Harddrive trouble?

S

Sari95

New Member
Hi! I have a 5-year old desktop, which has been working fine up untill the last year. I'm suspecting harddrive problems. Symptoms: Quick start, but when I try to open f.ex. google chrome, spotify or word, it takes up to 2-3 minutes. If I wait about 5+ mins, the computer works fine most of the times. About 20 minutes ago it froze. I was listening to music on spotify and browsing the web when it suddenly froze and the music "lagged", but didn't stop.

Are these harddrive problems or is it a different component? If so, which?

Thanks in advance! :D
 
johnb35

johnb35

Administrator
Staff member
Sounds like an HDD issue. Have you tested it for erros? You also could be infected. Have you scanned your system with Malwarebytes?
 
johnb35

johnb35

Administrator
Staff member
What brand of hard drive is it?

Do the following and post the logs.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com but DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Vista and Windows 7 users must right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon to get it to appear.



Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
S

Sari95

New Member
All right, Malwarebyte is scanning, but I am having trouble with Hijackthis. After a scan when it asks me to save a file, I choose yes, but the notepad is blank. What's wrong here ;o?
 
johnb35

johnb35

Administrator
Staff member
johnb35 said:
Vista and Windows 7 users must right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon to get it to appear.
Click to expand...

You must do this.
 
S

Sari95

New Member
Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:36, on 19.06.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Norman\Npm\Bin\zlh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Hjemme\AppData\Roaming\DRPSu\DrvUpdater.exe
C:\Users\Hjemme\AppData\Roaming\Spotify\spotify.exe
C:\Users\Hjemme\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iolo\System Mechanic Professional\SMTrayNotify.exe
C:\Program Files\Norman\Nvc\Bin\cclaw.exe
C:\Windows\system32\taskeng.exe
C:\Users\Hjemme\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hjemme\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hjemme\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Hjemme\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Users\Hjemme\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Google Update] "C:\Users\Hjemme\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DrvUpdater] C:\Users\Hjemme\AppData\Roaming\DRPSu\DrvUpdater.exe /hide
O4 - HKCU\..\Run: [Spotify] "C:\Users\Hjemme\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Hjemme\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-670658707-487112319-1562576965-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-670658707-487112319-1562576965-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\elogsvc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe
O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe
O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program Files\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 10228 bytes




Malwarebytes:


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.18.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Hjemme :: HJEMME-PC [administrator]

Protection: Enabled

18.06.2012 22:55:22
mbam-log-2012-06-18 (22-55-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214307
Time elapsed: 20 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
spirit

spirit

Moderator
Staff member
Well it might be worth downloading a hard drive diagnostics tool (your HDD manufacturer should have one available to download) and running a scan with that to check for bad sectors. You could possibly have a bad drive - have you had any blue screens or lots of intermittent freezes/crashes lately?
 
johnb35

johnb35

Administrator
Staff member
Sorry for not getting back to you. Must have missed this post.

1.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

infection-found.jpg


To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.

When it has finished cleaning the infection you will see a report stating whether or not it was successful as shown below.

scan-completed.jpg


If the log says will be cured after reboot, please reboot the system by pressing the reboot now button.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it. Please open the log and copy and paste it back here.

2.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
  • Download this file here :

    Combofix

  • When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
  • Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.

    cf-icon.jpg
  • We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
    Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  • Please click on I agree on the disclaimer window.
  • ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.

    cf-preparing.jpg

  • ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.

    erunt.jpg

  • Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:

    recovery-console-prompt.jpg

  • At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  • Please click on yes in the next window to continue scanning for malware.
  • ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  • ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.

    still-scanning-clockchanges.jpg

  • When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  • This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  • When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  • Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.


In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
S

S3P3HR

New Member
Rootin checks ...

I don't know but sounds more like a software problem to me ... Maybe I missed it , but we would be more helpful if you posted some specs.

Define 5 year old . Meaning is only your hardware 5 year old or your operating system as well ?

My Solution is check your S.M.A.R.T values that confirm your HDD is healty then reinstall or install alongside , another OS . If you still get problems it is a hardware issue and pinpointing the cause will be much harder .

I would recommend to do these steps . They are quite simple Checks .

1- Do a S.M.A.R.T check . S.M.A.R.T is a build in utility that can give you a heads up about HDD Failing . there are many programs available like GSmart Control . Post if you see any errors .

2- Do a virus scan . Mal-ware bytes is good . See if it solves .

3- Faulty driver , Boot up in safe Mode . See if it solves .

4- Install SpeedFan . Look for overheating or undervoltage signs .

5- Install a new copy of windows alongside your current OS . See if it solves . Alternative any linux can run without installation even from a 2Gb flash drive (USB 2) . and still use almost all its features ...

Steps below are risky :

1- Do a registry cleaning . Do a backup before and take in mind that it can cause problems as well . I would recommend Yamicsoft Windows ( ? ) manager . you can also do a disk defragment but I don't think it will cure your system with extreme hangs .

2- reinstall all or common drivers with updated versions

3- Having 2 different brands or speed in RAM cause instability . Think back in any hardware upgrades from when the problems started .

Hope it Helps ...
 
S

Sari95

New Member
Combofix:



ComboFix 12-07-01.04 - Hjemme 02.07.2012 9:45.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1033.18.2047.1021 [GMT 2:00]
Kjører fra: c:\users\Hjemme\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\RustyHearts_PWE_Setup_20111107_v5.exe
.
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2012-06-02 til 2012-07-02 )))))))))))))))))))))))))))))))))
.
.
2012-06-30 11:50 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5254449F-6BEB-4A39-A1DE-A8A5DC8A3937}\mpengine.dll
2012-06-19 15:17 . 2012-06-19 15:17 -------- d-----w- c:\users\Hjemme\AppData\Roaming\Unity
2012-06-19 11:48 . 2012-06-19 11:48 -------- d-----w- c:\users\Hjemme\AppData\Local\Unity
2012-06-19 09:07 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 09:07 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 09:07 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 09:07 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 09:06 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-19 09:06 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 09:06 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 09:06 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 09:06 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-18 21:02 . 2012-06-18 21:02 388096 ----a-r- c:\users\Hjemme\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-18 21:02 . 2012-06-18 21:02 -------- d-----w- c:\program files\Trend Micro
2012-06-18 20:57 . 2012-06-18 20:57 -------- d-----w- c:\users\Hjemme\AppData\Roaming\LolClient2
2012-06-18 20:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-06-18 20:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-06-18 20:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-06-18 20:41 . 2012-06-18 20:41 -------- d-----w- c:\users\Hjemme\AppData\Roaming\Malwarebytes
2012-06-18 20:40 . 2012-06-18 20:40 -------- d-----w- c:\programdata\Malwarebytes
2012-06-18 20:40 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-18 20:40 . 2012-06-18 20:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-18 19:54 . 2012-06-19 20:22 -------- d-----w- c:\program files\League of Legends
2012-06-18 07:08 . 2012-06-18 07:08 -------- d-----w- c:\program files\Common Files\Java
2012-06-18 07:08 . 2012-06-18 07:08 -------- d-----w- c:\program files\Oracle
2012-06-18 07:06 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-18 07:06 . 2012-06-18 07:06 -------- d-----w- c:\program files\Java
2012-06-14 14:17 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-14 14:17 . 2012-04-28 04:41 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-06-14 14:17 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 14:17 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 14:17 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 14:17 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 14:17 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 14:15 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 13:47 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 13:47 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 13:47 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-04 22:13 . 2012-06-04 22:13 -------- d-----w- c:\users\Default\AppData\Roaming\iolo
2012-06-04 18:45 . 2012-06-04 18:46 -------- d-----w- c:\program files\Google
2012-06-03 15:22 . 2012-06-03 15:22 -------- d-----w- c:\windows\sr-Latn-CS
2012-06-03 15:22 . 2012-06-03 15:22 -------- d-----w- c:\windows\system32\wbem\sr-Latn-CS
2012-06-03 15:22 . 2012-06-03 15:22 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2012-06-03 15:05 . 2012-06-03 15:05 -------- d-----w- c:\windows\system32\sv
2012-06-03 15:05 . 2012-06-03 15:05 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-06-03 15:05 . 2012-06-03 15:05 -------- d-----w- c:\windows\system32\drivers\sv-SE
2012-06-03 15:05 . 2012-06-03 15:05 -------- d-----w- c:\windows\system32\wbem\sv-SE
2012-06-03 15:05 . 2012-06-03 15:05 -------- d-----w- c:\windows\sv-SE
2012-06-03 14:50 . 2009-07-13 16:37 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sv-SE\LXKPTPRC.DLL.mui
2012-06-03 14:47 . 2012-06-03 14:47 -------- d-----w- c:\windows\uk-UA
2012-06-03 14:47 . 2012-06-03 14:47 -------- d-----w- c:\windows\system32\drivers\uk-UA
2012-06-03 14:47 . 2012-06-03 14:47 -------- d-----w- c:\windows\system32\wbem\uk-UA
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- c:\windows\ja-JP
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- c:\windows\system32\ja
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- c:\windows\system32\drivers\ja-JP
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- c:\windows\system32\0411
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- c:\windows\system32\wbem\ja-JP
2012-06-03 14:09 . 2010-11-20 02:20 266240 ----a-w- c:\windows\system32\lzhfldr2.dll
2012-06-03 14:09 . 2009-07-13 17:43 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ja-JP\LXKPTPRC.DLL.mui
2012-06-03 14:09 . 2009-07-13 16:15 377856 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mshwjpn.dll
2012-06-03 14:09 . 2009-07-13 16:15 1179136 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\imjplm.dll
2012-06-03 14:09 . 2009-07-13 16:15 9728 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\dicjp.dll
2012-06-03 14:09 . 2009-07-13 16:07 11507712 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mshwjpnr.dll
2012-06-03 14:05 . 2012-06-03 14:05 -------- d-----w- c:\windows\system32\hu
2012-06-03 14:05 . 2012-06-03 14:05 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-06-03 14:05 . 2012-06-03 14:05 -------- d-----w- c:\windows\system32\drivers\hu-HU
2012-06-03 14:05 . 2012-06-03 14:05 -------- d-----w- c:\windows\system32\wbem\hu-HU
2012-06-03 14:05 . 2012-06-03 14:05 -------- d-----w- c:\windows\hu-HU
2012-06-03 13:50 . 2009-07-13 16:38 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hu-HU\LXKPTPRC.DLL.mui
2012-06-03 13:48 . 2012-06-03 13:48 -------- d-----w- c:\program files\Microsoft Silverlight
2012-06-03 13:46 . 2012-06-03 13:46 -------- d-----w- c:\windows\system32\he
2012-06-03 13:46 . 2012-06-03 13:46 -------- d-----w- c:\windows\system32\drivers\UMDF\he-IL
2012-06-03 13:46 . 2012-06-03 13:46 -------- d-----w- c:\windows\system32\drivers\he-IL
2012-06-03 13:46 . 2012-06-03 13:46 -------- d-----w- c:\windows\system32\wbem\he-IL
2012-06-03 13:46 . 2012-06-03 13:46 -------- d-----w- c:\windows\he-IL
2012-06-03 13:31 . 2009-07-13 16:33 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\he-IL\LXKPTPRC.DLL.mui
2012-06-03 13:28 . 2012-06-03 13:28 -------- d-----w- c:\windows\nl-NL
2012-06-03 13:28 . 2012-06-03 13:28 -------- d-----w- c:\windows\system32\nl
2012-06-03 13:28 . 2012-06-03 13:28 -------- d-----w- c:\windows\system32\0413
2012-06-03 13:28 . 2012-06-03 13:28 -------- d-----w- c:\windows\system32\drivers\nl-NL
2012-06-03 13:28 . 2012-06-03 13:28 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2012-06-03 13:28 . 2012-06-03 13:28 -------- d-----w- c:\windows\system32\wbem\nl-NL
2012-06-03 13:14 . 2009-07-13 16:39 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\nl-NL\LXKPTPRC.DLL.mui
2012-06-03 13:11 . 2012-06-03 13:11 -------- d-----w- c:\windows\lv-LV
2012-06-03 13:11 . 2012-06-03 13:11 -------- d-----w- c:\windows\system32\wbem\lv-LV
2012-06-03 13:11 . 2012-06-03 13:11 -------- d-----w- c:\windows\system32\drivers\lv-LV
2012-06-03 12:58 . 2012-06-03 12:58 -------- d-----w- c:\windows\el-GR
2012-06-03 12:58 . 2012-06-03 12:58 -------- d-----w- c:\windows\system32\el
2012-06-03 12:58 . 2012-06-03 12:58 -------- d-----w- c:\windows\system32\drivers\el-GR
2012-06-03 12:58 . 2012-06-03 12:58 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-06-03 12:58 . 2012-06-03 12:58 -------- d-----w- c:\windows\system32\wbem\el-GR
2012-06-03 12:44 . 2009-07-13 16:41 4096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\el-GR\LXKPTPRC.DLL.mui
2012-06-03 12:42 . 2012-06-03 12:42 -------- d-----w- c:\windows\lt-LT
2012-06-03 12:42 . 2012-06-03 12:42 -------- d-----w- c:\windows\system32\wbem\lt-LT
2012-06-03 12:42 . 2012-06-03 12:42 -------- d-----w- c:\windows\system32\drivers\lt-LT
2012-06-03 12:28 . 2012-06-03 12:28 -------- d-----w- c:\windows\system32\ar
2012-06-03 12:28 . 2012-06-03 12:28 -------- d-----w- c:\windows\ar-SA
2012-06-03 12:28 . 2012-06-03 12:28 -------- d-----w- c:\windows\system32\drivers\ar-SA
2012-06-03 12:28 . 2012-06-03 12:28 -------- d-----w- c:\windows\system32\drivers\UMDF\ar-SA
2012-06-03 12:28 . 2012-06-03 12:28 -------- d-----w- c:\windows\system32\wbem\ar-SA
2012-06-03 12:14 . 2009-07-13 16:42 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ar-SA\LXKPTPRC.DLL.mui
2012-06-03 12:11 . 2012-06-03 12:11 -------- d-----w- c:\windows\pt-PT
2012-06-03 12:11 . 2012-06-03 12:11 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
2012-06-03 12:11 . 2012-06-03 12:11 -------- d-----w- c:\windows\system32\drivers\pt-PT
2012-06-03 12:11 . 2012-06-03 12:11 -------- d-----w- c:\windows\system32\wbem\pt-PT
2012-06-03 12:11 . 2012-06-03 12:11 -------- d-----w- c:\windows\system32\pt
2012-06-03 11:59 . 2009-07-13 16:38 4096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-PT\LXKPTPRC.DLL.mui
2012-06-03 11:56 . 2012-06-03 11:56 -------- d-----w- c:\windows\da-DK
2012-06-03 11:56 . 2012-06-03 11:56 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-06-03 11:56 . 2012-06-03 11:56 -------- d-----w- c:\windows\system32\drivers\da-DK
2012-06-03 11:56 . 2012-06-03 11:56 -------- d-----w- c:\windows\system32\da
2012-06-03 11:56 . 2012-06-03 11:56 -------- d-----w- c:\windows\system32\wbem\da-DK
2012-06-03 11:44 . 2009-07-13 16:42 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\da-DK\LXKPTPRC.DLL.mui
2012-06-03 11:42 . 2012-06-03 11:42 -------- d-----w- c:\windows\system32\es
2012-06-03 11:42 . 2012-06-03 11:42 -------- d-----w- c:\windows\system32\drivers\UMDF\es-ES
2012-06-03 11:42 . 2012-06-03 11:42 -------- d-----w- c:\windows\system32\0C0A
2012-06-03 11:42 . 2012-06-03 11:42 -------- d-----w- c:\windows\system32\drivers\es-ES
2012-06-03 11:41 . 2012-06-03 11:41 -------- d-----w- c:\windows\system32\wbem\es-ES
2012-06-03 11:41 . 2012-06-03 11:41 -------- d-----w- c:\windows\es-ES
2012-06-03 11:30 . 2009-07-13 16:37 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\es-ES\LXKPTPRC.DLL.mui
2012-06-03 11:27 . 2012-06-03 11:27 -------- d-----w- c:\windows\pl-PL
2012-06-03 11:27 . 2012-06-03 11:27 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL
2012-06-03 11:27 . 2012-06-03 11:27 -------- d-----w- c:\windows\system32\drivers\pl-PL
2012-06-03 11:27 . 2012-06-03 11:27 -------- d-----w- c:\windows\system32\wbem\pl-PL
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-22 17:53 . 2012-05-22 17:53 74703 ----a-w- c:\windows\system32\mfc45.dll
2012-05-20 21:41 . 2012-05-20 21:41 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-05-20 21:41 . 2012-05-20 21:41 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-15 10:26 . 2011-05-21 04:01 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-05-15 10:26 . 2011-05-21 04:01 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:26 . 2011-05-21 04:01 2368832 ----a-w- c:\windows\system32\nvapi.dll
2012-05-15 10:26 . 2011-05-21 04:01 15322432 ----a-w- c:\windows\system32\nvd3dum.dll
2012-05-15 09:28 . 2012-03-30 21:53 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:28 . 2012-03-30 21:53 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:28 . 2012-03-30 21:53 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:28 . 2012-03-30 21:53 3931456 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 09:27 . 2012-03-30 21:53 2759488 ----a-w- c:\windows\system32\nvsvc.dll
2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\system32\nvStreaming.exe
2012-05-04 17:29 . 2012-04-04 08:09 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-23 16:05 . 2012-04-23 16:05 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-04-19 10:20 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-04-17 06:25 . 2012-05-22 17:55 27080 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys
2012-04-06 07:23 . 2012-04-06 07:23 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- c:\program files\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"DrvUpdater"="c:\users\Hjemme\AppData\Roaming\DRPSu\DrvUpdater.exe" [2012-03-29 195256]
"Spotify Web Helper"="c:\users\Hjemme\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-03 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1246544]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2012-05-20 296056]
"iolo Startup"="c:\program files\iolo\Common\Lib\ioloLManager.exe" [2009-11-25 346040]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 163944]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 gupdate;Google-oppdatering-tjenesten (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [x]
R3 gupdatem;Google-oppdatering-tjenesten (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 amacpi;Microsoft Away Mode System;c:\windows\system32\DRIVERS\null.sys [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [x]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [x]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [x]
.
.
--- Andre tjenester/drivere lastet i minnet ---
.
*NewlyCreated* - WS2IFSL
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-04 18:45]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-04 18:45]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670658707-487112319-1562576965-1000Core.job
- c:\users\Hjemme\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31 06:44]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670658707-487112319-1562576965-1000UA.job
- c:\users\Hjemme\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31 06:44]
.
.
------- Tilleggsskanning -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.0.1
.
- - - - TOMME PEKERE FJERNET - - - -
.
AddRemove-SiS163u - c:\windows\system32\unwlsdrv.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: ST325082 rev.3.AA -> Harddisk1\DR1 -> \Device\0000005d
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 488397166 (+2): user != kernel
.
**************************************************************************
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2012-07-02 10:00:33
ComboFix-quarantined-files.txt 2012-07-02 08:00
.
Pre-Run: 114*140*831*744 bytes free
Post-Run: 114*381*647*872 bytes free
.
- - End Of File - - 68E3024360EB9D65FC2E2F4976989FA7


Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:22, on 02.07.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\conhost.exe
C:\ComboFix\PEV.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DrvUpdater] C:\Users\Hjemme\AppData\Roaming\DRPSu\DrvUpdater.exe /hide
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Hjemme\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-21-670658707-487112319-1562576965-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-670658707-487112319-1562576965-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 7282 bytes
 
S

Sari95

New Member
09:12:01.0406 5740 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
09:12:02.0733 5740 ============================================================
09:12:02.0733 5740 Current date / time: 2012/07/02 09:12:02.0733
09:12:02.0733 5740 SystemInfo:
09:12:02.0733 5740
09:12:02.0733 5740 OS Version: 6.1.7601 ServicePack: 1.0
09:12:02.0733 5740 Product type: Workstation
09:12:02.0733 5740 ComputerName: HJEMME-PC
09:12:02.0733 5740 UserName: Hjemme
09:12:02.0733 5740 Windows directory: C:\Windows
09:12:02.0733 5740 System windows directory: C:\Windows
09:12:02.0733 5740 Processor architecture: Intel x86
09:12:02.0733 5740 Number of processors: 2
09:12:02.0733 5740 Page size: 0x1000
09:12:02.0733 5740 Boot type: Normal boot
09:12:02.0733 5740 ============================================================
09:12:06.0054 5740 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:12:06.0084 5740 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:12:06.0124 5740 ============================================================
09:12:06.0124 5740 \Device\Harddisk0\DR0:
09:12:06.0134 5740 MBR partitions:
09:12:06.0134 5740 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x1292D800
09:12:06.0134 5740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1412E000, BlocksNum 0x9097000
09:12:06.0134 5740 \Device\Harddisk1\DR1:
09:12:06.0134 5740 MBR partitions:
09:12:06.0134 5740 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
09:12:06.0134 5740 ============================================================
09:12:06.0504 5740 C: <-> \Device\Harddisk1\DR1\Partition0
09:12:06.0534 5740 D: <-> \Device\Harddisk0\DR0\Partition0
09:12:06.0564 5740 E: <-> \Device\Harddisk0\DR0\Partition1
09:12:06.0574 5740 ============================================================
09:12:06.0574 5740 Initialize success
09:12:06.0574 5740 ============================================================
09:12:09.0724 4800 ============================================================
09:12:09.0724 4800 Scan started
09:12:09.0724 4800 Mode: Manual;
09:12:09.0724 4800 ============================================================
09:12:15.0794 4800 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:12:15.0964 4800 1394ohci - ok
09:12:17.0054 4800 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:12:17.0154 4800 ACPI - ok
09:12:17.0334 4800 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:12:17.0424 4800 AcpiPmi - ok
09:12:19.0114 4800 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:12:19.0304 4800 adp94xx - ok
09:12:19.0944 4800 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:12:20.0344 4800 adpahci - ok
09:12:20.0774 4800 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:12:20.0874 4800 adpu320 - ok
09:12:21.0154 4800 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:12:21.0364 4800 AeLookupSvc - ok
09:12:22.0804 4800 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:12:22.0964 4800 AFD - ok
09:12:23.0284 4800 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:12:23.0364 4800 agp440 - ok
09:12:23.0744 4800 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:12:23.0844 4800 aic78xx - ok
09:12:24.0404 4800 ALE_NF (a8496dd35434103902da9236ff719ec5) C:\Windows\system32\drivers\ale_nf.sys
09:12:24.0574 4800 ALE_NF - ok
09:12:25.0264 4800 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:12:25.0374 4800 ALG - ok
09:12:25.0574 4800 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:12:25.0884 4800 aliide - ok
09:12:26.0014 4800 amacpi (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\DRIVERS\null.sys
09:12:26.0064 4800 amacpi - ok
09:12:26.0274 4800 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:12:26.0334 4800 amdagp - ok
09:12:26.0474 4800 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:12:26.0554 4800 amdide - ok
09:12:26.0914 4800 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:12:27.0024 4800 AmdK8 - ok
09:12:27.0514 4800 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:12:27.0634 4800 AmdPPM - ok
09:12:28.0064 4800 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:12:28.0214 4800 amdsata - ok
09:12:28.0784 4800 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:12:28.0914 4800 amdsbs - ok
09:12:29.0054 4800 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:12:29.0254 4800 amdxata - ok
09:12:29.0564 4800 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:12:29.0654 4800 AppID - ok
09:12:29.0744 4800 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:12:29.0824 4800 AppIDSvc - ok
09:12:29.0874 4800 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:12:29.0944 4800 Appinfo - ok
09:12:29.0994 4800 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
09:12:30.0094 4800 AppMgmt - ok
09:12:30.0184 4800 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:12:30.0284 4800 arc - ok
09:12:30.0314 4800 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:12:30.0404 4800 arcsas - ok
09:12:30.0444 4800 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:12:30.0494 4800 AsyncMac - ok
09:12:30.0544 4800 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:12:30.0604 4800 atapi - ok
09:12:30.0784 4800 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:30.0934 4800 AudioEndpointBuilder - ok
09:12:30.0944 4800 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:30.0944 4800 Audiosrv - ok
09:12:31.0014 4800 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:12:31.0234 4800 AxInstSV - ok
09:12:31.0334 4800 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:12:31.0474 4800 b06bdrv - ok
09:12:31.0534 4800 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:12:31.0664 4800 b57nd60x - ok
09:12:31.0704 4800 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:12:31.0814 4800 BDESVC - ok
09:12:31.0864 4800 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:12:31.0914 4800 Beep - ok
09:12:31.0994 4800 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
09:12:32.0134 4800 BFE - ok
09:12:32.0214 4800 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:12:32.0394 4800 BITS - ok
09:12:32.0434 4800 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:12:32.0514 4800 blbdrive - ok
09:12:32.0554 4800 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:12:32.0614 4800 bowser - ok
09:12:32.0674 4800 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:12:32.0874 4800 BrFiltLo - ok
09:12:32.0894 4800 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:12:32.0944 4800 BrFiltUp - ok
09:12:32.0994 4800 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:12:33.0094 4800 Browser - ok
09:12:33.0174 4800 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:12:33.0304 4800 Brserid - ok
09:12:33.0344 4800 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:12:33.0414 4800 BrSerWdm - ok
09:12:33.0444 4800 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:12:33.0494 4800 BrUsbMdm - ok
09:12:33.0544 4800 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:12:33.0624 4800 BrUsbSer - ok
09:12:33.0694 4800 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:12:33.0814 4800 BTHMODEM - ok
09:12:33.0894 4800 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:12:33.0964 4800 bthserv - ok
09:12:34.0034 4800 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:12:34.0094 4800 cdfs - ok
09:12:34.0184 4800 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:12:34.0274 4800 cdrom - ok
09:12:34.0324 4800 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:34.0394 4800 CertPropSvc - ok
09:12:34.0434 4800 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:12:34.0494 4800 circlass - ok
09:12:34.0544 4800 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:12:34.0714 4800 CLFS - ok
09:12:34.0804 4800 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:12:34.0964 4800 clr_optimization_v2.0.50727_32 - ok
09:12:35.0074 4800 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:12:35.0274 4800 clr_optimization_v4.0.30319_32 - ok
09:12:35.0294 4800 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:12:35.0344 4800 CmBatt - ok
09:12:35.0394 4800 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:12:35.0464 4800 cmdide - ok
09:12:35.0584 4800 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
09:12:35.0674 4800 CNG - ok
09:12:35.0714 4800 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:12:35.0774 4800 Compbatt - ok
09:12:35.0864 4800 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
09:12:35.0954 4800 CompositeBus - ok
09:12:35.0984 4800 COMSysApp - ok
09:12:36.0014 4800 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:12:36.0074 4800 crcdisk - ok
09:12:36.0264 4800 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
09:12:36.0354 4800 CryptSvc - ok
09:12:36.0424 4800 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
09:12:36.0564 4800 CSC - ok
09:12:36.0674 4800 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
09:12:36.0874 4800 CscService - ok
09:12:36.0934 4800 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:36.0944 4800 DcomLaunch - ok
09:12:36.0974 4800 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:12:37.0074 4800 defragsvc - ok
09:12:37.0184 4800 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:12:37.0254 4800 DfsC - ok
09:12:37.0324 4800 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:12:37.0484 4800 Dhcp - ok
09:12:37.0544 4800 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:12:37.0614 4800 discache - ok
09:12:37.0734 4800 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:12:37.0831 4800 Disk - ok
09:12:37.0880 4800 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
09:12:37.0992 4800 Dnscache - ok
09:12:38.0032 4800 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:12:38.0228 4800 dot3svc - ok
09:12:38.0284 4800 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:12:38.0365 4800 DPS - ok
09:12:38.0404 4800 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:12:38.0456 4800 drmkaud - ok
09:12:38.0527 4800 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
09:12:38.0582 4800 DrvAgent32 - ok
09:12:38.0643 4800 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:12:38.0865 4800 dtsoftbus01 - ok
09:12:38.0975 4800 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:12:39.0189 4800 DXGKrnl - ok
09:12:39.0231 4800 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:12:39.0376 4800 EapHost - ok
09:12:39.0706 4800 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:12:40.0225 4800 ebdrv - ok
09:12:40.0404 4800 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:12:40.0487 4800 EFS - ok
09:12:40.0935 4800 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:12:41.0050 4800 ehRecvr - ok
09:12:41.0087 4800 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:12:41.0176 4800 ehSched - ok
09:12:41.0325 4800 eLoggerSvc6 (05cc05c83efae4e98eeae223dc22234f) C:\Program Files\Norman\Npm\Bin\elogsvc.exe
09:12:41.0604 4800 eLoggerSvc6 - ok
09:12:41.0987 4800 ElRawDisk (e00cdaed2c0dbdc60c6e5d000dee01e9) C:\Windows\system32\drivers\ElRawDsk.sys
09:12:42.0070 4800 ElRawDisk - ok
09:12:42.0183 4800 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:12:42.0303 4800 elxstor - ok
09:12:42.0340 4800 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:12:42.0428 4800 ErrDev - ok
09:12:42.0853 4800 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:12:43.0031 4800 EventSystem - ok
09:12:43.0172 4800 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:12:43.0263 4800 exfat - ok
09:12:43.0284 4800 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:12:43.0349 4800 fastfat - ok
09:12:43.0515 4800 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:12:43.0819 4800 Fax - ok
09:12:43.0857 4800 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:12:43.0920 4800 fdc - ok
09:12:43.0953 4800 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:12:44.0017 4800 fdPHost - ok
09:12:44.0069 4800 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:12:44.0140 4800 FDResPub - ok
09:12:44.0274 4800 FileDisk (0694585d54bf46379ce41aee2b6864aa) C:\Windows\system32\drivers\FileDisk.sys
09:12:44.0380 4800 FileDisk - ok
09:12:44.0401 4800 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:12:44.0508 4800 FileInfo - ok
09:12:44.0548 4800 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:12:44.0704 4800 Filetrace - ok
09:12:44.0730 4800 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:12:44.0784 4800 flpydisk - ok
09:12:44.0860 4800 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:12:44.0966 4800 FltMgr - ok
09:12:45.0478 4800 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:12:45.0856 4800 FontCache - ok
09:12:45.0945 4800 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:12:46.0049 4800 FontCache3.0.0.0 - ok
09:12:46.0300 4800 ForceWare Intelligent Application Manager (IAM) (c96c52d0d80666af585516ffa97b7c00) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
09:12:46.0575 4800 ForceWare Intelligent Application Manager (IAM) - ok
09:12:46.0664 4800 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:12:46.0763 4800 FsDepends - ok
09:12:46.0809 4800 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:12:46.0909 4800 Fs_Rec - ok
09:12:46.0990 4800 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:12:47.0073 4800 fvevol - ok
09:12:47.0128 4800 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:12:47.0211 4800 gagp30kx - ok
09:12:47.0274 4800 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:12:47.0465 4800 gpsvc - ok
09:12:47.0659 4800 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:47.0844 4800 gupdate - ok
09:12:47.0877 4800 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:47.0878 4800 gupdatem - ok
09:12:47.0921 4800 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:12:48.0007 4800 hcw85cir - ok
09:12:48.0085 4800 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
09:12:48.0289 4800 HdAudAddService - ok
09:12:48.0402 4800 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
09:12:48.0491 4800 HDAudBus - ok
09:12:48.0537 4800 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:12:48.0606 4800 HidBatt - ok
09:12:48.0649 4800 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:12:48.0725 4800 HidBth - ok
09:12:48.0776 4800 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:12:49.0062 4800 HidIr - ok
09:12:49.0300 4800 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:12:49.0427 4800 hidserv - ok
09:12:50.0024 4800 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:12:50.0134 4800 HidUsb - ok
09:12:50.0222 4800 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:12:50.0319 4800 hkmsvc - ok
09:12:50.0379 4800 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:12:50.0649 4800 HomeGroupListener - ok
09:12:50.0704 4800 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:12:50.0823 4800 HomeGroupProvider - ok
09:12:50.0880 4800 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:12:51.0029 4800 HpSAMD - ok
09:12:51.0095 4800 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:12:51.0248 4800 HTTP - ok
09:12:51.0306 4800 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:12:51.0361 4800 hwpolicy - ok
09:12:51.0432 4800 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:12:51.0549 4800 i8042prt - ok
09:12:51.0618 4800 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:12:51.0723 4800 iaStorV - ok
09:12:51.0857 4800 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:12:52.0151 4800 IDriverT - ok
09:12:52.0332 4800 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:12:52.0629 4800 idsvc - ok
09:12:52.0749 4800 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:12:52.0829 4800 iirsp - ok
09:12:52.0911 4800 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:12:53.0038 4800 IKEEXT - ok
09:12:53.0274 4800 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:\Windows\system32\drivers\RTKVHDA.sys
09:12:53.0760 4800 IntcAzAudAddService - ok
09:12:53.0977 4800 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:12:54.0035 4800 intelide - ok
09:12:54.0161 4800 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:12:54.0221 4800 intelppm - ok
09:12:54.0360 4800 ioloFileInfoList (1d74fef2036f462cdba97d074427ed13) C:\Program Files\iolo\common\lib\ioloServiceManager.exe
09:12:57.0029 4800 ioloFileInfoList - ok
09:12:57.0060 4800 ioloSystemService (1d74fef2036f462cdba97d074427ed13) C:\Program Files\iolo\common\lib\ioloServiceManager.exe
09:12:57.0066 4800 ioloSystemService - ok
09:12:57.0110 4800 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:12:57.0197 4800 IPBusEnum - ok
09:12:57.0232 4800 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:12:57.0314 4800 IpFilterDriver - ok
09:12:57.0393 4800 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
09:12:57.0620 4800 iphlpsvc - ok
09:12:57.0658 4800 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:12:57.0738 4800 IPMIDRV - ok
09:12:57.0766 4800 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:12:57.0913 4800 IPNAT - ok
09:12:57.0934 4800 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:12:57.0996 4800 IRENUM - ok
09:12:58.0045 4800 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:12:58.0109 4800 isapnp - ok
09:12:58.0162 4800 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:12:58.0364 4800 iScsiPrt - ok
09:12:58.0421 4800 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:12:58.0491 4800 kbdclass - ok
09:12:58.0556 4800 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
09:12:58.0611 4800 kbdhid - ok
09:12:58.0645 4800 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:58.0648 4800 KeyIso - ok
09:12:58.0665 4800 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
09:12:58.0736 4800 KSecDD - ok
09:12:58.0875 4800 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
09:12:59.0009 4800 KSecPkg - ok
09:12:59.0074 4800 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:12:59.0217 4800 KtmRm - ok
09:12:59.0277 4800 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:12:59.0388 4800 LanmanServer - ok
09:12:59.0430 4800 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:12:59.0543 4800 LanmanWorkstation - ok
09:12:59.0635 4800 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:12:59.0761 4800 lltdio - ok
09:12:59.0807 4800 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:12:59.0887 4800 lltdsvc - ok
09:12:59.0930 4800 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:13:00.0019 4800 lmhosts - ok
09:13:00.0108 4800 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:13:00.0228 4800 LSI_FC - ok
09:13:00.0269 4800 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:13:00.0361 4800 LSI_SAS - ok
09:13:00.0409 4800 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:13:00.0498 4800 LSI_SAS2 - ok
09:13:00.0531 4800 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:13:00.0642 4800 LSI_SCSI - ok
09:13:00.0733 4800 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:13:00.0848 4800 luafv - ok
09:13:00.0901 4800 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
09:13:00.0957 4800 MBAMProtector - ok
09:13:01.0154 4800 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:13:01.0685 4800 MBAMService - ok
09:13:01.0814 4800 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:13:01.0918 4800 Mcx2Svc - ok
09:13:01.0960 4800 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:13:02.0024 4800 megasas - ok
09:13:02.0081 4800 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:13:02.0212 4800 MegaSR - ok
09:13:02.0407 4800 Microsoft SharePoint Workspace Audit Service - ok
09:13:02.0457 4800 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:13:02.0526 4800 MMCSS - ok
09:13:02.0555 4800 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:13:02.0622 4800 Modem - ok
09:13:02.0692 4800 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:13:02.0813 4800 monitor - ok
09:13:02.0976 4800 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:13:03.0058 4800 mouclass - ok
09:13:03.0116 4800 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:13:03.0180 4800 mouhid - ok
09:13:03.0219 4800 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:13:03.0286 4800 mountmgr - ok
09:13:03.0330 4800 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:13:03.0449 4800 mpio - ok
09:13:03.0495 4800 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:13:03.0630 4800 mpsdrv - ok
09:13:03.0777 4800 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
09:13:03.0941 4800 MpsSvc - ok
09:13:04.0016 4800 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:13:04.0115 4800 MRxDAV - ok
09:13:04.0154 4800 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:13:04.0251 4800 mrxsmb - ok
09:13:04.0298 4800 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:13:04.0437 4800 mrxsmb10 - ok
09:13:04.0482 4800 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:13:04.0642 4800 mrxsmb20 - ok
09:13:04.0706 4800 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:13:04.0766 4800 msahci - ok
09:13:04.0830 4800 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:13:04.0912 4800 msdsm - ok
09:13:04.0956 4800 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:13:05.0046 4800 MSDTC - ok
09:13:05.0095 4800 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:13:05.0167 4800 Msfs - ok
09:13:05.0207 4800 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:13:05.0271 4800 mshidkmdf - ok
09:13:05.0319 4800 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:13:05.0415 4800 msisadrv - ok
09:13:05.0447 4800 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:13:05.0539 4800 MSiSCSI - ok
09:13:05.0544 4800 msiserver - ok
09:13:05.0600 4800 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:13:05.0656 4800 MSKSSRV - ok
09:13:05.0739 4800 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:13:05.0857 4800 MSPCLOCK - ok
09:13:05.0900 4800 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:13:06.0006 4800 MSPQM - ok
09:13:06.0034 4800 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:13:06.0109 4800 MsRPC - ok
09:13:06.0164 4800 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
09:13:06.0222 4800 mssmbios - ok
09:13:06.0275 4800 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:13:06.0374 4800 MSTEE - ok
09:13:06.0410 4800 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:13:06.0470 4800 MTConfig - ok
09:13:06.0509 4800 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:13:06.0586 4800 Mup - ok
09:13:06.0638 4800 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:13:06.0906 4800 napagent - ok
09:13:06.0968 4800 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:13:07.0072 4800 NativeWifiP - ok
09:13:07.0148 4800 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:13:07.0331 4800 NDIS - ok
09:13:07.0405 4800 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:13:07.0476 4800 NdisCap - ok
09:13:07.0589 4800 Ndiskio (725123f7aebfef717e3f26b25b149d7a) C:\Program Files\Norman\Nse\Bin\NDISKIO.SYS
09:13:07.0707 4800 Ndiskio - ok
09:13:07.0737 4800 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:13:07.0788 4800 NdisTapi - ok
09:13:07.0831 4800 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:13:07.0895 4800 Ndisuio - ok
09:13:07.0935 4800 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:13:08.0018 4800 NdisWan - ok
09:13:08.0049 4800 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:13:08.0101 4800 NDProxy - ok
09:13:08.0262 4800 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:13:08.0330 4800 NetBIOS - ok
09:13:08.0522 4800 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:13:08.0628 4800 NetBT - ok
09:13:08.0666 4800 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:08.0669 4800 Netlogon - ok
09:13:08.0759 4800 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:13:08.0899 4800 Netman - ok
09:13:08.0947 4800 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:13:09.0096 4800 netprofm - ok
09:13:09.0178 4800 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:13:09.0262 4800 NetTcpPortSharing - ok
09:13:09.0310 4800 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:13:09.0375 4800 nfrd960 - ok
09:13:09.0525 4800 NGS (0d439f6337adc15b1393060d108ca8d8) c:\program files\norman\ngs\bin\ngs.sys
09:13:09.0652 4800 NGS - ok
09:13:09.0776 4800 NHS (af6af4685fba9ef80589b688c231cbaa) C:\Program Files\Norman\Nvc\bin\nhs.exe
09:13:10.0135 4800 NHS - ok
09:13:10.0190 4800 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:13:10.0364 4800 NlaSvc - ok
09:13:10.0416 4800 NNFSVC (efb8638c018cd428b9dd78b7f89e2faf) C:\Program Files\Norman\Ngs\Bin\Nnf.exe
09:13:10.0682 4800 NNFSVC - ok
09:13:10.0763 4800 Norman NJeeves (c4d2d678f08f11f0edb3bb4e89ce2b7a) C:\Program Files\Norman\Npm\Bin\Njeeves.exe
09:13:11.0061 4800 Norman NJeeves - ok
09:13:11.0142 4800 Norman ZANDA (88ca218696cf13b260db003787ab65ae) C:\Program Files\Norman\Npm\Bin\Zanda.exe
09:13:11.0454 4800 Norman ZANDA - ok
09:13:11.0509 4800 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:13:11.0570 4800 Npfs - ok
09:13:11.0667 4800 NPFSvc32 (6b4345ba4059d72026d3b530f6a675a5) C:\Program Files\Norman\npf\bin\npfsvc32.exe
09:13:12.0074 4800 NPFSvc32 - ok
09:13:12.0167 4800 NPROSEC (0fddfe0cf41b5eb87689e465e34ddd18) C:\Program Files\Norman\Ngs\Bin\nprosec.sys
09:13:12.0310 4800 NPROSEC - ok
09:13:12.0372 4800 NPROSECSVC (a7c274dab79d0f50bd4202a678684a71) C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
09:13:12.0612 4800 NPROSECSVC - ok
09:13:12.0662 4800 nregsec (82a058999d0cfb5c285fc22856e235c2) C:\Program Files\Norman\Ngs\Bin\nregsec.sys
09:13:12.0834 4800 nregsec - ok
09:13:12.0897 4800 nsesvc (9cda7f164e8149dcf3f28ccf5db3cf4d) C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
09:13:13.0197 4800 nsesvc - ok
09:13:13.0227 4800 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:13:13.0290 4800 nsi - ok
09:13:13.0320 4800 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:13:13.0384 4800 nsiproxy - ok
09:13:13.0506 4800 nSvcIp (b6c48d01147ec020de7f1856734127f8) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
09:13:13.0701 4800 nSvcIp - ok
09:13:13.0822 4800 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:13:14.0057 4800 Ntfs - ok
09:13:14.0219 4800 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:13:14.0221 4800 Null - ok
09:13:14.0280 4800 nvamacpi (6c6d6701a76529963f9416d285d2f4d9) C:\Windows\system32\DRIVERS\NVAMACPI.sys
09:13:14.0364 4800 nvamacpi - ok
09:13:14.0410 4800 NvcMFlt (31ea28572e8005bb8c65e00f23978534) C:\Windows\system32\DRIVERS\nvcv32mf.sys
09:13:14.0477 4800 NvcMFlt - ok
09:13:14.0604 4800 nvcoas (329e43c14e6c31f4cb8d8607b66c1df7) C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
09:13:14.0981 4800 nvcoas - ok
09:13:15.0068 4800 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
09:13:15.0164 4800 NVENETFD - ok
09:13:15.0997 4800 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:13:17.0434 4800 nvlddmkm - ok
09:13:17.0618 4800 NVNET (8196a84583185499f3e8c20ffdaf36d6) C:\Windows\system32\DRIVERS\nvmf6232.sys
09:13:17.0716 4800 NVNET - ok
09:13:17.0874 4800 NVOY (98cdb972fd946b904cd1c6d5ecf2e878) C:\Program Files\Norman\npm\bin\nvoy.exe
09:13:18.0095 4800 NVOY - ok
09:13:18.0302 4800 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:13:18.0443 4800 nvraid - ok
09:13:18.0521 4800 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:13:18.0641 4800 nvstor - ok
09:13:18.0700 4800 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
09:13:18.0702 4800 nvstor32 - ok
09:13:18.0772 4800 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
09:13:19.0148 4800 nvsvc - ok
09:13:19.0311 4800 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:13:19.0677 4800 nvUpdatusService - ok
09:13:19.0824 4800 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:13:19.0918 4800 nv_agp - ok
09:13:19.0972 4800 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:13:20.0096 4800 ohci1394 - ok
09:13:20.0212 4800 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:13:20.0317 4800 ose - ok
09:13:20.0736 4800 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:13:21.0216 4800 osppsvc - ok
09:13:21.0351 4800 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:13:21.0495 4800 p2pimsvc - ok
09:13:21.0557 4800 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:13:21.0713 4800 p2psvc - ok
09:13:21.0775 4800 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:13:21.0888 4800 Parport - ok
09:13:21.0927 4800 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
09:13:21.0994 4800 partmgr - ok
09:13:22.0029 4800 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:13:22.0102 4800 Parvdm - ok
09:13:22.0180 4800 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:13:22.0334 4800 PcaSvc - ok
09:13:22.0381 4800 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:13:22.0521 4800 pci - ok
09:13:22.0561 4800 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:13:22.0612 4800 pciide - ok
09:13:22.0666 4800 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:13:22.0828 4800 pcmcia - ok
09:13:22.0866 4800 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:13:22.0912 4800 pcw - ok
09:13:22.0952 4800 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:13:23.0149 4800 PEAUTH - ok
09:13:23.0225 4800 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
09:13:23.0562 4800 PeerDistSvc - ok
09:13:23.0727 4800 Ph3xIB32 (8b7aec0aba77de5d2feac1824c15a3fa) C:\Windows\system32\DRIVERS\Ph3xIB32.sys
09:13:23.0928 4800 Ph3xIB32 - ok
09:13:24.0174 4800 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:13:24.0388 4800 pla - ok
09:13:24.0575 4800 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:13:24.0734 4800 PlugPlay - ok
09:13:24.0773 4800 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:13:24.0854 4800 PNRPAutoReg - ok
09:13:24.0898 4800 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:13:24.0903 4800 PNRPsvc - ok
09:13:24.0976 4800 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:13:25.0143 4800 PolicyAgent - ok
09:13:25.0191 4800 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:13:25.0284 4800 Power - ok
09:13:25.0356 4800 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:13:25.0441 4800 PptpMiniport - ok
09:13:25.0485 4800 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:13:25.0570 4800 Processor - ok
09:13:25.0621 4800 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
09:13:25.0788 4800 ProfSvc - ok
09:13:25.0819 4800 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:25.0835 4800 ProtectedStorage - ok
09:13:25.0866 4800 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:13:25.0975 4800 Psched - ok
09:13:26.0084 4800 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:13:26.0328 4800 ql2300 - ok
09:13:26.0485 4800 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:13:26.0605 4800 ql40xx - ok
09:13:26.0648 4800 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:13:26.0848 4800 QWAVE - ok
09:13:26.0869 4800 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:13:26.0937 4800 QWAVEdrv - ok
09:13:26.0969 4800 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:13:27.0026 4800 RasAcd - ok
09:13:27.0090 4800 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:13:27.0157 4800 RasAgileVpn - ok
09:13:27.0201 4800 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:13:27.0365 4800 RasAuto - ok
09:13:27.0405 4800 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:13:27.0453 4800 Rasl2tp - ok
09:13:27.0507 4800 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:13:27.0629 4800 RasMan - ok
09:13:27.0670 4800 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:13:27.0807 4800 RasPppoe - ok
09:13:27.0849 4800 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:13:27.0950 4800 RasSstp - ok
09:13:28.0062 4800 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:13:28.0219 4800 rdbss - ok
09:13:28.0249 4800 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:13:28.0329 4800 rdpbus - ok
09:13:28.0367 4800 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:13:28.0398 4800 RDPCDD - ok
09:13:28.0445 4800 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
09:13:28.0523 4800 RDPDR - ok
09:13:28.0570 4800 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:13:28.0616 4800 RDPENCDD - ok
09:13:28.0648 4800 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:13:28.0726 4800 RDPREFMP - ok
09:13:28.0938 4800 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
09:13:29.0039 4800 RdpVideoMiniport - ok
09:13:29.0104 4800 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
09:13:29.0210 4800 RDPWD - ok
09:13:29.0273 4800 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:13:29.0377 4800 rdyboost - ok
09:13:29.0416 4800 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:13:29.0504 4800 RemoteAccess - ok
09:13:29.0548 4800 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:13:29.0645 4800 RemoteRegistry - ok
09:13:29.0709 4800 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:13:29.0780 4800 RpcEptMapper - ok
09:13:29.0827 4800 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:13:29.0913 4800 RpcLocator - ok
09:13:29.0968 4800 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:13:29.0974 4800 RpcSs - ok
09:13:30.0037 4800 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:13:30.0102 4800 rspndr - ok
09:13:30.0140 4800 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
09:13:30.0254 4800 s3cap - ok
09:13:30.0299 4800 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:30.0304 4800 SamSs - ok
09:13:30.0385 4800 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:13:30.0500 4800 sbp2port - ok
09:13:30.0542 4800 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:13:30.0624 4800 SCardSvr - ok
09:13:30.0661 4800 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:13:30.0896 4800 scfilter - ok
09:13:31.0053 4800 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:13:31.0193 4800 Schedule - ok
09:13:31.0339 4800 Scheduler (5fd85727e19476c24acb8e7bffbce26c) C:\Program Files\Norman\Npm\Bin\scheduler.exe
09:13:31.0578 4800 Scheduler - ok
09:13:31.0631 4800 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:13:31.0633 4800 SCPolicySvc - ok
09:13:31.0704 4800 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:13:31.0807 4800 SDRSVC - ok
09:13:31.0851 4800 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:13:31.0969 4800 secdrv - ok
09:13:32.0002 4800 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:13:32.0080 4800 seclogon - ok
09:13:32.0132 4800 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:13:32.0202 4800 SENS - ok
09:13:32.0252 4800 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:13:32.0314 4800 SensrSvc - ok
09:13:32.0361 4800 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:13:32.0439 4800 Serenum - ok
09:13:32.0475 4800 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:13:32.0550 4800 Serial - ok
09:13:32.0608 4800 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:13:32.0656 4800 sermouse - ok
09:13:32.0737 4800 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:13:32.0817 4800 SessionEnv - ok
09:13:32.0861 4800 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:13:32.0922 4800 sffdisk - ok
09:13:32.0963 4800 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:13:33.0093 4800 sffp_mmc - ok
09:13:33.0134 4800 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:13:33.0209 4800 sffp_sd - ok
09:13:33.0241 4800 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:13:33.0333 4800 sfloppy - ok
09:13:33.0382 4800 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
09:13:33.0462 4800 SharedAccess - ok
09:13:33.0524 4800 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:13:33.0649 4800 ShellHWDetection - ok
09:13:33.0712 4800 SIS163u (e91d143072a680223b5e73571970c82f) C:\Windows\system32\DRIVERS\sis163u.sys
09:13:33.0830 4800 SIS163u - ok
09:13:33.0865 4800 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:13:33.0923 4800 sisagp - ok
09:13:33.0984 4800 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:13:34.0071 4800 SiSRaid2 - ok
09:13:34.0136 4800 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:13:34.0242 4800 SiSRaid4 - ok
09:13:34.0288 4800 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:13:34.0385 4800 Smb - ok
09:13:34.0436 4800 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:13:34.0511 4800 SNMPTRAP - ok
09:13:34.0544 4800 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:13:34.0599 4800 spldr - ok
09:13:34.0647 4800 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:13:34.0816 4800 Spooler - ok
09:13:35.0060 4800 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:13:35.0221 4800 sppsvc - ok
09:13:35.0394 4800 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:13:35.0510 4800 sppuinotify - ok
09:13:35.0603 4800 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:13:35.0763 4800 srv - ok
09:13:35.0828 4800 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:13:35.0993 4800 srv2 - ok
09:13:36.0100 4800 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:13:36.0196 4800 srvnet - ok
09:13:36.0241 4800 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:13:36.0322 4800 SSDPSRV - ok
09:13:36.0373 4800 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:13:36.0461 4800 SstpSvc - ok
09:13:36.0621 4800 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:13:37.0019 4800 Stereo Service - ok
09:13:37.0045 4800 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:13:37.0121 4800 stexstor - ok
09:13:37.0191 4800 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:13:37.0424 4800 StiSvc - ok
09:13:37.0460 4800 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
09:13:37.0534 4800 storflt - ok
09:13:37.0571 4800 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
09:13:37.0627 4800 storvsc - ok
09:13:37.0670 4800 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
09:13:37.0718 4800 swenum - ok
09:13:37.0767 4800 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:13:37.0938 4800 swprv - ok
09:13:37.0963 4800 Synth3dVsc - ok
09:13:38.0079 4800 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:13:38.0308 4800 SysMain - ok
09:13:38.0345 4800 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:13:38.0425 4800 TabletInputService - ok
09:13:38.0497 4800 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:13:38.0579 4800 TapiSrv - ok
09:13:38.0614 4800 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:13:38.0765 4800 TBS - ok
09:13:38.0879 4800 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
09:13:39.0148 4800 Tcpip - ok
09:13:39.0357 4800 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
09:13:39.0366 4800 TCPIP6 - ok
09:13:39.0482 4800 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:13:39.0555 4800 tcpipreg - ok
09:13:39.0600 4800 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:13:39.0717 4800 TDPIPE - ok
09:13:39.0758 4800 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:13:39.0862 4800 TDTCP - ok
09:13:39.0916 4800 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:13:40.0011 4800 tdx - ok
09:13:40.0068 4800 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
09:13:40.0152 4800 TermDD - ok
09:13:40.0241 4800 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:13:40.0336 4800 TermService - ok
09:13:40.0388 4800 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:13:40.0493 4800 Themes - ok
09:13:40.0532 4800 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:13:40.0537 4800 THREADORDER - ok
09:13:40.0576 4800 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:13:40.0667 4800 TrkWks - ok
09:13:40.0816 4800 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:13:40.0909 4800 TrustedInstaller - ok
09:13:40.0961 4800 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:13:41.0003 4800 tssecsrv - ok
09:13:41.0033 4800 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:13:41.0125 4800 TsUsbFlt - ok
09:13:41.0130 4800 tsusbhub - ok
09:13:41.0213 4800 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:13:41.0356 4800 tunnel - ok
09:13:41.0438 4800 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:13:41.0557 4800 uagp35 - ok
09:13:41.0849 4800 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:13:42.0015 4800 udfs - ok
09:13:42.0107 4800 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:13:42.0287 4800 UI0Detect - ok
09:13:42.0386 4800 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:13:42.0499 4800 uliagpkx - ok
09:13:42.0623 4800 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
09:13:42.0741 4800 umbus - ok
09:13:42.0824 4800 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:13:42.0969 4800 UmPass - ok
09:13:43.0153 4800 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
09:13:43.0336 4800 UmRdpService - ok
09:13:43.0494 4800 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:13:43.0709 4800 upnphost - ok
09:13:43.0812 4800 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:13:43.0945 4800 usbccgp - ok
 
S

Sari95

New Member
09:13:44.0073 4800 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:13:44.0354 4800 usbcir - ok
09:13:44.0432 4800 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
09:13:44.0575 4800 usbehci - ok
09:13:44.0758 4800 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:13:44.0985 4800 usbhub - ok
09:13:45.0062 4800 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
09:13:45.0182 4800 usbohci - ok
09:13:45.0352 4800 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:13:45.0449 4800 usbprint - ok
09:13:45.0578 4800 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
09:13:45.0702 4800 usbscan - ok
09:13:45.0811 4800 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:13:45.0943 4800 USBSTOR - ok
09:13:46.0027 4800 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
09:13:46.0164 4800 usbuhci - ok
09:13:46.0259 4800 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:13:46.0375 4800 UxSms - ok
09:13:46.0446 4800 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:46.0451 4800 VaultSvc - ok
09:13:46.0570 4800 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:13:46.0704 4800 vdrvroot - ok
09:13:47.0153 4800 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:13:47.0448 4800 vds - ok
09:13:47.0533 4800 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:13:47.0685 4800 vga - ok
09:13:47.0807 4800 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:13:47.0866 4800 VgaSave - ok
09:13:47.0937 4800 VGPU - ok
09:13:48.0037 4800 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:13:48.0194 4800 vhdmp - ok
09:13:48.0308 4800 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:13:48.0479 4800 viaagp - ok
09:13:48.0552 4800 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:13:48.0664 4800 ViaC7 - ok
09:13:48.0724 4800 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:13:48.0848 4800 viaide - ok
09:13:49.0013 4800 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
09:13:49.0284 4800 vmbus - ok
09:13:49.0360 4800 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
09:13:49.0410 4800 VMBusHID - ok
09:13:49.0504 4800 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:13:49.0642 4800 volmgr - ok
09:13:49.0827 4800 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:13:50.0093 4800 volmgrx - ok
09:13:50.0262 4800 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:13:50.0519 4800 volsnap - ok
09:13:50.0663 4800 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
09:13:50.0838 4800 vsmraid - ok
09:13:51.0381 4800 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
09:13:52.0220 4800 VSS - ok
09:13:52.0345 4800 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
09:13:52.0411 4800 vwifibus - ok
09:13:52.0566 4800 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
09:13:52.0839 4800 W32Time - ok
09:13:52.0925 4800 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
09:13:52.0987 4800 WacomPen - ok
09:13:53.0343 4800 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:13:53.0450 4800 WANARP - ok
09:13:53.0457 4800 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:13:53.0459 4800 Wanarpv6 - ok
09:13:53.0583 4800 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
09:13:53.0808 4800 WatAdminSvc - ok
09:13:54.0112 4800 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
09:13:54.0574 4800 wbengine - ok
09:13:54.0670 4800 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
09:13:54.0885 4800 WbioSrvc - ok
09:13:55.0072 4800 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
09:13:55.0294 4800 wcncsvc - ok
09:13:55.0390 4800 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
09:13:55.0453 4800 WcsPlugInService - ok
09:13:55.0575 4800 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
09:13:55.0698 4800 Wd - ok
09:13:55.0906 4800 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:13:56.0169 4800 Wdf01000 - ok
09:13:56.0253 4800 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:13:56.0391 4800 WdiServiceHost - ok
09:13:56.0395 4800 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:13:56.0399 4800 WdiSystemHost - ok
09:13:56.0569 4800 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
09:13:56.0722 4800 WebClient - ok
09:13:56.0933 4800 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
09:13:57.0108 4800 Wecsvc - ok
09:13:57.0287 4800 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
09:13:57.0291 4800 wercplsupport - ok
09:13:57.0392 4800 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
09:13:57.0617 4800 WerSvc - ok
09:13:57.0698 4800 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
09:13:57.0834 4800 WfpLwf - ok
09:13:57.0911 4800 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
09:13:58.0032 4800 WIMMount - ok
09:13:58.0438 4800 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
09:13:59.0063 4800 WinDefend - ok
09:13:59.0071 4800 WinHttpAutoProxySvc - ok
09:13:59.0378 4800 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
09:13:59.0489 4800 Winmgmt - ok
09:14:00.0110 4800 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
09:14:01.0135 4800 WinRM - ok
09:14:01.0471 4800 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
09:14:01.0620 4800 WinUsb - ok
09:14:02.0144 4800 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
09:14:02.0979 4800 Wlansvc - ok
09:14:03.0065 4800 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
09:14:03.0195 4800 WmiAcpi - ok
09:14:03.0407 4800 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
09:14:03.0641 4800 wmiApSrv - ok
09:14:04.0193 4800 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:14:04.0604 4800 WMPNetworkSvc - ok
09:14:04.0725 4800 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
09:14:04.0780 4800 WPCSvc - ok
09:14:04.0853 4800 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
09:14:04.0948 4800 WPDBusEnum - ok
09:14:05.0039 4800 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
09:14:05.0116 4800 ws2ifsl - ok
09:14:05.0277 4800 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
09:14:05.0362 4800 wscsvc - ok
09:14:05.0367 4800 WSearch - ok
09:14:05.0571 4800 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
09:14:06.0111 4800 wuauserv - ok
09:14:06.0274 4800 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
09:14:06.0341 4800 WudfPf - ok
09:14:06.0381 4800 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:14:06.0488 4800 WUDFRd - ok
09:14:06.0522 4800 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
09:14:06.0672 4800 wudfsvc - ok
09:14:06.0727 4800 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
09:14:06.0858 4800 WwanSvc - ok
09:14:06.0925 4800 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:14:07.0365 4800 \Device\Harddisk0\DR0 - ok
09:14:07.0383 4800 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
09:14:07.0745 4800 \Device\Harddisk1\DR1 - ok
09:14:07.0750 4800 Boot (0x1200) (00b1f7fd45c01202a1f75d440871be23) \Device\Harddisk0\DR0\Partition0
09:14:07.0751 4800 \Device\Harddisk0\DR0\Partition0 - ok
09:14:07.0774 4800 Boot (0x1200) (9f9be3339cbb9ec73eee6535b38d3c7a) \Device\Harddisk0\DR0\Partition1
09:14:07.0775 4800 \Device\Harddisk0\DR0\Partition1 - ok
09:14:07.0783 4800 Boot (0x1200) (256562aaecfa059b9b689fbe0caffaa4) \Device\Harddisk1\DR1\Partition0
09:14:07.0784 4800 \Device\Harddisk1\DR1\Partition0 - ok
09:14:07.0784 4800 ============================================================
09:14:07.0784 4800 Scan finished
09:14:07.0784 4800 ============================================================
09:14:07.0803 4720 Detected object count: 0
09:14:07.0803 4720 Actual detected object count: 0
09:18:04.0939 5696 Deinitialize success
 
S

Sari95

New Member
There are the 3 logs from Combofix, Hijackthis and TDSSKiller :)

S3P3HR: The hardware is at least 5 years old and the original OS was Vista, but I have now installed W7 on it :)
 
johnb35

johnb35

Administrator
Staff member
I don't see anything out of the ordinary on those logs. Try this. Boot to safe mode and see if you can open things normally. If so, then its software related.
 
You must log in or register to reply here.
Top