:01:42.0540 5512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:01:42.0578 5512 amdide - ok 23:01:42.0631 5512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 23:01:42.0706 5512 AmdK8 - ok 23:01:42.0719 5512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 23:01:42.0778 5512 AmdPPM - ok 23:01:42.0821 5512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:01:42.0868 5512 amdsata - ok 23:01:42.0891 5512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 23:01:42.0938 5512 amdsbs - ok 23:01:42.0968 5512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:01:42.0991 5512 amdxata - ok 23:01:43.0038 5512 AMPPAL (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys 23:01:43.0098 5512 AMPPAL - ok 23:01:43.0138 5512 AMPPALP (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys 23:01:43.0168 5512 AMPPALP - ok 23:01:43.0302 5512 AMPPALR3 (864c632b999be1237a3dc46736e71f27) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 23:01:43.0550 5512 AMPPALR3 - ok 23:01:43.0655 5512 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\Windows\system32\DRIVERS\Apfiltr.sys 23:01:43.0685 5512 ApfiltrService - ok 23:01:43.0736 5512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:01:43.0921 5512 AppID - ok 23:01:43.0957 5512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 23:01:44.0091 5512 AppIDSvc - ok 23:01:44.0150 5512 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 23:01:44.0329 5512 Appinfo - ok 23:01:44.0373 5512 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 23:01:44.0429 5512 AppMgmt - ok 23:01:44.0489 5512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 23:01:44.0523 5512 arc - ok 23:01:44.0535 5512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 23:01:44.0573 5512 arcsas - ok 23:01:44.0611 5512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:01:44.0719 5512 AsyncMac - ok 23:01:44.0754 5512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:01:44.0774 5512 atapi - ok 23:01:44.0853 5512 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 23:01:44.0995 5512 AudioEndpointBuilder - ok 23:01:45.0010 5512 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 23:01:45.0084 5512 AudioSrv - ok 23:01:45.0146 5512 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 23:01:45.0196 5512 AxInstSV - ok 23:01:45.0250 5512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 23:01:45.0316 5512 b06bdrv - ok 23:01:45.0346 5512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:01:45.0408 5512 b57nd60a - ok 23:01:45.0448 5512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 23:01:45.0494 5512 BDESVC - ok 23:01:45.0507 5512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:01:45.0601 5512 Beep - ok 23:01:45.0677 5512 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 23:01:45.0795 5512 BFE - ok 23:01:45.0840 5512 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 23:01:45.0947 5512 BITS - ok 23:01:46.0009 5512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:01:46.0045 5512 blbdrive - ok 23:01:46.0146 5512 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 23:01:46.0168 5512 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning 23:01:46.0168 5512 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1) 23:01:46.0214 5512 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 23:01:46.0241 5512 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning 23:01:46.0242 5512 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1) 23:01:46.0289 5512 Bluetooth OBEX Service (a2ebf384ed105fed7d05c5465500ef2e) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 23:01:46.0312 5512 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning 23:01:46.0312 5512 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1) 23:01:46.0402 5512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:01:46.0441 5512 bowser - ok 23:01:46.0490 5512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:01:46.0578 5512 BrFiltLo - ok 23:01:46.0588 5512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:01:46.0637 5512 BrFiltUp - ok 23:01:46.0679 5512 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 23:01:46.0779 5512 Browser - ok 23:01:46.0793 5512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 23:01:46.0872 5512 Brserid - ok 23:01:46.0882 5512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:01:46.0914 5512 BrSerWdm - ok 23:01:46.0928 5512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:01:46.0970 5512 BrUsbMdm - ok 23:01:46.0979 5512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 23:01:47.0007 5512 BrUsbSer - ok 23:01:47.0061 5512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 23:01:47.0096 5512 BthEnum - ok 23:01:47.0139 5512 Bthipareh_me - ok 23:01:47.0180 5512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 23:01:47.0227 5512 BTHMODEM - ok 23:01:47.0273 5512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 23:01:47.0305 5512 BthPan - ok 23:01:47.0366 5512 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 23:01:47.0429 5512 BTHPORT - ok 23:01:47.0481 5512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 23:01:47.0604 5512 bthserv - ok 23:01:47.0965 5512 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 23:01:47.0986 5512 BTHSSecurityMgr - ok 23:01:48.0073 5512 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 23:01:48.0137 5512 BTHUSB - ok 23:01:48.0193 5512 btmaudio (c5495cf0261279f08bf942b865e4a55a) C:\Windows\system32\drivers\btmaud.sys 23:01:48.0240 5512 btmaudio - ok 23:01:48.0327 5512 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys 23:01:48.0351 5512 btmaux - ok 23:01:48.0431 5512 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys 23:01:48.0484 5512 btmhsf - ok 23:01:48.0583 5512 ccEvtMgr (f3e5c6ceec35c3f65221100b00afb5f9) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 23:01:48.0602 5512 ccEvtMgr - ok 23:01:48.0611 5512 ccSetMgr (f3e5c6ceec35c3f65221100b00afb5f9) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 23:01:48.0633 5512 ccSetMgr - ok 23:01:48.0744 5512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:01:48.0887 5512 cdfs - ok 23:01:48.0949 5512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 23:01:49.0005 5512 cdrom - ok 23:01:49.0056 5512 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 23:01:49.0203 5512 CertPropSvc - ok 23:01:49.0263 5512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 23:01:49.0335 5512 circlass - ok 23:01:49.0377 5512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:01:49.0416 5512 CLFS - ok 23:01:49.0478 5512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:01:49.0581 5512 clr_optimization_v2.0.50727_32 - ok 23:01:49.0626 5512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:01:49.0666 5512 clr_optimization_v2.0.50727_64 - ok 23:01:49.0734 5512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:01:49.0756 5512 clr_optimization_v4.0.30319_32 - ok 23:01:49.0801 5512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:01:49.0843 5512 clr_optimization_v4.0.30319_64 - ok 23:01:49.0934 5512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:01:49.0974 5512 CmBatt - ok 23:01:50.0008 5512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:01:50.0048 5512 cmdide - ok 23:01:50.0109 5512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:01:50.0192 5512 CNG - ok 23:01:50.0237 5512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:01:50.0259 5512 Compbatt - ok 23:01:50.0296 5512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 23:01:50.0349 5512 CompositeBus - ok 23:01:50.0373 5512 COMSysApp - ok 23:01:50.0401 5512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 23:01:50.0436 5512 crcdisk - ok 23:01:50.0490 5512 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 23:01:50.0621 5512 CryptSvc - ok 23:01:50.0672 5512 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 23:01:50.0747 5512 CSC - ok 23:01:50.0801 5512 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 23:01:50.0869 5512 CscService - ok 23:01:50.0939 5512 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 23:01:51.0058 5512 DcomLaunch - ok 23:01:51.0101 5512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 23:01:51.0225 5512 defragsvc - ok 23:01:51.0322 5512 DellDigitalDelivery (5c2bf6f94afe6e585b632ee12f861949) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 23:01:51.0366 5512 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning 23:01:51.0366 5512 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1) 23:01:51.0455 5512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:01:51.0559 5512 DfsC - ok 23:01:51.0616 5512 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 23:01:51.0762 5512 Dhcp - ok 23:01:51.0799 5512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:01:51.0902 5512 discache - ok 23:01:51.0932 5512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 23:01:51.0962 5512 Disk - ok 23:01:52.0009 5512 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 23:01:52.0097 5512 Dnscache - ok 23:01:52.0147 5512 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 23:01:52.0250 5512 dot3svc - ok 23:01:52.0294 5512 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 23:01:52.0404 5512 DPS - ok 23:01:52.0461 5512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:01:52.0536 5512 drmkaud - ok 23:01:52.0616 5512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:01:52.0694 5512 DXGKrnl - ok 23:01:52.0744 5512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 23:01:52.0866 5512 EapHost - ok 23:01:53.0207 5512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 23:01:53.0384 5512 ebdrv - ok 23:01:53.0510 5512 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 23:01:53.0580 5512 eeCtrl - ok 23:01:53.0662 5512 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 23:01:53.0744 5512 EFS - ok 23:01:53.0816 5512 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 23:01:53.0995 5512 ehRecvr - ok 23:01:54.0067 5512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 23:01:54.0150 5512 ehSched - ok 23:01:54.0244 5512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 23:01:54.0360 5512 elxstor - ok 23:01:54.0511 5512 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 23:01:54.0552 5512 EraserUtilRebootDrv - ok 23:01:54.0591 5512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:01:54.0651 5512 ErrDev - ok 23:01:54.0701 5512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 23:01:54.0850 5512 EventSystem - ok 23:01:55.0009 5512 EvtEng (e3a96d5ae6e5c7b5472011ba77353368) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 23:01:55.0087 5512 EvtEng - ok 23:01:55.0197 5512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:01:55.0338 5512 exfat - ok 23:01:55.0365 5512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:01:55.0502 5512 fastfat - ok 23:01:55.0572 5512 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 23:01:55.0679 5512 Fax - ok 23:01:55.0734 5512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 23:01:55.0793 5512 fdc - ok 23:01:55.0830 5512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 23:01:55.0965 5512 fdPHost - ok 23:01:55.0992 5512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 23:01:56.0109 5512 FDResPub - ok 23:01:56.0171 5512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:01:56.0193 5512 FileInfo - ok 23:01:56.0217 5512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:01:56.0336 5512 Filetrace - ok 23:01:56.0382 5512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 23:01:56.0441 5512 flpydisk - ok 23:01:56.0483 5512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:01:56.0516 5512 FltMgr - ok 23:01:56.0588 5512 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 23:01:56.0704 5512 FontCache - ok 23:01:56.0778 5512 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:01:56.0795 5512 FontCache3.0.0.0 - ok 23:01:56.0859 5512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:01:56.0895 5512 FsDepends - ok 23:01:56.0911 5512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 23:01:56.0933 5512 Fs_Rec - ok 23:01:56.0995 5512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:01:57.0031 5512 fvevol - ok 23:01:57.0055 5512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:01:57.0095 5512 gagp30kx - ok 23:01:57.0162 5512 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 23:01:57.0306 5512 gpsvc - ok 23:01:57.0325 5512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:01:57.0379 5512 hcw85cir - ok 23:01:57.0433 5512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 23:01:57.0525 5512 HdAudAddService - ok 23:01:57.0564 5512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 23:01:57.0623 5512 HDAudBus - ok 23:01:57.0658 5512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 23:01:57.0717 5512 HidBatt - ok 23:01:57.0731 5512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 23:01:57.0794 5512 HidBth - ok 23:01:57.0808 5512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 23:01:57.0866 5512 HidIr - ok 23:01:57.0902 5512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 23:01:58.0007 5512 hidserv - ok 23:01:58.0067 5512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 23:01:58.0121 5512 HidUsb - ok 23:01:58.0170 5512 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 23:01:58.0289 5512 hkmsvc - ok 23:01:58.0333 5512 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 23:01:58.0399 5512 HomeGroupListener - ok 23:01:58.0440 5512 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 23:01:58.0504 5512 HomeGroupProvider - ok 23:01:58.0547 5512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:01:58.0590 5512 HpSAMD - ok 23:01:58.0661 5512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:01:58.0802 5512 HTTP - ok 23:01:58.0866 5512 hwdatacard (d96a290f699081ae737390c0fe329d7c) C:\Windows\system32\DRIVERS\ewusbmdm.sys 23:01:58.0938 5512 hwdatacard - ok 23:01:58.0970 5512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:01:58.0991 5512 hwpolicy - ok 23:01:59.0063 5512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 23:01:59.0093 5512 i8042prt - ok 23:01:59.0167 5512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:01:59.0234 5512 iaStorV - ok 23:01:59.0274 5512 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys 23:01:59.0312 5512 iBtFltCoex - ok 23:01:59.0392 5512 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:01:59.0470 5512 idsvc - ok 23:01:59.0891 5512 igfx (174bcac474de13b2650e444cf124828e) C:\Windows\system32\DRIVERS\igdkmd64.sys 23:02:00.0457 5512 igfx - ok 23:02:00.0572 5512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 23:02:00.0611 5512 iirsp - ok 23:02:00.0684 5512 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 23:02:00.0868 5512 IKEEXT - ok 23:02:00.0952 5512 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys 23:02:00.0994 5512 intaud_WaveExtensible - ok 23:02:01.0039 5512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:02:01.0083 5512 intelide - ok 23:02:01.0128 5512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:02:01.0178 5512 intelppm - ok 23:02:01.0222 5512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 23:02:01.0327 5512 IPBusEnum - ok 23:02:01.0379 5512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:02:01.0479 5512 IpFilterDriver - ok 23:02:01.0592 5512 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 23:02:01.0717 5512 iphlpsvc - ok 23:02:01.0757 5512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:02:01.0819 5512 IPMIDRV - ok 23:02:01.0849 5512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:02:01.0974 5512 IPNAT - ok 23:02:02.0020 5512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:02:02.0115 5512 IRENUM - ok 23:02:02.0151 5512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:02:02.0187 5512 isapnp - ok 23:02:02.0234 5512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:02:02.0293 5512 iScsiPrt - ok 23:02:02.0347 5512 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys 23:02:02.0367 5512 iwdbus - ok 23:02:02.0414 5512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 23:02:02.0436 5512 kbdclass - ok 23:02:02.0479 5512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 23:02:02.0535 5512 kbdhid - ok 23:02:02.0595 5512 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:02:02.0623 5512 KeyIso - ok 23:02:02.0658 5512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:02:02.0682 5512 KSecDD - ok 23:02:02.0721 5512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:02:02.0750 5512 KSecPkg - ok 23:02:02.0815 5512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:02:02.0921 5512 ksthunk - ok 23:02:02.0963 5512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 23:02:03.0083 5512 KtmRm - ok 23:02:03.0149 5512 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 23:02:03.0281 5512 LanmanServer - ok 23:02:03.0384 5512 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 23:02:03.0489 5512 LanmanWorkstation - ok 23:02:03.0632 5512 LiveUpdate (6abe9ecaab7dd0cc6f46ec830e0fe8fc) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE 23:02:03.0799 5512 LiveUpdate - ok 23:02:03.0949 5512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:02:04.0057 5512 lltdio - ok 23:02:04.0112 5512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 23:02:04.0213 5512 lltdsvc - ok 23:02:04.0236 5512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 23:02:04.0349 5512 lmhosts - ok 23:02:04.0442 5512 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 23:02:04.0477 5512 LMS - ok 23:02:04.0620 5512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:02:04.0662 5512 LSI_FC - ok 23:02:04.0706 5512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:02:04.0748 5512 LSI_SAS - ok 23:02:04.0772 5512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:02:04.0810 5512 LSI_SAS2 - ok 23:02:04.0830 5512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:02:04.0872 5512 LSI_SCSI - ok 23:02:04.0919 5512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:02:05.0018 5512 luafv - ok 23:02:05.0049 5512 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 23:02:05.0094 5512 Mcx2Svc - ok 23:02:05.0150 5512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 23:02:05.0187 5512 megasas - ok 23:02:05.0216 5512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 23:02:05.0274 5512 MegaSR - ok 23:02:05.0326 5512 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys 23:02:05.0346 5512 MEIx64 - ok 23:02:05.0453 5512 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 23:02:05.0510 5512 Microsoft Office Groove Audit Service - ok 23:02:05.0615 5512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 23:02:05.0716 5512 MMCSS - ok 23:02:05.0780 5512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:02:05.0899 5512 Modem - ok 23:02:05.0955 5512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:02:06.0003 5512 monitor - ok 23:02:06.0060 5512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 23:02:06.0087 5512 mouclass - ok 23:02:06.0124 5512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:02:06.0184 5512 mouhid - ok 23:02:06.0237 5512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:02:06.0261 5512 mountmgr - ok 23:02:06.0292 5512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:02:06.0339 5512 mpio - ok 23:02:06.0391 5512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:02:06.0501 5512 mpsdrv - ok 23:02:06.0565 5512 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 23:02:06.0693 5512 MpsSvc - ok 23:02:06.0748 5512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:02:06.0824 5512 MRxDAV - ok 23:02:06.0870 5512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:02:06.0925 5512 mrxsmb - ok 23:02:06.0964 5512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:02:07.0011 5512 mrxsmb10 - ok 23:02:07.0053 5512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:02:07.0101 5512 mrxsmb20 - ok 23:02:07.0122 5512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:02:07.0143 5512 msahci - ok 23:02:07.0182 5512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:02:07.0208 5512 msdsm - ok 23:02:07.0257 5512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 23:02:07.0295 5512 MSDTC - ok 23:02:07.0343 5512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:02:07.0444 5512 Msfs - ok 23:02:07.0471 5512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:02:07.0583 5512 mshidkmdf - ok 23:02:07.0621 5512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:02:07.0641 5512 msisadrv - ok 23:02:07.0673 5512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 23:02:07.0789 5512 MSiSCSI - ok 23:02:07.0802 5512 msiserver - ok 23:02:07.0866 5512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:02:07.0985 5512 MSKSSRV - ok 23:02:08.0063 5512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:02:08.0160 5512 MSPCLOCK - ok 23:02:08.0204 5512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:02:08.0303 5512 MSPQM - ok 23:02:08.0346 5512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:02:08.0383 5512 MsRPC - ok 23:02:08.0424 5512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 23:02:08.0445 5512 mssmbios - ok 23:02:08.0483 5512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:02:08.0600 5512 MSTEE - ok 23:02:08.0621 5512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 23:02:08.0674 5512 MTConfig - ok 23:02:08.0701 5512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:02:08.0723 5512 Mup - ok 23:02:08.0833 5512 MyWiFiDHCPDNS (8f57db74bf5407a4cda6c8b005dc8dd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 23:02:08.0895 5512 MyWiFiDHCPDNS - ok 23:02:09.0030 5512 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 23:02:09.0146 5512 napagent - ok 23:02:09.0247 5512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:02:09.0296 5512 NativeWifiP - ok 23:02:09.0449 5512 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120330.002\ENG64.SYS 23:02:09.0472 5512 NAVENG - ok 23:02:09.0544 5512 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120330.002\EX64.SYS 23:02:09.0670 5512 NAVEX15 - ok 23:02:09.0803 5512 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 23:02:09.0883 5512 NDIS - ok 23:02:09.0944 5512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:02:10.0061 5512 NdisCap - ok 23:02:10.0094 5512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:02:10.0186 5512 NdisTapi - ok 23:02:10.0253 5512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:02:10.0364 5512 Ndisuio - ok 23:02:10.0412 5512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:02:10.0526 5512 NdisWan - ok 23:02:10.0576 5512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:02:10.0659 5512 NDProxy - ok 23:02:10.0699 5512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:02:10.0786 5512 NetBIOS - ok 23:02:10.0824 5512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:02:10.0916 5512 NetBT - ok 23:02:10.0972 5512 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:02:10.0997 5512 Netlogon - ok 23:02:11.0055 5512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 23:02:11.0203 5512 Netman - ok 23:02:11.0239 5512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 23:02:11.0361 5512 netprofm - ok 23:02:11.0431 5512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:02:11.0451 5512 NetTcpPortSharing - ok 23:02:11.0733 5512 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys 23:02:12.0139 5512 NETwNs64 - ok 23:02:12.0185 5512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 23:02:12.0222 5512 nfrd960 - ok 23:02:12.0280 5512 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 23:02:12.0414 5512 NlaSvc - ok 23:02:12.0488 5512 npf (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys 23:02:12.0505 5512 npf - ok 23:02:12.0543 5512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:02:12.0647 5512 Npfs - ok 23:02:12.0678 5512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 23:02:12.0806 5512 nsi - ok 23:02:12.0832 5512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:02:12.0946 5512 nsiproxy - ok 23:02:13.0036 5512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:02:13.0157 5512 Ntfs - ok 23:02:13.0180 5512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:02:13.0290 5512 Null - ok 23:02:13.0333 5512 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys 23:02:13.0392 5512 nusb3hub - ok 23:02:13.0549 5512 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys 23:02:13.0592 5512 nusb3xhc - ok 23:02:13.0652 5512 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys 23:02:13.0699 5512 NVHDA - ok 23:02:14.0092 5512 nvlddmkm (573b0941a37aebee96085d56a103f57b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:02:14.0855 5512 nvlddmkm - ok 23:02:14.0917 5512 nvpciflt (43af7ebeac2ab623468e32caddcb61a4) C:\Windows\system32\DRIVERS\nvpciflt.sys 23:02:14.0946 5512 nvpciflt - ok 23:02:15.0006 5512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:02:15.0056 5512 nvraid - ok 23:02:15.0093 5512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:02:15.0143 5512 nvstor - ok 23:02:15.0216 5512 NVSvc (c500760572c6059918fb0c960967695b) C:\Windows\system32\nvvsvc.exe 23:02:15.0289 5512 NVSvc - ok 23:02:15.0405 5512 nvUpdatusService (f28169a7adf7b41809cf92d369e744f0) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 23:02:15.0502 5512 nvUpdatusService - ok 23:02:15.0544 5512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:02:15.0586 5512 nv_agp - ok 23:02:15.0679 5512 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 23:02:15.0781 5512 odserv - ok 23:02:15.0818 5512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:02:15.0881 5512 ohci1394 - ok 23:02:15.0974 5512 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:02:16.0122 5512 ose - ok 23:02:16.0247 5512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 23:02:16.0325 5512 p2pimsvc - ok 23:02:16.0382 5512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 23:02:16.0472 5512 p2psvc - ok 23:02:16.0536 5512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 23:02:16.0582 5512 Parport - ok 23:02:16.0623 5512 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 23:02:16.0646 5512 partmgr - ok 23:02:16.0689 5512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 23:02:16.0769 5512 PcaSvc - ok 23:02:16.0810 5512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:02:16.0846 5512 pci - ok 23:02:16.0882 5512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:02:16.0917 5512 pciide - ok 23:02:16.0958 5512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 23:02:17.0011 5512 pcmcia - ok 23:02:17.0038 5512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:02:17.0060 5512 pcw - ok 23:02:17.0103 5512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:02:17.0241 5512 PEAUTH - ok 23:02:17.0324 5512 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 23:02:17.0433 5512 PeerDistSvc - ok 23:02:17.0507 5512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 23:02:17.0558 5512 PerfHost - ok 23:02:17.0681 5512 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 23:02:17.0918 5512 pla - ok 23:02:18.0063 5512 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 23:02:18.0170 5512 PlugPlay - ok 23:02:18.0222 5512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 23:02:18.0273 5512 PNRPAutoReg - ok 23:02:18.0303 5512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 23:02:18.0342 5512 PNRPsvc - ok 23:02:18.0399 5512 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 23:02:18.0547 5512 PolicyAgent - ok 23:02:18.0591 5512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 23:02:18.0698 5512 Power - ok 23:02:18.0782 5512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:02:18.0891 5512 PptpMiniport - ok 23:02:18.0966 5512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 23:02:19.0009 5512 Processor - ok 23:02:19.0069 5512 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 23:02:19.0199 5512 ProfSvc - ok 23:02:19.0239 5512 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:02:19.0266 5512 ProtectedStorage - ok 23:02:19.0345 5512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:02:19.0458 5512 Psched - ok 23:02:19.0552 5512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 23:02:19.0735 5512 ql2300 - ok 23:02:19.0890 5512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 23:02:19.0932 5512 ql40xx - ok 23:02:19.0987 5512 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 23:02:20.0037 5512 QWAVE - ok 23:02:20.0060 5512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:02:20.0124 5512 QWAVEdrv - ok 23:02:20.0145 5512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:02:20.0262 5512 RasAcd - ok 23:02:20.0305 5512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:02:20.0411 5512 RasAgileVpn - ok 23:02:20.0458 5512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 23:02:20.0588 5512 RasAuto - ok 23:02:20.0679 5512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:02:20.0793 5512 Rasl2tp - ok 23:02:20.0904 5512 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 23:02:21.0061 5512 RasMan - ok 23:02:21.0192 5512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:02:21.0283 5512 RasPppoe - ok 23:02:21.0332 5512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:02:21.0423 5512 RasSstp - ok 23:02:21.0483 5512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:02:21.0602 5512 rdbss - ok 23:02:21.0637 5512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:02:21.0690 5512 rdpbus - ok 23:02:21.0712 5512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:02:21.0812 5512 RDPCDD - ok 23:02:21.0858 5512 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 23:02:21.0926 5512 RDPDR - ok 23:02:21.0971 5512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:02:22.0071 5512 RDPENCDD - ok 23:02:22.0097 5512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:02:22.0189 5512 RDPREFMP - ok 23:02:22.0240 5512 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 23:02:22.0292 5512 RdpVideoMiniport - ok 23:02:22.0324 5512 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 23:02:22.0395 5512 RDPWD - ok 23:02:22.0446 5512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:02:22.0475 5512 rdyboost - ok 23:02:22.0580 5512 RegSrvc (fd11c1287d38a46fb72353e14d50089c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 23:02:22.0629 5512 RegSrvc - ok 23:02:22.0748 5512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 23:02:22.0859 5512 RemoteAccess - ok 23:02:22.0908 5512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 23:02:23.0020 5512 RemoteRegistry - ok 23:02:23.0080 5512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 23:02:23.0119 5512 RFCOMM - ok 23:02:23.0153 5512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 23:02:23.0283 5512 RpcEptMapper - ok 23:02:23.0310 5512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 23:02:23.0361 5512 RpcLocator - ok 23:02:23.0416 5512 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 23:02:23.0526 5512 RpcSs - ok 23:02:23.0759 5512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:02:23.0863 5512 rspndr - ok 23:02:24.0020 5512 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys 23:02:24.0094 5512 RSUSBSTOR - ok 23:02:24.0175 5512 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\Windows\system32\DRIVERS\Rt64win7.sys 23:02:24.0210 5512 RTL8167 - ok 23:02:24.0268 5512 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 23:02:24.0327 5512 s3cap - ok 23:02:24.0372 5512 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:02:24.0399 5512 SamSs - ok 23:02:24.0457 5512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:02:24.0499 5512 sbp2port - ok 23:02:24.0610 5512 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 23:02:24.0671 5512 SBSDWSCService - ok 23:02:24.0767 5512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 23:02:24.0882 5512 SCardSvr - ok 23:02:24.0990 5512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:02:25.0128 5512 scfilter - ok 23:02:25.0199 5512 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 23:02:25.0385 5512 Schedule - ok 23:02:25.0422 5512 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 23:02:25.0510 5512 SCPolicySvc - ok 23:02:25.0541 5512 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 23:02:25.0602 5512 SDRSVC - ok 23:02:25.0694 5512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:02:25.0781 5512 secdrv - ok 23:02:25.0814 5512 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 23:02:25.0913 5512 seclogon - ok 23:02:25.0950 5512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 23:02:26.0080 5512 SENS - ok 23:02:26.0107 5512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 23:02:26.0165 5512 SensrSvc - ok 23:02:26.0255 5512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:02:26.0316 5512 Serenum - ok 23:02:26.0339 5512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 23:02:26.0393 5512 Serial - ok 23:02:26.0435 5512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 23:02:26.0488 5512 sermouse - ok 23:02:26.0557 5512 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 23:02:26.0680 5512 SessionEnv - ok 23:02:26.0757 5512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 23:02:26.0816 5512 sffdisk - ok 23:02:26.0843 5512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:02:26.0906 5512 sffp_mmc - ok 23:02:26.0933 5512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 23:02:26.0982 5512 sffp_sd - ok 23:02:27.0025 5512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 23:02:27.0082 5512 sfloppy - ok 23:02:27.0130 5512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 23:02:27.0253 5512 SharedAccess - ok 23:02:27.0301 5512 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 23:02:27.0420 5512 ShellHWDetection - ok 23:02:27.0495 5512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:02:27.0533 5512 SiSRaid2 - ok 23:02:27.0558 5512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 23:02:27.0603 5512 SiSRaid4 - ok 23:02:27.0695 5512 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 23:02:28.0056 5512 SkypeUpdate - ok 23:02:28.0199 5512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:02:28.0316 5512 Smb - ok 23:02:28.0502 5512 SmcService (13ffb1d55c2710abc3119474a83c0a44) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe 23:02:28.0650 5512 SmcService - ok 23:02:28.0696 5512 SNAC (0bdef6dadb43601fdcb031b4b0383580) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE 23:02:28.0746 5512 SNAC - ok 23:02:28.0909 5512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 23:02:28.0961 5512 SNMPTRAP - ok 23:02:29.0020 5512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:02:29.0042 5512 spldr - ok 23:02:29.0097 5512 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 23:02:29.0223 5512 Spooler - ok 23:02:29.0408 5512 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 23:02:29.0804 5512 sppsvc - ok 23:02:29.0839 5512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 23:02:29.0922 5512 sppuinotify - ok 23:02:29.0972 5512 SRTSP (83834ebc0786ccf5ee64fbbb6a89cf3a) C:\Windows\system32\Drivers\SRTSP64.SYS 23:02:30.0009 5512 SRTSP - ok 23:02:30.0041 5512 SRTSPL (e47d5d68917e0d70e3730263d41cefa3) C:\Windows\system32\Drivers\SRTSPL64.SYS 23:02:30.0105 5512 SRTSPL - ok 23:02:30.0131 5512 SRTSPX (ea2051ff6a40c89eaa98c1769ad68597) C:\Windows\system32\Drivers\SRTSPX64.SYS 23:02:30.0155 5512 SRTSPX - ok 23:02:30.0190 5512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:02:30.0261 5512 srv - ok 23:02:30.0296 5512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:02:30.0335 5512 srv2 - ok 23:02:30.0361 5512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:02:30.0390 5512 srvnet - ok 23:02:30.0433 5512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 23:02:30.0554 5512 SSDPSRV - ok 23:02:30.0585 5512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 23:02:30.0711 5512 SstpSvc - ok 23:02:30.0832 5512 STacSV (a6b2ec3a2b6ad7c3f7b2f3495cade4c0) C:\Program Files\IDT\WDM\STacSV64.exe 23:02:30.0891 5512 STacSV - ok 23:02:30.0984 5512 Stereo Service (0683504bbb3ffc0a73d9d217b63dd0e0) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:02:31.0018 5512 Stereo Service - ok 23:02:31.0117 5512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 23:02:31.0153 5512 stexstor - ok 23:02:31.0239 5512 STHDA (eba98394a7d58f7552c52192bd8fa7e6) C:\Windows\system32\DRIVERS\stwrt64.sys 23:02:31.0302 5512 STHDA - ok 23:02:31.0357 5512 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 23:02:31.0455 5512 stisvc - ok 23:02:31.0501 5512 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 23:02:31.0524 5512 storflt - ok 23:02:31.0551 5512 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 23:02:31.0588 5512 storvsc - ok 23:02:31.0623 5512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 23:02:31.0645 5512 swenum - ok 23:02:31.0698 5512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 23:02:31.0820 5512 swprv - ok 23:02:31.0943 5512 Symantec AntiVirus (4402cf4959a30cb6a008099aba8f22a9) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe 23:02:32.0034 5512 Symantec AntiVirus - ok 23:02:32.0138 5512 SymEvent (d1f1a5e72e33d6be449f5f1f4a513dd1) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 23:02:32.0182 5512 SymEvent - ok 23:02:32.0209 5512 Synth3dVsc - ok 23:02:32.0297 5512 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 23:02:32.0469 5512 SysMain - ok 23:02:32.0518 5512 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 23:02:32.0576 5512 TabletInputService - ok 23:02:32.0620 5512 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 23:02:32.0753 5512 TapiSrv - ok 23:02:32.0792 5512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 23:02:32.0895 5512 TBS - ok 23:02:32.0991 5512 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 23:02:33.0115 5512 Tcpip - ok 23:02:33.0202 5512 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 23:02:33.0297 5512 TCPIP6 - ok 23:02:33.0341 5512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:02:33.0442 5512 tcpipreg - ok 23:02:33.0487 5512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:02:33.0539 5512 TDPIPE - ok 23:02:33.0580 5512 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 23:02:33.0637 5512 TDTCP - ok 23:02:33.0686 5512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:02:33.0790 5512 tdx - ok 23:02:33.0875 5512 Teefer2 (9416ed539bb8771eef44d454555a97db) C:\Windows\system32\DRIVERS\teefer2.sys 23:02:33.0910 5512 Teefer2 - ok 23:02:34.0048 5512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 23:02:34.0071 5512 TermDD - ok 23:02:34.0130 5512 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 23:02:34.0298 5512 TermService - ok 23:02:34.0332 5512 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 23:02:34.0405 5512 Themes - ok 23:02:34.0448 5512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 23:02:34.0537 5512 THREADORDER - ok 23:02:34.0564 5512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 23:02:34.0685 5512 TrkWks - ok 23:02:34.0743 5512 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 23:02:34.0843 5512 TrustedInstaller - ok 23:02:34.0898 5512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:02:34.0996 5512 tssecsrv - ok 23:02:35.0025 5512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:02:35.0090 5512 TsUsbFlt - ok 23:02:35.0129 5512 tsusbhub - ok 23:02:35.0205 5512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:02:35.0306 5512 tunnel - ok 23:02:35.0341 5512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 23:02:35.0380 5512 uagp35 - ok 23:02:35.0422 5512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:02:35.0531 5512 udfs - ok 23:02:35.0578 5512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 23:02:35.0620 5512 UI0Detect - ok 23:02:35.0654 5512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:02:35.0693 5512 uliagpkx - ok 23:02:35.0734 5512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 23:02:35.0777 5512 umbus - ok 23:02:35.0815 5512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 23:02:35.0856 5512 UmPass - ok 23:02:35.0897 5512 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 23:02:35.0949 5512 UmRdpService - ok 23:02:36.0090 5512 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 23:02:36.0211 5512 UNS - ok 23:02:36.0263 5512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 23:02:36.0405 5512 upnphost - ok 23:02:36.0456 5512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 23:02:36.0484 5512 usbccgp - ok 23:02:36.0527 5512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:02:36.0578 5512 usbcir - ok 23:02:36.0613 5512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 23:02:36.0658 5512 usbehci - ok 23:02:36.0708 5512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:02:36.0744 5512 usbhub - ok 23:02:36.0781 5512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:02:36.0846 5512 usbohci - ok 23:02:36.0882 5512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 23:02:36.0931 5512 usbprint - ok 23:02:36.0959 5512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:02:37.0032 5512 USBSTOR - ok 23:02:37.0056 5512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 23:02:37.0115 5512 usbuhci - ok 23:02:37.0167 5512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 23:02:37.0223 5512 usbvideo - ok 23:02:37.0252 5512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 23:02:37.0368 5512 UxSms - ok 23:02:37.0406 5512 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:02:37.0433 5512 VaultSvc - ok 23:02:37.0472 5512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:02:37.0493 5512 vdrvroot - ok 23:02:37.0551 5512 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 23:02:37.0663 5512 vds - ok 23:02:37.0721 5512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:02:37.0775 5512 vga - ok 23:02:37.0795 5512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:02:37.0902 5512 VgaSave - ok 23:02:37.0914 5512 VGPU - ok 23:02:37.0960 5512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:02:38.0009 5512 vhdmp - ok 23:02:38.0041 5512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:02:38.0078 5512 viaide - ok 23:02:38.0105 5512 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 23:02:38.0134 5512 vmbus - ok 23:02:38.0156 5512 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 23:02:38.0183 5512 VMBusHID - ok 23:02:38.0218 5512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:02:38.0242 5512 volmgr - ok 23:02:38.0297 5512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:02:38.0333 5512 volmgrx - ok 23:02:38.0366 5512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:02:38.0399 5512 volsnap - ok 23:02:38.0439 5512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 23:02:38.0486 5512 vsmraid - ok 23:02:38.0563 5512 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 23:02:38.0736 5512 VSS - ok 23:02:38.0767 5512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 23:02:38.0815 5512 vwifibus - ok 23:02:38.0842 5512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 23:02:38.0896 5512 vwififlt - ok 23:02:38.0929 5512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 23:02:38.0983 5512 vwifimp - ok 23:02:39.0108 5512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 23:02:39.0226 5512 W32Time - ok 23:02:39.0261 5512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 23:02:39.0323 5512 WacomPen - ok 23:02:39.0391 5512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:02:39.0494 5512 WANARP - ok 23:02:39.0510 5512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:02:39.0597 5512 Wanarpv6 - ok 23:02:39.0679 5512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 23:02:39.0784 5512 WatAdminSvc - ok 23:02:39.0869 5512 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 23:02:39.0970 5512 wbengine - ok 23:02:40.0019 5512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 23:02:40.0058 5512 WbioSrvc - ok 23:02:40.0098 5512 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 23:02:40.0149 5512 wcncsvc - ok 23:02:40.0171 5512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 23:02:40.0232 5512 WcsPlugInService - ok 23:02:40.0285 5512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 23:02:40.0323 5512 Wd - ok 23:02:40.0367 5512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:02:40.0417 5512 Wdf01000 - ok 23:02:40.0463 5512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 23:02:40.0599 5512 WdiServiceHost - ok 23:02:40.0605 5512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 23:02:40.0648 5512 WdiSystemHost - ok 23:02:40.0700 5512 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 23:02:40.0803 5512 WebClient - ok 23:02:40.0862 5512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 23:02:40.0990 5512 Wecsvc - ok 23:02:41.0027 5512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 23:02:41.0138 5512 wercplsupport - ok 23:02:41.0171 5512 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 23:02:41.0266 5512 WerSvc - ok 23:02:41.0316 5512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:02:41.0422 5512 WfpLwf - ok 23:02:41.0450 5512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys Част 2: 23:02:41.0485 5512 WIMMount - ok 23:02:41.0514 5512 WinDefend - ok 23:02:41.0525 5512 WinHttpAutoProxySvc - ok 23:02:41.0586 5512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 23:02:41.0721 5512 Winmgmt - ok 23:02:41.0814 5512 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 23:02:42.0002 5512 WinRM - ok 23:02:42.0086 5512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 23:02:42.0183 5512 Wlansvc - ok 23:02:42.0233 5512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 23:02:42.0275 5512 WmiAcpi - ok 23:02:42.0345 5512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 23:02:42.0380 5512 wmiApSrv - ok 23:02:42.0407 5512 WMPNetworkSvc - ok 23:02:42.0451 5512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 23:02:42.0480 5512 WPCSvc - ok 23:02:42.0511 5512 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 23:02:42.0601 5512 WPDBusEnum - ok 23:02:42.0637 5512 WPS (5c123d0266a85dc828b4dd638cbd6968) C:\Windows\system32\drivers\wpsdrvnt.sys 23:02:42.0674 5512 WPS - ok 23:02:42.0722 5512 WpsHelper (d9b5a13804b7d97770c42da484a9d86e) C:\Windows\system32\drivers\WpsHelper.sys 23:02:42.0776 5512 WpsHelper - ok 23:02:42.0806 5512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:02:42.0917 5512 ws2ifsl - ok 23:02:42.0962 5512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 23:02:43.0021 5512 wscsvc - ok 23:02:43.0032 5512 WSearch - ok 23:02:43.0136 5512 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 23:02:43.0411 5512 wuauserv - ok 23:02:43.0504 5512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:02:43.0595 5512 WudfPf - ok 23:02:43.0622 5512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:02:43.0745 5512 WUDFRd - ok 23:02:43.0792 5512 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 23:02:43.0901 5512 wudfsvc - ok 23:02:43.0945 5512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 23:02:43.0997 5512 WwanSvc - ok 23:02:44.0058 5512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:02:44.0660 5512 \Device\Harddisk0\DR0 - ok 23:02:44.0668 5512 Boot (0x1200) (3512bb6769e27b744bd587884aa99646) \Device\Harddisk0\DR0\Partition0 23:02:44.0672 5512 \Device\Harddisk0\DR0\Partition0 - ok 23:02:44.0706 5512 Boot (0x1200) (5208155b9130e3a66fadac2c8b9e23a5) \Device\Harddisk0\DR0\Partition1 23:02:44.0709 5512 \Device\Harddisk0\DR0\Partition1 - ok 23:02:44.0729 5512 Boot (0x1200) (99bcdac21fb9042e1d51559a0984c2e6) \Device\Harddisk0\DR0\Partition2 23:02:44.0735 5512 \Device\Harddisk0\DR0\Partition2 - ok 23:02:44.0737 5512 ============================================================ 23:02:44.0737 5512 Scan finished 23:02:44.0737 5512 ============================================================ 23:02:44.0765 8940 Detected object count: 5 23:02:44.0765 8940 Actual detected object count: 5 23:03:51.0095 8940 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:03:51.0095 8940 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:03:51.0098 8940 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user 23:03:51.0098 8940 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:03:51.0101 8940 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:03:51.0101 8940 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:03:51.0104 8940 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:03:51.0104 8940 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:03:51.0106 8940 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user 23:03:51.0106 8940 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:04:24.0265 8812 ============================================================ 23:04:24.0265 8812 Scan started 23:04:24.0265 8812 Mode: Manual; SigCheck; TDLFS; 23:04:24.0265 8812 ============================================================ 23:04:25.0274 8812 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:04:25.0343 8812 1394ohci - ok 23:04:25.0379 8812 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:04:25.0411 8812 ACPI - ok 23:04:25.0437 8812 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:04:25.0471 8812 AcpiPmi - ok 23:04:25.0550 8812 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 23:04:25.0558 8812 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning 23:04:25.0558 8812 Adobe LM Service - detected UnsignedFile.Multi.Generic (1) 23:04:25.0647 8812 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 23:04:25.0665 8812 AdobeARMservice - ok 23:04:25.0717 8812 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 23:04:25.0751 8812 adp94xx - ok 23:04:25.0777 8812 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 23:04:25.0805 8812 adpahci - ok 23:04:25.0833 8812 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 23:04:25.0855 8812 adpu320 - ok 23:04:25.0894 8812 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 23:04:25.0967 8812 AeLookupSvc - ok 23:04:26.0046 8812 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 23:04:26.0081 8812 AESTFilters - ok 23:04:26.0135 8812 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 23:04:26.0176 8812 AFD - ok 23:04:26.0210 8812 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:04:26.0232 8812 agp440 - ok 23:04:26.0266 8812 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 23:04:26.0296 8812 ALG - ok 23:04:26.0319 8812 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:04:26.0339 8812 aliide - ok 23:04:26.0351 8812 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:04:26.0371 8812 amdide - ok 23:04:26.0404 8812 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 23:04:26.0431 8812 AmdK8 - ok 23:04:26.0445 8812 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 23:04:26.0478 8812 AmdPPM - ok 23:04:26.0516 8812 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:04:26.0540 8812 amdsata - ok 23:04:26.0564 8812 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 23:04:26.0591 8812 amdsbs - ok 23:04:26.0608 8812 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:04:26.0628 8812 amdxata - ok 23:04:26.0666 8812 AMPPAL (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys 23:04:26.0697 8812 AMPPAL - ok 23:04:26.0836 8812 AMPPALP (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys 23:04:26.0865 8812 AMPPALP - ok 23:04:26.0974 8812 AMPPALR3 (864c632b999be1237a3dc46736e71f27) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 23:04:27.0041 8812 AMPPALR3 - ok 23:04:27.0085 8812 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\Windows\system32\DRIVERS\Apfiltr.sys 23:04:27.0119 8812 ApfiltrService - ok 23:04:27.0154 8812 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:04:27.0238 8812 AppID - ok 23:04:27.0274 8812 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 23:04:27.0365 8812 AppIDSvc - ok 23:04:27.0412 8812 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 23:04:27.0497 8812 Appinfo - ok 23:04:27.0535 8812 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 23:04:27.0565 8812 AppMgmt - ok 23:04:27.0606 8812 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 23:04:27.0629 8812 arc - ok 23:04:27.0642 8812 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 23:04:27.0665 8812 arcsas - ok 23:04:27.0684 8812 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:04:27.0772 8812 AsyncMac - ok 23:04:27.0805 8812 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:04:27.0826 8812 atapi - ok 23:04:27.0883 8812 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 23:04:27.0985 8812 AudioEndpointBuilder - ok 23:04:28.0017 8812 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 23:04:28.0124 8812 AudioSrv - ok 23:04:28.0164 8812 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 23:04:28.0206 8812 AxInstSV - ok 23:04:28.0236 8812 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 23:04:28.0274 8812 b06bdrv - ok 23:04:28.0298 8812 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:04:28.0331 8812 b57nd60a - ok 23:04:28.0366 8812 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 23:04:28.0394 8812 BDESVC - ok 23:04:28.0413 8812 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:04:28.0499 8812 Beep - ok 23:04:28.0553 8812 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 23:04:28.0656 8812 BFE - ok 23:04:28.0706 8812 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 23:04:28.0816 8812 BITS - ok 23:04:28.0839 8812 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:04:28.0866 8812 blbdrive - ok 23:04:28.0971 8812 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 23:04:29.0006 8812 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning 23:04:29.0006 8812 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1) 23:04:29.0061 8812 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 23:04:29.0128 8812 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning 23:04:29.0129 8812 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1) 23:04:29.0178 8812 Bluetooth OBEX Service (a2ebf384ed105fed7d05c5465500ef2e) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 23:04:29.0215 8812 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning 23:04:29.0216 8812 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1) 23:04:29.0297 8812 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:04:29.0323 8812 bowser - ok 23:04:29.0352 8812 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:04:29.0385 8812 BrFiltLo - ok 23:04:29.0400 8812 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:04:29.0431 8812 BrFiltUp - ok 23:04:29.0476 8812 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 23:04:29.0565 8812 Browser - ok 23:04:29.0582 8812 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 23:04:29.0618 8812 Brserid - ok 23:04:29.0629 8812 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:04:29.0663 8812 BrSerWdm - ok 23:04:29.0675 8812 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:04:29.0708 8812 BrUsbMdm - ok 23:04:29.0720 8812 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 23:04:29.0750 8812 BrUsbSer - ok 23:04:29.0779 8812 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 23:04:29.0805 8812 BthEnum - ok 23:04:29.0815 8812 Bthipareh_me - ok 23:04:29.0831 8812 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 23:04:29.0866 8812 BTHMODEM - ok 23:04:29.0903 8812 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 23:04:29.0939 8812 BthPan - ok 23:04:29.0973 8812 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 23:04:30.0012 8812 BTHPORT - ok 23:04:30.0043 8812 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 23:04:30.0132 8812 bthserv - ok 23:04:30.0216 8812 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 23:04:30.0236 8812 BTHSSecurityMgr - ok 23:04:30.0268 8812 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 23:04:30.0294 8812 BTHUSB - ok 23:04:30.0333 8812 btmaudio (c5495cf0261279f08bf942b865e4a55a) C:\Windows\system32\drivers\btmaud.sys 23:04:30.0349 8812 btmaudio - ok 23:04:30.0366 8812 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys 23:04:30.0382 8812 btmaux - ok 23:04:30.0424 8812 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys 23:04:30.0453 8812 btmhsf - ok 23:04:30.0534 8812 ccEvtMgr (f3e5c6ceec35c3f65221100b00afb5f9) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 23:04:30.0552 8812 ccEvtMgr - ok 23:04:30.0561 8812 ccSetMgr (f3e5c6ceec35c3f65221100b00afb5f9) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 23:04:30.0584 8812 ccSetMgr - ok 23:04:30.0617 8812 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:04:30.0705 8812 cdfs - ok 23:04:30.0745 8812 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 23:04:30.0776 8812 cdrom - ok 23:04:30.0818 8812 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 23:04:30.0904 8812 CertPropSvc - ok 23:04:30.0925 8812 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 23:04:30.0958 8812 circlass - ok 23:04:30.0994 8812 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:04:31.0029 8812 CLFS - ok 23:04:31.0096 8812 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:04:31.0116 8812 clr_optimization_v2.0.50727_32 - ok 23:04:31.0155 8812 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:04:31.0176 8812 clr_optimization_v2.0.50727_64 - ok 23:04:31.0218 8812 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:04:31.0240 8812 clr_optimization_v4.0.30319_32 - ok 23:04:31.0274 8812 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:04:31.0296 8812 clr_optimization_v4.0.30319_64 - ok 23:04:31.0363 8812 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:04:31.0398 8812 CmBatt - ok 23:04:31.0426 8812 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:04:31.0446 8812 cmdide - ok 23:04:31.0493 8812 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:04:31.0546 8812 CNG - ok 23:04:31.0565 8812 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:04:31.0587 8812 Compbatt - ok 23:04:31.0625 8812 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 23:04:31.0659 8812 CompositeBus - ok 23:04:31.0669 8812 COMSysApp - ok 23:04:31.0696 8812 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 23:04:31.0717 8812 crcdisk - ok 23:04:31.0763 8812 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 23:04:31.0851 8812 CryptSvc - ok 23:04:31.0901 8812 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 23:04:31.0940 8812 CSC - ok 23:04:31.0985 8812 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 23:04:32.0030 8812 CscService - ok 23:04:32.0067 8812 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 23:04:32.0167 8812 DcomLaunch - ok 23:04:32.0209 8812 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 23:04:32.0304 8812 defragsvc - ok 23:04:32.0367 8812 DellDigitalDelivery (5c2bf6f94afe6e585b632ee12f861949) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 23:04:32.0380 8812 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning 23:04:32.0380 8812 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1) 23:04:32.0429 8812 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:04:32.0514 8812 DfsC - ok 23:04:32.0545 8812 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 23:04:32.0637 8812 Dhcp - ok 23:04:32.0672 8812 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:04:32.0762 8812 discache - ok 23:04:32.0806 8812 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 23:04:32.0829 8812 Disk - ok 23:04:32.0872 8812 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 23:04:32.0901 8812 Dnscache - ok 23:04:32.0943 8812 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 23:04:33.0036 8812 dot3svc - ok 23:04:33.0068 8812 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 23:04:33.0158 8812 DPS - ok 23:04:33.0191 8812 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:04:33.0224 8812 drmkaud - ok 23:04:33.0290 8812 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:04:33.0349 8812 DXGKrnl - ok 23:04:33.0385 8812 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 23:04:33.0476 8812 EapHost - ok 23:04:33.0599 8812 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 23:04:33.0718 8812 ebdrv - ok 23:04:33.0896 8812 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 23:04:33.0931 8812 eeCtrl - ok 23:04:33.0969 8812 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 23:04:33.0996 8812 EFS - ok 23:04:34.0068 8812 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 23:04:34.0114 8812 ehRecvr - ok 23:04:34.0152 8812 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 23:04:34.0182 8812 ehSched - ok 23:04:34.0242 8812 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 23:04:34.0282 8812 elxstor - ok 23:04:34.0396 8812 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 23:04:34.0416 8812 EraserUtilRebootDrv - ok 23:04:34.0455 8812 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:04:34.0480 8812 ErrDev - ok 23:04:34.0531 8812 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 23:04:34.0628 8812 EventSystem - ok 23:04:34.0739 8812 EvtEng (e3a96d5ae6e5c7b5472011ba77353368) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 23:04:34.0818 8812 EvtEng - ok 23:04:34.0849 8812 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:04:34.0940 8812 exfat - ok 23:04:34.0961 8812 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:04:35.0052 8812 fastfat - ok 23:04:35.0112 8812 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 23:04:35.0156 8812 Fax - ok 23:04:35.0169 8812 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 23:04:35.0196 8812 fdc - ok 23:04:35.0237 8812 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 23:04:35.0323 8812 fdPHost - ok 23:04:35.0343 8812 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 23:04:35.0433 8812 FDResPub - ok 23:04:35.0451 8812 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:04:35.0474 8812 FileInfo - ok 23:04:35.0501 8812 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:04:35.0592 8812 Filetrace - ok 23:04:35.0605 8812 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 23:04:35.0632 8812 flpydisk - ok 23:04:35.0679 8812 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:04:35.0710 8812 FltMgr - ok 23:04:35.0772 8812 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 23:04:35.0829 8812 FontCache - ok 23:04:35.0896 8812 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:04:35.0913 8812 FontCache3.0.0.0 - ok 23:04:35.0943 8812 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:04:35.0965 8812 FsDepends - ok 23:04:35.0984 8812 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 23:04:36.0005 8812 Fs_Rec - ok 23:04:36.0046 8812 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:04:36.0082 8812 fvevol - ok 23:04:36.0106 8812 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:04:36.0128 8812 gagp30kx - ok 23:04:36.0180 8812 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 23:04:36.0287 8812 gpsvc - ok 23:04:36.0300 8812 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:04:36.0326 8812 hcw85cir - ok 23:04:36.0362 8812 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 23:04:36.0409 8812 HdAudAddService - ok 23:04:36.0438 8812 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 23:04:36.0475 8812 HDAudBus - ok 23:04:36.0487 8812 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 23:04:36.0515 8812 HidBatt - ok 23:04:36.0528 8812 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 23:04:36.0564 8812 HidBth - ok 23:04:36.0577 8812 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 23:04:36.0612 8812 HidIr - ok 23:04:36.0642 8812 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 23:04:36.0731 8812 hidserv - ok 23:04:36.0785 8812 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 23:04:36.0812 8812 HidUsb - ok 23:04:36.0855 8812 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 23:04:36.0942 8812 hkmsvc - ok 23:04:37.0062 8812 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 23:04:37.0095 8812 HomeGroupListener - ok 23:04:37.0136 8812 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 23:04:37.0167 8812 HomeGroupProvider - ok 23:04:37.0198 8812 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:04:37.0225 8812 HpSAMD - ok 23:04:37.0279 8812 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:04:37.0384 8812 HTTP - ok 23:04:37.0428 8812 hwdatacard (d96a290f699081ae737390c0fe329d7c) C:\Windows\system32\DRIVERS\ewusbmdm.sys 23:04:37.0455 8812 hwdatacard - ok 23:04:37.0499 8812 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:04:37.0519 8812 hwpolicy - ok 23:04:37.0559 8812 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 23:04:37.0588 8812 i8042prt - ok 23:04:37.0630 8812 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:04:37.0665 8812 iaStorV - ok 23:04:37.0703 8812 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys 23:04:37.0724 8812 iBtFltCoex - ok 23:04:37.0799 8812 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:04:37.0848 8812 idsvc - ok 23:04:38.0210 8812 igfx (174bcac474de13b2650e444cf124828e) C:\Windows\system32\DRIVERS\igdkmd64.sys 23:04:38.0527 8812 igfx - ok 23:04:38.0557 8812 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 23:04:38.0574 8812 iirsp - ok 23:04:38.0621 8812 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 23:04:38.0708 8812 IKEEXT - ok 23:04:38.0748 8812 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys 23:04:38.0764 8812 intaud_WaveExtensible - ok 23:04:38.0801 8812 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:04:38.0817 8812 intelide - ok 23:04:38.0846 8812 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:04:38.0869 8812 intelppm - ok 23:04:38.0907 8812 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 23:04:38.0999 8812 IPBusEnum - ok 23:04:39.0030 8812 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:04:39.0098 8812 IpFilterDriver - ok 23:04:39.0154 8812 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 23:04:39.0235 8812 iphlpsvc - ok 23:04:39.0264 8812 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:04:39.0288 8812 IPMIDRV - ok 23:04:39.0322 8812 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:04:39.0394 8812 IPNAT - ok 23:04:39.0415 8812 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:04:39.0445 8812 IRENUM - ok 23:04:39.0480 8812 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:04:39.0496 8812 isapnp - ok 23:04:39.0518 8812 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:04:39.0543 8812 iScsiPrt - ok 23:04:39.0576 8812 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys 23:04:39.0589 8812 iwdbus - ok 23:04:39.0609 8812 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 23:04:39.0626 8812 kbdclass - ok 23:04:39.0653 8812 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 23:04:39.0675 8812 kbdhid - ok 23:04:39.0713 8812 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:04:39.0735 8812 KeyIso - ok 23:04:39.0753 8812 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:04:39.0772 8812 KSecDD - ok 23:04:39.0805 8812 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:04:39.0826 8812 KSecPkg - ok 23:04:39.0866 8812 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:04:39.0936 8812 ksthunk - ok 23:04:39.0969 8812 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 23:04:40.0048 8812 KtmRm - ok 23:04:40.0088 8812 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 23:04:40.0173 8812 LanmanServer - ok 23:04:40.0202 8812 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 23:04:40.0300 8812 LanmanWorkstation - ok 23:04:40.0452 8812 LiveUpdate (6abe9ecaab7dd0cc6f46ec830e0fe8fc) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE 23:04:40.0633 8812 LiveUpdate - ok 23:04:40.0689 8812 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:04:40.0806 8812 lltdio - ok 23:04:40.0842 8812 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 23:04:40.0934 8812 lltdsvc - ok 23:04:40.0954 8812 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 23:04:41.0025 8812 lmhosts - ok 23:04:41.0126 8812 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 23:04:41.0156 8812 LMS - ok 23:04:41.0204 8812 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:04:41.0229 8812 LSI_FC - ok 23:04:41.0258 8812 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:04:41.0282 8812 LSI_SAS - ok 23:04:41.0301 8812 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:04:41.0324 8812 LSI_SAS2 - ok 23:04:41.0348 8812 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:04:41.0372 8812 LSI_SCSI - ok 23:04:41.0403 8812 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:04:41.0499 8812 luafv - ok 23:04:41.0534 8812 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 23:04:41.0565 8812 Mcx2Svc - ok 23:04:41.0591 8812 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 23:04:41.0612 8812 megasas - ok 23:04:41.0645 8812 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 23:04:41.0676 8812 MegaSR - ok 23:04:41.0711 8812 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys 23:04:41.0730 8812 MEIx64 - ok 23:04:41.0827 8812 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 23:04:41.0847 8812 Microsoft Office Groove Audit Service - ok 23:04:41.0889 8812 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 23:04:41.0978 8812 MMCSS - ok 23:04:42.0009 8812 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:04:42.0096 8812 Modem - ok 23:04:42.0118 8812 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:04:42.0152 8812 monitor - ok 23:04:42.0189 8812 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 23:04:42.0211 8812 mouclass - ok 23:04:42.0231 8812 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:04:42.0265 8812 mouhid - ok 23:04:42.0300 8812 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:04:42.0323 8812 mountmgr - ok 23:04:42.0354 8812 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:04:42.0380 8812 mpio - ok 23:04:42.0442 8812 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:04:42.0530 8812 mpsdrv - ok 23:04:42.0582 8812 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 23:04:42.0692 8812 MpsSvc - ok 23:04:42.0744 8812 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:04:42.0786 8812 MRxDAV - ok 23:04:42.0833 8812 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:04:42.0862 8812 mrxsmb - ok 23:04:42.0893 8812 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:04:42.0925 8812 mrxsmb10 - ok 23:04:42.0949 8812 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:04:42.0977 8812 mrxsmb20 - ok 23:04:42.0997 8812 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:04:43.0018 8812 msahci - ok 23:04:43.0056 8812 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:04:43.0084 8812 msdsm - ok 23:04:43.0119 8812 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 23:04:43.0152 8812 MSDTC - ok 23:04:43.0194 8812 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:04:43.0282 8812 Msfs - ok 23:04:43.0294 8812 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:04:43.0382 8812 mshidkmdf - ok 23:04:43.0405 8812 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:04:43.0426 8812 msisadrv - ok 23:04:43.0469 8812 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 23:04:43.0562 8812 MSiSCSI - ok 23:04:43.0573 8812 msiserver - ok 23:04:43.0595 8812 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:04:43.0681 8812 MSKSSRV - ok 23:04:43.0703 8812 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:04:43.0790 8812 MSPCLOCK - ok 23:04:43.0811 8812 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:04:43.0903 8812 MSPQM - ok 23:04:43.0941 8812 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:04:43.0976 8812 MsRPC - ok 23:04:44.0020 8812 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 23:04:44.0041 8812 mssmbios - ok 23:04:44.0054 8812 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:04:44.0142 8812 MSTEE - ok 23:04:44.0161 8812 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 23:04:44.0189 8812 MTConfig - ok 23:04:44.0208 8812 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:04:44.0230 8812 Mup - ok 23:04:44.0317 8812 MyWiFiDHCPDNS (8f57db74bf5407a4cda6c8b005dc8dd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 23:04:44.0345 8812 MyWiFiDHCPDNS - ok 23:04:44.0393 8812 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 23:04:44.0491 8812 napagent - ok 23:04:44.0543 8812 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:04:44.0590 8812 NativeWifiP - ok 23:04:44.0689 8812 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120330.002\ENG64.SYS 23:04:44.0713 8812 NAVENG - ok 23:04:44.0795 8812 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120330.002\EX64.SYS 23:04:44.0897 8812 NAVEX15 - ok 23:04:45.0033 8812 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 23:04:45.0089 8812 NDIS - ok 23:04:45.0128 8812 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:04:45.0215 8812 NdisCap - ok 23:04:45.0235 8812 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:04:45.0320 8812 NdisTapi - ok 23:04:45.0360 8812 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:04:45.0446 8812 Ndisuio - ok 23:04:45.0485 8812 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:04:45.0578 8812 NdisWan - ok 23:04:45.0616 8812 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:04:45.0702 8812 NDProxy - ok 23:04:45.0715 8812 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:04:45.0802 8812 NetBIOS - ok 23:04:45.0843 8812 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:04:45.0933 8812 NetBT - ok 23:04:45.0979 8812 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:04:46.0007 8812 Netlogon - ok 23:04:46.0052 8812 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 23:04:46.0150 8812 Netman - ok 23:04:46.0179 8812 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 23:04:46.0280 8812 netprofm - ok 23:04:46.0338 8812 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:04:46.0357 8812 NetTcpPortSharing - ok 23:04:46.0640 8812 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys 23:04:46.0907 8812 NETwNs64 - ok 23:04:46.0948 8812 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 23:04:46.0966 8812 nfrd960 - ok 23:04:47.0010 8812 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 23:04:47.0086 8812 NlaSvc - ok 23:04:47.0318 8812 npf (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys 23:04:47.0337 8812 npf - ok 23:04:47.0361 8812 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:04:47.0448 8812 Npfs - ok 23:04:47.0473 8812 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 23:04:47.0564 8812 nsi - ok 23:04:47.0584 8812 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:04:47.0671 8812 nsiproxy - ok 23:04:47.0752 8812 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:04:47.0837 8812 Ntfs - ok 23:04:47.0864 8812 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:04:47.0951 8812 Null - ok 23:04:47.0983 8812 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys 23:04:48.0005 8812 nusb3hub - ok 23:04:48.0033 8812 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys 23:04:48.0060 8812 nusb3xhc - ok 23:04:48.0102 8812 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys 23:04:48.0127 8812 NVHDA - ok 23:04:48.0504 8812 nvlddmkm (573b0941a37aebee96085d56a103f57b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:04:48.0981 8812 nvlddmkm - ok 23:04:49.0067 8812 nvpciflt (43af7ebeac2ab623468e32caddcb61a4) C:\Windows\system32\DRIVERS\nvpciflt.sys 23:04:49.0080 8812 nvpciflt - ok 23:04:49.0111 8812 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:04:49.0135 8812 nvraid - ok 23:04:49.0165 8812 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:04:49.0191 8812 nvstor - ok 23:04:49.0253 8812 NVSvc (c500760572c6059918fb0c960967695b) C:\Windows\system32\nvvsvc.exe 23:04:49.0309 8812 NVSvc - ok 23:04:49.0422 8812 nvUpdatusService (f28169a7adf7b41809cf92d369e744f0) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 23:04:49.0520 8812 nvUpdatusService - ok 23:04:49.0550 8812 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:04:49.0574 8812 nv_agp - ok 23:04:49.0663 8812 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 23:04:49.0698 8812 odserv - ok 23:04:49.0746 8812 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:04:49.0777 8812 ohci1394 - ok 23:04:49.0802 8812 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:04:49.0825 8812 ose - ok 23:04:49.0875 8812 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 23:04:49.0911 8812 p2pimsvc - ok 23:04:49.0954 8812 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 23:04:49.0995 8812 p2psvc - ok 23:04:50.0051 8812 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 23:04:50.0081 8812 Parport - ok 23:04:50.0118 8812 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 23:04:50.0141 8812 partmgr - ok 23:04:50.0172 8812 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 23:04:50.0220 8812 PcaSvc - ok 23:04:50.0251 8812 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:04:50.0282 8812 pci - ok 23:04:50.0311 8812 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:04:50.0334 8812 pciide - ok 23:04:50.0376 8812 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 23:04:50.0408 8812 pcmcia - ok 23:04:50.0434 8812 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:04:50.0457 8812 pcw - ok 23:04:50.0500 8812 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:04:50.0620 8812 PEAUTH - ok 23:04:50.0678 8812 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 23:04:50.0746 8812 PeerDistSvc - ok 23:04:50.0836 8812 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 23:04:50.0877 8812 PerfHost - ok 23:04:50.0981 8812 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 23:04:51.0109 8812 pla - ok 23:04:51.0159 8812 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 23:04:51.0199 8812 PlugPlay - ok 23:04:51.0230 8812 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 23:04:51.0257 8812 PNRPAutoReg - ok 23:04:51.0287 8812 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 23:04:51.0322 8812 PNRPsvc - ok 23:04:51.0373 8812 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 23:04:51.0472 8812 PolicyAgent - ok 23:04:51.0509 8812 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 23:04:51.0621 8812 Power - ok 23:04:51.0680 8812 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:04:51.0770 8812 PptpMiniport - ok 23:04:51.0806 8812 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 23:04:51.0833 8812 Processor - ok 23:04:51.0875 8812 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 23:04:51.0955 8812 ProfSvc - ok 23:04:51.0991 8812 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:04:52.0013 8812 ProtectedStorage - ok 23:04:52.0052 8812 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:04:52.0124 8812 Psched - ok 23:04:52.0193 8812 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 23:04:52.0275 8812 ql2300 - ok 23:04:52.0298 8812 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 23:04:52.0322 8812 ql40xx - ok 23:04:52.0495 8812 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 23:04:52.0542 8812 QWAVE - ok 23:04:52.0568 8812 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:04:52.0608 8812 QWAVEdrv - ok 23:04:52.0630 8812 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:04:52.0719 8812 RasAcd - ok 23:04:52.0768 8812 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:04:52.0858 8812 RasAgileVpn - ok 23:04:52.0887 8812 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 23:04:52.0980 8812 RasAuto - ok 23:04:53.0030 8812 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:04:53.0118 8812 Rasl2tp - ok 23:04:53.0166 8812 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 23:04:53.0264 8812 RasMan - ok 23:04:53.0311 8812 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:04:53.0401 8812 RasPppoe - ok 23:04:53.0428 8812 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:04:53.0516 8812 RasSstp - ok 23:04:53.0546 8812 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:04:53.0639 8812 rdbss - ok 23:04:53.0666 8812 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:04:53.0701 8812 rdpbus - ok 23:04:53.0719 8812 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:04:53.0806 8812 RDPCDD - ok 23:04:53.0853 8812 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 23:04:53.0883 8812 RDPDR - ok 23:04:53.0911 8812 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:04:54.0007 8812 RDPENCDD - ok 23:04:54.0038 8812 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:04:54.0126 8812 RDPREFMP - ok 23:04:54.0170 8812 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 23:04:54.0197 8812 RdpVideoMiniport - ok 23:04:54.0243 8812 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 23:04:54.0276 8812 RDPWD - ok 23:04:54.0321 8812 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:04:54.0350 8812 rdyboost - ok 23:04:54.0443 8812 RegSrvc (fd11c1287d38a46fb72353e14d50089c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 23:04:54.0492 8812 RegSrvc - ok 23:04:54.0533 8812 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 23:04:54.0631 8812 RemoteAccess - ok 23:04:54.0670 8812 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 23:04:54.0770 8812 RemoteRegistry - ok 23:04:54.0832 8812 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 23:04:54.0870 8812 RFCOMM - ok 23:04:54.0904 8812 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 23:04:54.0996 8812 RpcEptMapper - ok 23:04:55.0028 8812 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 23:04:55.0058 8812 RpcLocator - ok 23:04:55.0123 8812 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 23:04:55.0231 8812 RpcSs - ok 23:04:55.0288 8812 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:04:55.0379 8812 rspndr - ok 23:04:55.0415 8812 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys 23:04:55.0438 8812 RSUSBSTOR - ok 23:04:55.0481 8812 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\Windows\system32\DRIVERS\Rt64win7.sys 23:04:55.0508 8812 RTL8167 - ok 23:04:55.0542 8812 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 23:04:55.0575 8812 s3cap - ok 23:04:55.0613 8812 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:04:55.0641 8812 SamSs - ok 23:04:55.0675 8812 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:04:55.0701 8812 sbp2port - ok 23:04:55.0795 8812 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 23:04:55.0857 8812 SBSDWSCService - ok 23:04:55.0896 8812 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 23:04:55.0992 8812 SCardSvr - ok 23:04:56.0042 8812 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:04:56.0130 8812 scfilter - ok 23:04:56.0196 8812 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 23:04:56.0316 8812 Schedule - ok 23:04:56.0351 8812 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 23:04:56.0441 8812 SCPolicySvc - ok 23:04:56.0471 8812 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 23:04:56.0503 8812 SDRSVC - ok 23:04:56.0526 8812 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:04:56.0617 8812 secdrv - ok 23:04:56.0646 8812 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 23:04:56.0734 8812 seclogon - ok 23:04:56.0760 8812 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 23:04:56.0852 8812 SENS - ok 23:04:56.0881 8812 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 23:04:56.0910 8812 SensrSvc - ok 23:04:56.0930 8812 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:04:56.0957 8812 Serenum - ok 23:04:56.0980 8812 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 23:04:57.0009 8812 Serial - ok 23:04:57.0043 8812 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 23:04:57.0072 8812 sermouse - ok 23:04:57.0131 8812 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 23:04:57.0229 8812 SessionEnv - ok 23:04:57.0264 8812 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 23:04:57.0299 8812 sffdisk - ok 23:04:57.0317 8812 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:04:57.0352 8812 sffp_mmc - ok 23:04:57.0374 8812 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 23:04:57.0409 8812 sffp_sd - ok 23:04:57.0444 8812 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 23:04:57.0472 8812 sfloppy - ok 23:04:57.0515 8812 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 23:04:57.0613 8812 SharedAccess - ok 23:04:57.0652 8812 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 23:04:57.0753 8812 ShellHWDetection - ok 23:04:57.0780 8812 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:04:57.0802 8812 SiSRaid2 - ok 23:04:57.0832 8812 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 23:04:57.0855 8812 SiSRaid4 - ok 23:04:57.0911 8812 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 23:04:57.0933 8812 SkypeUpdate - ok 23:04:57.0962 8812 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:04:58.0053 8812 Smb - ok 23:04:58.0187 8812 SmcService (13ffb1d55c2710abc3119474a83c0a44) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe 23:04:58.0332 8812 SmcService - ok 23:04:58.0370 8812 SNAC (0bdef6dadb43601fdcb031b4b0383580) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE 23:04:58.0400 8812 SNAC - ok 23:04:58.0439 8812 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 23:04:58.0470 8812 SNMPTRAP - ok 23:04:58.0517 8812 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:04:58.0538 8812 spldr - ok 23:04:58.0582 8812 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 23:04:58.0686 8812 Spooler - ok 23:04:58.0815 8812 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 23:04:59.0006 8812 sppsvc - ok 23:04:59.0036 8812 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 23:04:59.0127 8812 sppuinotify - ok 23:04:59.0179 8812 SRTSP (83834ebc0786ccf5ee64fbbb6a89cf3a) C:\Windows\system32\Drivers\SRTSP64.SYS 23:04:59.0214 8812 SRTSP - ok 23:04:59.0249 8812 SRTSPL (e47d5d68917e0d70e3730263d41cefa3) C:\Windows\system32\Drivers\SRTSPL64.SYS 23:04:59.0285 8812 SRTSPL - ok 23:04:59.0305 8812 SRTSPX (ea2051ff6a40c89eaa98c1769ad68597) C:\Windows\system32\Drivers\SRTSPX64.SYS 23:04:59.0324 8812 SRTSPX - ok 23:04:59.0375 8812 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:04:59.0413 8812 srv - ok 23:04:59.0448 8812 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:04:59.0485 8812 srv2 - ok 23:04:59.0512 8812 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:04:59.0544 8812 srvnet - ok 23:04:59.0585 8812 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 23:04:59.0707 8812 SSDPSRV - ok 23:04:59.0736 8812 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 23:04:59.0815 8812 SstpSvc - ok 23:04:59.0893 8812 STacSV (a6b2ec3a2b6ad7c3f7b2f3495cade4c0) C:\Program Files\IDT\WDM\STacSV64.exe 23:04:59.0918 8812 STacSV - ok 23:05:00.0002 8812 Stereo Service (0683504bbb3ffc0a73d9d217b63dd0e0) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:05:00.0038 8812 Stereo Service - ok 23:05:00.0135 8812 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 23:05:00.0158 8812 stexstor - ok 23:05:00.0223 8812 STHDA (eba98394a7d58f7552c52192bd8fa7e6) C:\Windows\system32\DRIVERS\stwrt64.sys 23:05:00.0264 8812 STHDA - ok 23:05:00.0319 8812 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 23:05:00.0378 8812 stisvc - ok 23:05:00.0408 8812 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 23:05:00.0433 8812 storflt - ok 23:05:00.0468 8812 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 23:05:00.0489 8812 storvsc - ok 23:05:00.0529 8812 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 23:05:00.0549 8812 swenum - ok 23:05:00.0604 8812 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 23:05:00.0708 8812 swprv - ok 23:05:00.0828 8812 Symantec AntiVirus (4402cf4959a30cb6a008099aba8f22a9) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe 23:05:00.0920 8812 Symantec AntiVirus - ok 23:05:01.0034 8812 SymEvent (d1f1a5e72e33d6be449f5f1f4a513dd1) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 23:05:01.0056 8812 SymEvent - ok 23:05:01.0085 8812 Synth3dVsc - ok 23:05:01.0171 8812 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 23:05:01.0262 8812 SysMain - ok 23:05:01.0314 8812 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 23:05:01.0358 8812 TabletInputService - ok 23:05:01.0405 8812 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 23:05:01.0501 8812 TapiSrv - ok 23:05:01.0543 8812 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 23:05:01.0635 8812 TBS - ok 23:05:01.0720 8812 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 23:05:01.0819 8812 Tcpip - ok 23:05:01.0899 8812 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 23:05:01.0997 8812 TCPIP6 - ok 23:05:02.0047 8812 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:05:02.0134 8812 tcpipreg - ok 23:05:02.0171 8812 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:05:02.0196 8812 TDPIPE - ok 23:05:02.0231 8812 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 23:05:02.0256 8812 TDTCP - ok 23:05:02.0304 8812 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:05:02.0391 8812 tdx - ok 23:05:02.0426 8812 Teefer2 (9416ed539bb8771eef44d454555a97db) C:\Windows\system32\DRIVERS\teefer2.sys 23:05:02.0445 8812 Teefer2 - ok 23:05:02.0488 8812 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 23:05:02.0512 8812 TermDD - ok 23:05:02.0588 8812 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 23:05:02.0695 8812 TermService - ok 23:05:02.0816 8812 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 23:05:02.0856 8812 Themes - ok 23:05:02.0899 8812 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 23:05:02.0990 8812 THREADORDER - ok 23:05:03.0015 8812 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 23:05:03.0114 8812 TrkWks - ok 23:05:03.0172 8812 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 23:05:03.0262 8812 TrustedInstaller - ok 23:05:03.0316 8812 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:05:03.0402 8812 tssecsrv - ok 23:05:03.0442 8812 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:05:03.0470 8812 TsUsbFlt - ok 23:05:03.0482 8812 tsusbhub - ok 23:05:03.0545 8812 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:05:03.0634 8812 tunnel - ok 23:05:03.0670 8812 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 23:05:03.0706 8812 uagp35 - ok 23:05:03.0750 8812 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:05:03.0828 8812 udfs - ok 23:05:03.0874 8812 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 23:05:03.0901 8812 UI0Detect - ok 23:05:03.0938 8812 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:05:03.0962 8812 uliagpkx - ok 23:05:03.0996 8812 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 23:05:04.0025 8812 umbus - ok 23:05:04.0055 8812 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 23:05:04.0083 8812 UmPass - ok 23:05:04.0126 8812 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 23:05:04.0166 8812 UmRdpService - ok 23:05:04.0308 8812 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 23:05:04.0432 8812 UNS - ok 23:05:04.0548 8812 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 23:05:04.0647 8812 upnphost - ok 23:05:04.0708 8812 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 23:05:04.0737 8812 usbccgp - ok 23:05:04.0778 8812 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:05:04.0814 8812 usbcir - ok 23:05:04.0853 8812 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 23:05:04.0881 8812 usbehci - ok 23:05:04.0914 8812 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:05:04.0949 8812 usbhub - ok 23:05:04.0987 8812 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:05:05.0013 8812 usbohci - ok 23:05:05.0044 8812 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 23:05:05.0082 8812 usbprint - ok 23:05:05.0110 8812 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:05:05.0138 8812 USBSTOR - ok 23:05:05.0163 8812 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 23:05:05.0189 8812 usbuhci - ok 23:05:05.0240 8812 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 23:05:05.0280 8812 usbvideo - ok 23:05:05.0314 8812 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 23:05:05.0405 8812 UxSms - ok 23:05:05.0445 8812 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:05:05.0473 8812 VaultSvc - ok 23:05:05.0512 8812 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:05:05.0535 8812 vdrvroot - ok 23:05:05.0592 8812 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 23:05:05.0695 8812 vds - ok 23:05:05.0728 8812 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:05:05.0761 8812 vga - ok 23:05:05.0790 8812 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:05:05.0878 8812 VgaSave - ok 23:05:05.0890 8812 VGPU - ok 23:05:05.0933 8812 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:05:05.0964 8812 vhdmp - ok 23:05:06.0003 8812 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:05:06.0026 8812 viaide - ok 23:05:06.0056 8812 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 23:05:06.0084 8812 vmbus - ok 23:05:06.0107 8812 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 23:05:06.0133 8812 VMBusHID - ok 23:05:06.0169 8812 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:05:06.0194 8812 volmgr - ok 23:05:06.0248 8812 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:05:06.0284 8812 volmgrx - ok 23:05:06.0328 8812 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:05:06.0359 8812 volsnap - ok 23:05:06.0402 8812 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 23:05:06.0428 8812 vsmraid - ok 23:05:06.0503 8812 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 23:05:06.0636 8812 VSS - ok 23:05:06.0663 8812 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 23:05:06.0697 8812 vwifibus - ok 23:05:06.0726 8812 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 23:05:06.0766 8812 vwififlt - ok 23:05:06.0802 8812 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 23:05:06.0840 8812 vwifimp - ok 23:05:06.0886 8812 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 23:05:06.0985 8812 W32Time - ok 23:05:07.0012 8812 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 23:05:07.0039 8812 WacomPen - ok 23:05:07.0087 8812 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:05:07.0182 8812 WANARP - ok 23:05:07.0190 8812 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:05:07.0277 8812 Wanarpv6 - ok 23:05:07.0364 8812 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 23:05:07.0434 8812 WatAdminSvc - ok 23:05:07.0511 8812 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 23:05:07.0581 8812 wbengine - ok 23:05:07.0626 8812 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 23:05:07.0671 8812 WbioSrvc - ok 23:05:07.0717 8812 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 23:05:07.0770 8812 wcncsvc - ok 23:05:07.0790 8812 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 23:05:07.0819 8812 WcsPlugInService - ok 23:05:07.0982 8812 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 23:05:08.0003 8812 Wd - ok 23:05:08.0097 8812 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:05:08.0144 8812 Wdf01000 - ok 23:05:08.0171 8812 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 23:05:08.0216 8812 WdiServiceHost - ok 23:05:08.0223 8812 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 23:05:08.0270 8812 WdiSystemHost - ok 23:05:08.0311 8812 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 23:05:08.0362 8812 WebClient - ok 23:05:08.0391 8812 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 23:05:08.0487 8812 Wecsvc - ok 23:05:08.0513 8812 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 23:05:08.0606 8812 wercplsupport - ok 23:05:08.0635 8812 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 23:05:08.0726 8812 WerSvc - ok 23:05:08.0790 8812 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:05:08.0884 8812 WfpLwf - ok 23:05:08.0913 8812 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 23:05:08.0934 8812 WIMMount - ok 23:05:08.0977 8812 WinDefend - ok 23:05:08.0989 8812 WinHttpAutoProxySvc - ok 23:05:09.0047 8812 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 23:05:09.0142 8812 Winmgmt - ok 23:05:09.0227 8812 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 23:05:09.0371 8812 WinRM - ok 23:05:09.0439 8812 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 23:05:09.0503 8812 Wlansvc - ok 23:05:09.0540 8812 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 23:05:09.0567 8812 WmiAcpi - ok 23:05:09.0619 8812 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 23:05:09.0652 8812 wmiApSrv - ok 23:05:09.0673 8812 WMPNetworkSvc - ok 23:05:09.0714 8812 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 23:05:09.0742 8812 WPCSvc - ok 23:05:09.0786 8812 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 23:05:09.0821 8812 WPDBusEnum - ok 23:05:09.0856 8812 WPS (5c123d0266a85dc828b4dd638cbd6968) C:\Windows\system32\drivers\wpsdrvnt.sys 23:05:09.0874 8812 WPS - ok 23:05:09.0919 8812 WpsHelper (d9b5a13804b7d97770c42da484a9d86e) C:\Windows\system32\drivers\WpsHelper.sys 23:05:09.0945 8812 WpsHelper - ok 23:05:09.0981 8812 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:05:10.0070 8812 ws2ifsl - ok 23:05:10.0103 8812 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 23:05:10.0147 8812 wscsvc - ok 23:05:10.0158 8812 WSearch - ok 23:05:10.0266 8812 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 23:05:10.0420 8812 wuauserv - ok 23:05:10.0467 8812 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:05:10.0556 8812 WudfPf - ok 23:05:10.0585 8812 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:05:10.0677 8812 WUDFRd - ok 23:05:10.0722 8812 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 23:05:10.0812 8812 wudfsvc - ok 23:05:10.0853 8812 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 23:05:10.0899 8812 WwanSvc - ok 23:05:10.0943 8812 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:05:11.0112 8812 \Device\Harddisk0\DR0 - ok 23:05:11.0118 8812 Boot (0x1200) (3512bb6769e27b744bd587884aa99646) \Device\Harddisk0\DR0\Partition0 23:05:11.0121 8812 \Device\Harddisk0\DR0\Partition0 - ok 23:05:11.0158 8812 Boot (0x1200) (5208155b9130e3a66fadac2c8b9e23a5) \Device\Harddisk0\DR0\Partition1 23:05:11.0161 8812 \Device\Harddisk0\DR0\Partition1 - ok 23:05:11.0181 8812 Boot (0x1200) (99bcdac21fb9042e1d51559a0984c2e6) \Device\Harddisk0\DR0\Partition2 23:05:11.0184 8812 \Device\Harddisk0\DR0\Partition2 - ok 23:05:11.0185 8812 ============================================================ 23:05:11.0185 8812 Scan finished 23:05:11.0185 8812 ============================================================ 23:05:11.0203 8972 Detected object count: 5 23:05:11.0203 8972 Actual detected object count: 5 23:05:27.0693 8972 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:05:27.0693 8972 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:05:27.0696 8972 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user 23:05:27.0696 8972 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:05:27.0700 8972 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:05:27.0700 8972 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:05:27.0701 8972 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:05:27.0701 8972 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:05:27.0704 8972 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user 23:05:27.0704 8972 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:05:35.0647 7060 Deinitialize success

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да..и тук всичко е чисто..! :(

Файлът:

C:\WINDOWS\system32\ntoskrnl.exe

изпратете на следните ресурси Jotti и VirusTotal и в следващия си коментар публикувайте резултатите.

и последно:

Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук или тук и го запазете на десктопа си.

  • Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to Disable your Security Programs
  • Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.
Бележка: ComboFix ще се стартира без инсталирана Recovery Console.
  • Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repair режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.
  • Следвайте инструкциите, за да позволите на ComboFix да изтегли и инсталира Microsoft Windows Recovery Console. В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.
** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.

Публикувано изображение

След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:

Публикувано изображение

Изберете Yes, за да продължи сканирането за зловреден софтуер.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:\ComboFix.txt в следващия Ви коментар в тази тема.

Бележка:

  • Моля, не движете мишката, докато ComboFix работи. Това може да наруши процеса на работа.
  • ComboFix ще нулира всички настройки на Microsoft Internet Explorer, включително да направи IE браузър по подразбиране.
  • ComboFix ще изключи autorun функцията на ВСИЧКИ CD, Floppy и USB устройства, за да помогне при премахването на зловредния софтуер и Ви защити от бъдещи вируси/заплахи, които поразяват чрез autorun. Ако това е проблем за вас - моля, уведомете ме.
  • ComboFix ще изключи вашата интернет връзка. Интернет връзката ще се възстанови автоматично, преди ComboFix да завърши процеса на работа. При проблем, той ще прекрати интернет връзката. За да възстановите интернет връзката си, рестартирайте компютъра си.
  • В случай на проблем с ComboFix, той може да създаде лог файл. Моля, включете съдържанието на C:\BUG.txt в следващия Ви коментар в тази тема.
Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Сканирах го. Това са резултатите:

Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-20 Found nothing Публикувано изображение

2012-03-20 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-20 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-20 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-21 Found nothing Публикувано изображение

2012-03-20 Found nothing Публикувано изображение

2012-03-20 Found nothing Публикувано изображение

2012-03-20 Found nothing

т.е. нищо зло/вредно :rolleyes:(тогава какви е това "държание" от страна на комп)

Сега почвам с Combo-to....

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Уф,направо щях да откача.... тоя Комбофикс ми изкара всичките ангели и дяволи и т.н. Не очаквах, че това ще се случи :no-no: пък уж четох предупрежднията... Като се рестартира компютърът нищо не можех да отворя-нито експлорера, нито мозила,нито скайп, нито ексел...пълен блокаж. Като се опитвах да отворя нещо ми се изписваше: Направен е опит за недопустима операция в ключ от системния регистър, отбелязан за изтриване. После: Този елемент не може да се отвори. Може да е преместен,преименуван или изтрит. Искате ли да премахнете този елемент? (аз ест. натисках "не" при този въпрос). Натиснах му възстановяване на предходното състояние, почна да ми архивира файловете и да ги копира на D. После пак се рестартира и уж да ми се възстановят настройките, ама нещо не се получи(предполагам щото нямам CD-to за Win7) и му дадох "отказване", той взе, че се рестартира и всичко си тръгна нормално... Това е резултатът след Комбото ComboFix 12-03-30.06 - Magdalena 03.2012 г. 10:50:42.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.6051.4012 [GMT 3:00] Running from: c:\users\Magdalena\Desktop\ComboFix.exe AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Amazon.ico c:\programdata\MercadoLivre.ico c:\programdata\Roaming c:\windows\IsUn0415.exe c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-31 ))))))))))))))))))))))))))))))) . . 2012-03-31 07:58 . 2012-03-31 07:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-03-31 07:58 . 2012-03-31 07:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-14 23:45 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 23:45 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-03-14 23:45 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-03-14 07:56 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 07:56 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 07:56 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-03-14 07:52 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 07:52 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 07:52 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 07:51 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 07:51 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 07:51 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-03-14 07:51 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 07:51 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-07 07:13 . 2012-03-07 07:13 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-25 18:47 . 2012-02-25 18:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll 2012-01-26 07:24 . 2012-01-09 19:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2012-01-17 07:01 . 2011-12-02 19:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-01-04 10:44 . 2012-02-17 18:17 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-01-04 08:58 . 2012-02-17 18:17 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2010-01-26 08:11 . 2012-01-23 08:38 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-08-23 19:20 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-12-03 642424] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "WordWeb"="d:\install's\WordWeb\wweb32.exe" [2009-11-08 65216] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-08-23 887976] "ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-08-10 115560] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . c:\users\Magdalena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ VDownloader.lnk - d:\install's\VDownloader\VDownloader.exe [2012-1-23 858624] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-3 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x] R3 Bthipareh_me;Bthipareh_me; [x] R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-27 340240] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Услуга на технологиите за активиране на Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 1166848] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-21 378472] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x] S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-13 138360] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-24 3668336] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 168216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 416024] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-21 312936] "combofix"="c:\combofix\CF15935.3XE" [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Magdalena\AppData\Roaming\Mozilla\Firefox\Profiles\faesx0lq.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . SafeBoot-Symantec Antvirus WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-151414521-1932448694-3614143933-1000\Software\SecuROM\License information*] "datasecu"=hex:2d,45,52,07,ac,29,3d,f2,f2,8d,92,af,fa,3f,3c,46,ab,3f,e3,bf,96, 95,6a,c8,d6,cc,17,e3,f4,de,bd,ce,2f,7a,6f,ab,9c,4f,4e,9a,af,71,e7,54,1b,6b,\ "rkeysecu"=hex:44,cd,8a,b8,b0,33,9b,fd,b8,d5,c5,90,0a,fb,3d,a1 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2012-03-31 11:09:35 - machine was rebooted ComboFix-quarantined-files.txt 2012-03-31 08:09 . Pre-Run: 18 764 070 912 bytes free Post-Run: 18 131 582 976 bytes free . - - End Of File - - 0B53D5C95B08720956E2368A75E63239 Но сега нещо АВ ми не е наред.... Proactive Threat Protection e Off :( Забравих да добавя, че когато ми се стартира Комбофикс, не ми се появиха никакви такива прозорци с въпроси дали да продължи да сканира, дали нещо да се инсталира...директно си почна работа, създаде си лог файла и се саморестартира компютъра. Съжалявам, ако давам някаква излишна информация,но не знам кое да спестя и кое да споделя :(

Редактирано от Magdalena Matanova (преглед на промените)
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Копирайте текста в карето на notepad и го запазвате с име CFScript.txt на десктопа си:

KILLALL::

Driver::
Bthipareh_me


След съхранението преместете CFScript.txt на иконата на ComboFix.exe

Публикувано изображение

Генерирания рапорт прикачете в следващия си пост..!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Вече не ме плаши като не ми се отварят нещата....хванах му цаката :clown:

Ето това е резултатът:

ComboFix 12-03-30.06 - Magdalena 03.2012 г. 21:22:57.2.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.6051.3991 [GMT 3:00]

Running from: c:\users\Magdalena\Desktop\ComboFix.exe

Command switches used :: c:\users\Magdalena\Desktop\CFScript.txt

AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Bthipareh_me

.

.

((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-31 )))))))))))))))))))))))))))))))

.

.

2012-03-31 18:29 . 2012-03-31 18:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-03-31 18:29 . 2012-03-31 18:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-03-14 23:45 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-14 23:45 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-03-14 23:45 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-03-14 07:56 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-14 07:56 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-14 07:56 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-14 07:52 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-14 07:52 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-14 07:52 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-14 07:51 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll

2012-03-14 07:51 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-14 07:51 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-14 07:51 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-14 07:51 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-03-07 07:13 . 2012-03-07 07:13 -------- d-----w- c:\program files (x86)\Common Files\Skype

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-25 18:47 . 2012-02-25 18:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll

2012-01-26 07:24 . 2012-01-09 19:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2012-01-17 07:01 . 2011-12-02 19:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2012-01-04 10:44 . 2012-02-17 18:17 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-01-04 08:58 . 2012-02-17 18:17 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2010-01-26 08:11 . 2012-01-23 08:38 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2012-03-31_08.02.38 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-02-12 11:17 . 2012-03-31 09:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

- 2012-02-12 11:17 . 2012-03-27 09:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

- 2009-07-14 04:54 . 2012-03-31 07:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-03-31 15:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-03-31 07:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-03-31 15:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-03-31 15:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-03-31 07:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 05:10 . 2012-03-31 09:25 29806 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-11-11 01:35 . 2012-03-31 09:25 12502 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-151414521-1932448694-3614143933-1000_UserData.bin

+ 2011-11-11 01:29 . 2012-03-31 18:30 1733 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat

- 2011-11-11 01:29 . 2012-03-31 07:59 1733 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat

- 2012-03-31 08:01 . 2012-03-31 08:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-03-31 18:32 . 2012-03-31 18:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-03-31 18:32 . 2012-03-31 18:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-03-31 08:01 . 2012-03-31 08:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 02:36 . 2012-03-31 09:26 616008 c:\windows\system32\perfh009.dat

- 2009-07-14 02:36 . 2012-03-30 12:28 616008 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-03-31 09:26 106388 c:\windows\system32\perfc009.dat

- 2009-07-14 02:36 . 2012-03-30 12:28 106388 c:\windows\system32\perfc009.dat

- 2011-12-02 16:52 . 2011-07-15 13:35 225328 c:\windows\system32\drivers\wpshelper.sys

+ 2011-12-02 16:52 . 2011-06-23 13:25 225328 c:\windows\system32\drivers\wpshelper.sys

- 2009-07-14 05:01 . 2012-03-31 07:59 404828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-03-31 18:30 404828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2011-12-01 20:20 . 2012-03-31 07:59 11351396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-151414521-1932448694-3614143933-1000-8192.dat

+ 2011-12-01 20:20 . 2012-03-31 18:30 11351396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-151414521-1932448694-3614143933-1000-8192.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTor.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2011-08-23 19:20 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]

"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-12-03 642424]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"WordWeb"="d:\install's\WordWeb\wweb32.exe" [2009-11-08 65216]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-08-23 887976]

"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-08-10 115560]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

.

c:\users\Magdalena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

VDownloader.lnk - d:\install's\VDownloader\VDownloader.exe [2012-1-23 858624]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-3 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]

R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x]

R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-27 340240]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Услуга на технологиите за активиране на Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 1166848]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]

S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-21 378472]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]

S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]

S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]

S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-13 138360]

S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]

S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]

"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 168216]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 416024]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-21 312936]

"combofix"="c:\combofix\CF8703.3XE" [2010-11-20 345088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Magdalena\AppData\Roaming\Mozilla\Firefox\Profiles\faesx0lq.default\

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-151414521-1932448694-3614143933-1000\Software\SecuROM\License information*]

"datasecu"=hex:30,7b,a8,86,1e,f5,a7,d9,47,d9,ed,2f,58,ee,2f,79,fe,a3,f8,74,8b,

4c,fe,9a,82,fa,c7,c8,d3,63,94,71,ea,55,ff,61,4d,61,2e,0e,6b,56,25,2f,14,c2,\

"rkeysecu"=hex:44,cd,8a,b8,b0,33,9b,fd,b8,d5,c5,90,0a,fb,3d,a1

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-03-31 21:40:02 - machine was rebooted

ComboFix-quarantined-files.txt 2012-03-31 18:40

ComboFix2.txt 2012-03-31 08:09

.

Pre-Run: 18 003 664 896 bytes free

Post-Run: 17 327 165 440 bytes free

.

- - End Of File - - E92E491FF1EB90909585B1D2AA9C4D12

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Така,какво е състоянието на системата ви..?Наблюдавате ли промени...?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Така,какво е състоянието на системата ви..?Наблюдавате ли промени...?

Ами,честно казано нищо друго, освен че мишката тия 2-3 дена не ми е забивала и вчера и днес(засега) нямам съобщение за ограничен интернет достъп :)

Процесора пак си шава между 70%-7% при положение, че имам отворени само Mozilla+uTorrent. :rolleyes:

Ето една снимка...(издебнах го, когато System-a беше най-горе).

post-322695-0-59612400-1333281741_thumb.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Деинсталирайте Комбофикс така:

1.Натиснете Start ==> Run ==> въведете командата Combofix /Uninstall ==> OK

Публикувано изображение

2.Изтеглете Публикувано изображениеOTCleanIt или от тук,стартирайте и натиснете Публикувано изображение

Деинсталирай/изтрий всички програмки, фиксове и логове които използвахме в темата (които са останали селд горните процедури).

Контролно сканиране:

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук

* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

* Ако има намерени обновявания, тя ще ги изтегли и инсталира.

* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Коя версия на uTorrent използвате..?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Имам няколко проблема/въпроса: 1/Нещо не виждам Run-a като натисна Start.... 2/Да деинсталирам програмите с Run, a текстовите файлове само с "изтриване" и после изтриване и от кошчето, нали? 3/версията на торент програмата ми е 3.0

post-322695-0-71714100-1333282970_thumb.

Редактирано от Magdalena Matanova (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Клавишна комбинация ==>>> Win бутон + R

Публикувано изображение

....в отворилия се прозорец въвеждате командата Combofix /Uninstall ==> ok

Когато направите процедурите (много е важно да изпълните и двете процедури т.1 и т.2 в същата последователност както съм писал) ако е останало нещо го изтривате. :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтрих Комбофикс. Сега натиснах да се зареди другата програма и да я отворя директно(.zip) или да я запаметя ?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход


×