Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDL4@MBR code HELP!!!


  • This topic is locked This topic is locked
8 replies to this topic

#1 buck6691

buck6691

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 02 April 2012 - 03:20 PM

I am having the dreaded blue screen memory dump issue. It seems hopeless as I am only able to manuever in safe mode. I first ran Nirsoft blue screen view to see if there were issues with the drivers. Two of the best moderators on the site suggested that I may malware issues. Some additional background - I do use Mbam and MS Security Essentials..completed mbam uninstall: no change,memory dump; Attempted MS Security Essentials but I got an error indicating it could not install MS E in safe mode. yes, not uninstall, but install (error code 0x8004FF11).I am not sure if u have to run MS E wizard to uninstall or its an error. does run in safe mode and safe mode with networking. I did run full scans with mbam ( found 7 malware and viruses and they were removed. Prior, MS Security Essentials was not turned on (dont know y). First saw something strange days ago when screen visual settings changed as if they were reduced to an older windows look. Looking back, I seem to have an issue with MS isatap network adapter that was disabled and could not be enabled. OTHER QUIRKS: I can only see half of Control Panel; I seemingly lost personal files with 3 system restore attempts; incomplete JAVA and adobe update installs; and windows security cannot be turned on.

I have since ran TDSSkiller as instructed and GMER on system and found that it was infected by a rootkit malware...Really need assistance in removing this bug. DDS results as follows and attached to this post:

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.19190
Run by dje at 13:56:06 on 2012-04-02
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2941.408 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [VNFgalygGdHd.exe] c:\programdata\VNFgalygGdHd.exe
uRun: [toscdspd] TOSCDSPD.EXE
uRun: [Google Update] "c:\users\dje\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [jswtrayutil] "c:\program files\jumpstart\jswtrayutil.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 926\memcard.exe"
mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCXtime.dll,_RunDLLEntry@16
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\dje\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\dje\appdata\roaming\micros~1\windows\startm~1\programs\startup\turboa~1.lnk - c:\users\dje\appdata\roaming\microsoft\installer\{0f321d2e-f1d6-42ec-a946-2181ca76bda6}\_B2EA742869F2F0FEF1D448.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{33938668-6963-43A1-BF98-6F032D4A8B80} : DhcpNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{5262C6D8-D3F2-4DD8-A71B-59C74354751F} : DhcpNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2008-8-27 20352]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-2-12 7168]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
S2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-16 136176]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-2-26 101936]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-1-7 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-2-12 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-16 136176]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2008-8-27 937984]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2010-4-18 54416]
S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2010-4-18 160272]
S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2010-4-18 160272]
S3 PTDUWFLT;PTDUWWAN Filter Driver;c:\windows\system32\drivers\PTDUWFLT.sys [2010-4-18 11920]
S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2010-4-18 113680]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-04-02 18:13:06 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-02 18:01:02 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{03b313fd-3c45-443b-8133-7373cda755b0}\gapaengine.dll
2012-03-30 03:26:09 6881616 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{52586650-325d-47be-99df-e0fc57071453}\mpengine.dll
2012-03-26 02:05:50 -------- d--h--w- c:\users\dje\appdata\roaming\Byqain
2012-03-26 01:31:48 -------- d--h--w- c:\program files\NirSoft
2012-03-14 05:14:37 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-03-14 04:58:59 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 04:58:57 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 04:58:57 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 04:58:56 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-14 04:58:56 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 04:58:56 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-13 23:29:11 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-13 23:29:11 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
==================== Find3M ====================
.
2012-01-31 12:44:05 237072 ----a-w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 13:59:27.48 ===============
I appreciate any assistance and thanking you wholeheartedly in advance...

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:05 PM

Posted 02 April 2012 - 05:26 PM

Hello buck6691,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


1.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


3.
Please download and run unhide.exe.

Things to include in your next reply::
TdssKiller log
Combofix.txt
How is your machine running now?

Edited by fireman4it, 02 April 2012 - 05:27 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 buck6691

buck6691
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 03 April 2012 - 12:22 PM

Completed TDSSKiller scan...no threats found...results:

12:14:38.0394 0620 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
12:14:39.0221 0620 ============================================================
12:14:39.0221 0620 Current date / time: 2012/04/03 12:14:39.0221
12:14:39.0221 0620 SystemInfo:
12:14:39.0221 0620
12:14:39.0221 0620 OS Version: 6.0.6002 ServicePack: 2.0
12:14:39.0221 0620 Product type: Workstation
12:14:39.0221 0620 ComputerName: DJE-PC
12:14:39.0221 0620 UserName: dje
12:14:39.0221 0620 Windows directory: C:\Windows
12:14:39.0221 0620 System windows directory: C:\Windows
12:14:39.0221 0620 Processor architecture: Intel x86
12:14:39.0221 0620 Number of processors: 2
12:14:39.0221 0620 Page size: 0x1000
12:14:39.0221 0620 Boot type: Safe boot with network
12:14:39.0221 0620 ============================================================
12:14:40.0718 0620 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:14:40.0734 0620 \Device\Harddisk0\DR0:
12:14:40.0734 0620 MBR used
12:14:40.0734 0620 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000
12:14:40.0765 0620 Initialize success
12:14:40.0765 0620 ============================================================
12:14:46.0022 1332 ============================================================
12:14:46.0022 1332 Scan started
12:14:46.0022 1332 Mode: Manual;
12:14:46.0022 1332 ============================================================
12:14:46.0475 1332 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:14:46.0475 1332 ACPI - ok
12:14:46.0568 1332 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:14:46.0568 1332 adp94xx - ok
12:14:46.0615 1332 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:14:46.0615 1332 adpahci - ok
12:14:46.0631 1332 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:14:46.0631 1332 adpu160m - ok
12:14:46.0677 1332 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:14:46.0677 1332 adpu320 - ok
12:14:46.0740 1332 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
12:14:46.0740 1332 AeLookupSvc - ok
12:14:46.0833 1332 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:14:46.0849 1332 AFD - ok
12:14:46.0927 1332 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
12:14:46.0927 1332 AgereModemAudio - ok
12:14:47.0036 1332 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
12:14:47.0052 1332 AgereSoftModem - ok
12:14:47.0083 1332 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:14:47.0083 1332 agp440 - ok
12:14:47.0161 1332 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:14:47.0161 1332 aic78xx - ok
12:14:47.0208 1332 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
12:14:47.0208 1332 ALG - ok
12:14:47.0223 1332 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
12:14:47.0223 1332 aliide - ok
12:14:47.0239 1332 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:14:47.0239 1332 amdagp - ok
12:14:47.0255 1332 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
12:14:47.0255 1332 amdide - ok
12:14:47.0270 1332 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:14:47.0270 1332 AmdK7 - ok
12:14:47.0286 1332 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
12:14:47.0286 1332 AmdK8 - ok
12:14:47.0379 1332 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
12:14:47.0379 1332 Appinfo - ok
12:14:47.0582 1332 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:14:47.0582 1332 Apple Mobile Device - ok
12:14:47.0723 1332 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:14:47.0723 1332 arc - ok
12:14:47.0769 1332 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:14:47.0769 1332 arcsas - ok
12:14:47.0832 1332 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:14:47.0832 1332 AsyncMac - ok
12:14:47.0847 1332 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:14:47.0847 1332 atapi - ok
12:14:47.0941 1332 athr (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys
12:14:47.0957 1332 athr - ok
12:14:48.0050 1332 Ati External Event Utility (581b9be9e92a0f3856cc85ec011edc6f) C:\Windows\system32\Ati2evxx.exe
12:14:48.0050 1332 Ati External Event Utility - ok
12:14:48.0222 1332 atikmdag (22d300f835600c9c634860cf2912f9cf) C:\Windows\system32\DRIVERS\atikmdag.sys
12:14:48.0253 1332 atikmdag - ok
12:14:48.0253 1332 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
12:14:48.0253 1332 AtiPcie - ok
12:14:48.0378 1332 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:14:48.0378 1332 AudioEndpointBuilder - ok
12:14:48.0393 1332 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:14:48.0393 1332 Audiosrv - ok
12:14:48.0705 1332 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
12:14:48.0705 1332 BBSvc - ok
12:14:48.0939 1332 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:14:48.0939 1332 Beep - ok
12:14:49.0033 1332 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
12:14:49.0049 1332 BFE - ok
12:14:49.0142 1332 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
12:14:49.0142 1332 BITS - ok
12:14:49.0189 1332 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:14:49.0189 1332 blbdrive - ok
12:14:49.0345 1332 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
12:14:49.0345 1332 Bonjour Service - ok
12:14:49.0376 1332 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:14:49.0376 1332 bowser - ok
12:14:49.0423 1332 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:14:49.0423 1332 BrFiltLo - ok
12:14:49.0439 1332 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:14:49.0439 1332 BrFiltUp - ok
12:14:49.0501 1332 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
12:14:49.0501 1332 Browser - ok
12:14:49.0532 1332 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:14:49.0532 1332 Brserid - ok
12:14:49.0548 1332 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:14:49.0548 1332 BrSerWdm - ok
12:14:49.0563 1332 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:14:49.0563 1332 BrUsbMdm - ok
12:14:49.0579 1332 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:14:49.0579 1332 BrUsbSer - ok
12:14:49.0595 1332 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:14:49.0595 1332 BTHMODEM - ok
12:14:49.0704 1332 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
12:14:49.0704 1332 BthServ - ok
12:14:49.0751 1332 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:14:49.0751 1332 cdfs - ok
12:14:49.0782 1332 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\Windows\system32\drivers\Cdr4_xp.sys
12:14:49.0782 1332 Cdr4_xp - ok
12:14:49.0797 1332 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\Windows\system32\drivers\Cdralw2k.sys
12:14:49.0797 1332 Cdralw2k - ok
12:14:49.0813 1332 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:14:49.0813 1332 cdrom - ok
12:14:49.0860 1332 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:14:49.0860 1332 CertPropSvc - ok
12:14:49.0875 1332 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:14:49.0875 1332 circlass - ok
12:14:49.0922 1332 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:14:49.0922 1332 CLFS - ok
12:14:50.0094 1332 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:14:50.0094 1332 clr_optimization_v2.0.50727_32 - ok
12:14:50.0250 1332 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:14:50.0250 1332 clr_optimization_v4.0.30319_32 - ok
12:14:50.0312 1332 CLTNetCnService - ok
12:14:50.0468 1332 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
12:14:50.0468 1332 CmBatt - ok
12:14:50.0484 1332 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
12:14:50.0484 1332 cmdide - ok
12:14:50.0499 1332 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
12:14:50.0499 1332 Compbatt - ok
12:14:50.0515 1332 COMSysApp - ok
12:14:50.0655 1332 ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
12:14:50.0655 1332 ConfigFree Service - ok
12:14:50.0671 1332 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:14:50.0671 1332 crcdisk - ok
12:14:50.0687 1332 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:14:50.0687 1332 Crusoe - ok
12:14:50.0796 1332 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
12:14:50.0796 1332 CryptSvc - ok
12:14:50.0889 1332 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:14:50.0889 1332 DcomLaunch - ok
12:14:50.0936 1332 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:14:50.0936 1332 DfsC - ok
12:14:51.0077 1332 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
12:14:51.0092 1332 DFSR - ok
12:14:51.0186 1332 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
12:14:51.0186 1332 Dhcp - ok
12:14:51.0264 1332 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:14:51.0264 1332 disk - ok
12:14:51.0326 1332 dlcx_device - ok
12:14:51.0389 1332 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
12:14:51.0389 1332 Dnscache - ok
12:14:51.0467 1332 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
12:14:51.0467 1332 dot3svc - ok
12:14:51.0513 1332 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
12:14:51.0529 1332 DPS - ok
12:14:51.0591 1332 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:14:51.0591 1332 drmkaud - ok
12:14:51.0654 1332 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:14:51.0654 1332 DXGKrnl - ok
12:14:51.0701 1332 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:14:51.0701 1332 E1G60 - ok
12:14:51.0747 1332 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
12:14:51.0747 1332 EapHost - ok
12:14:51.0841 1332 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:14:51.0857 1332 Ecache - ok
12:14:51.0950 1332 eeCtrl (70aeac5d481b2904b40f2173e280b1b5) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:14:51.0950 1332 eeCtrl - ok
12:14:52.0044 1332 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
12:14:52.0044 1332 ehRecvr - ok
12:14:52.0059 1332 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
12:14:52.0059 1332 ehSched - ok
12:14:52.0075 1332 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
12:14:52.0075 1332 ehstart - ok
12:14:52.0278 1332 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:14:52.0278 1332 elxstor - ok
12:14:52.0356 1332 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
12:14:52.0371 1332 EMDMgmt - ok
12:14:52.0512 1332 EraserUtilRebootDrv (00bd6fc4a873d3341dcf9aef2d3c841e) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:14:52.0512 1332 EraserUtilRebootDrv - ok
12:14:52.0668 1332 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
12:14:52.0668 1332 ErrDev - ok
12:14:52.0761 1332 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
12:14:52.0777 1332 EventSystem - ok
12:14:52.0871 1332 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:14:52.0871 1332 exfat - ok
12:14:52.0917 1332 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:14:52.0917 1332 fastfat - ok
12:14:52.0933 1332 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:14:52.0933 1332 fdc - ok
12:14:52.0980 1332 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
12:14:52.0980 1332 fdPHost - ok
12:14:52.0995 1332 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
12:14:52.0995 1332 FDResPub - ok
12:14:53.0089 1332 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:14:53.0089 1332 FileInfo - ok
12:14:53.0105 1332 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:14:53.0105 1332 Filetrace - ok
12:14:53.0120 1332 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:14:53.0120 1332 flpydisk - ok
12:14:53.0167 1332 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:14:53.0167 1332 FltMgr - ok
12:14:53.0276 1332 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
12:14:53.0292 1332 FontCache - ok
12:14:53.0448 1332 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:14:53.0448 1332 FontCache3.0.0.0 - ok
12:14:53.0495 1332 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
12:14:53.0495 1332 fssfltr - ok
12:14:53.0682 1332 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:14:53.0682 1332 fsssvc - ok
12:14:53.0729 1332 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:14:53.0729 1332 Fs_Rec - ok
12:14:53.0775 1332 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
12:14:53.0775 1332 FwLnk - ok
12:14:53.0791 1332 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:14:53.0791 1332 gagp30kx - ok
12:14:53.0885 1332 GameConsoleService (01a5829dd261b4f3dd66d7e9f9b973f5) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
12:14:53.0900 1332 GameConsoleService - ok
12:14:53.0931 1332 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:14:53.0931 1332 GEARAspiWDM - ok
12:14:54.0009 1332 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:14:54.0009 1332 GoogleDesktopManager-051210-111108 - ok
12:14:54.0072 1332 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
12:14:54.0072 1332 gpsvc - ok
12:14:54.0181 1332 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:54.0181 1332 gupdate - ok
12:14:54.0197 1332 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:54.0197 1332 gupdatem - ok
12:14:54.0243 1332 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:14:54.0259 1332 gusvc - ok
12:14:54.0446 1332 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
12:14:54.0462 1332 HdAudAddService - ok
12:14:54.0524 1332 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:14:54.0540 1332 HDAudBus - ok
12:14:54.0540 1332 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:14:54.0555 1332 HidBth - ok
12:14:54.0555 1332 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:14:54.0571 1332 HidIr - ok
12:14:54.0602 1332 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
12:14:54.0602 1332 hidserv - ok
12:14:54.0618 1332 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:14:54.0618 1332 HidUsb - ok
12:14:54.0649 1332 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
12:14:54.0649 1332 hkmsvc - ok
12:14:54.0665 1332 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
12:14:54.0665 1332 HpCISSs - ok
12:14:54.0711 1332 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:14:54.0711 1332 HTTP - ok
12:14:54.0727 1332 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:14:54.0727 1332 i2omp - ok
12:14:54.0789 1332 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:14:54.0789 1332 i8042prt - ok
12:14:54.0805 1332 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:14:54.0805 1332 iaStorV - ok
12:14:54.0945 1332 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:14:54.0945 1332 IDriverT - ok
12:14:55.0133 1332 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:14:55.0148 1332 idsvc - ok
12:14:55.0164 1332 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:14:55.0164 1332 iirsp - ok
12:14:55.0242 1332 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
12:14:55.0242 1332 IKEEXT - ok
12:14:55.0413 1332 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
12:14:55.0429 1332 IntcAzAudAddService - ok
12:14:55.0460 1332 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
12:14:55.0460 1332 intelide - ok
12:14:55.0491 1332 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:14:55.0491 1332 intelppm - ok
12:14:55.0538 1332 IO_Memory - ok
12:14:55.0569 1332 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
12:14:55.0585 1332 IPBusEnum - ok
12:14:55.0616 1332 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:14:55.0616 1332 IpFilterDriver - ok
12:14:55.0663 1332 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
12:14:55.0663 1332 iphlpsvc - ok
12:14:55.0679 1332 IpInIp - ok
12:14:55.0694 1332 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
12:14:55.0694 1332 IPMIDRV - ok
12:14:55.0741 1332 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:14:55.0741 1332 IPNAT - ok
12:14:55.0928 1332 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
12:14:55.0944 1332 iPod Service - ok
12:14:55.0975 1332 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:14:55.0975 1332 IRENUM - ok
12:14:55.0975 1332 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:14:55.0991 1332 isapnp - ok
12:14:56.0084 1332 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:14:56.0084 1332 iScsiPrt - ok
12:14:56.0100 1332 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:14:56.0100 1332 iteatapi - ok
12:14:56.0131 1332 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:14:56.0131 1332 iteraid - ok
12:14:56.0287 1332 jswpsapi (723ba0aec942e91c0a9ce146e73deceb) C:\Program Files\Jumpstart\jswpsapi.exe
12:14:56.0287 1332 jswpsapi - ok
12:14:56.0318 1332 jswpslwf (7e72514a3a1c5a9f3bff0660b3866c2b) C:\Windows\system32\DRIVERS\jswpslwf.sys
12:14:56.0318 1332 jswpslwf - ok
12:14:56.0349 1332 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:14:56.0349 1332 kbdclass - ok
12:14:56.0365 1332 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:14:56.0365 1332 kbdhid - ok
12:14:56.0412 1332 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:14:56.0412 1332 KeyIso - ok
12:14:56.0459 1332 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
12:14:56.0459 1332 KR10I - ok
12:14:56.0474 1332 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
12:14:56.0474 1332 KR10N - ok
12:14:56.0537 1332 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:14:56.0537 1332 KSecDD - ok
12:14:56.0583 1332 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
12:14:56.0583 1332 KtmRm - ok
12:14:56.0630 1332 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
12:14:56.0630 1332 LanmanServer - ok
12:14:56.0677 1332 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
12:14:56.0693 1332 LanmanWorkstation - ok
12:14:56.0942 1332 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:14:56.0973 1332 LiveUpdate - ok
12:14:56.0989 1332 LiveUpdate Notice Ex - ok
12:14:57.0129 1332 LiveUpdate Notice Service (2d1389e05a807d956829f44bd4b60389) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
12:14:57.0145 1332 LiveUpdate Notice Service - ok
12:14:57.0301 1332 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:14:57.0301 1332 lltdio - ok
12:14:57.0363 1332 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
12:14:57.0379 1332 lltdsvc - ok
12:14:57.0410 1332 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
12:14:57.0410 1332 lmhosts - ok
12:14:57.0457 1332 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:14:57.0457 1332 LSI_FC - ok
12:14:57.0473 1332 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:14:57.0473 1332 LSI_SAS - ok
12:14:57.0504 1332 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:14:57.0504 1332 LSI_SCSI - ok
12:14:57.0566 1332 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:14:57.0566 1332 luafv - ok
12:14:57.0738 1332 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
12:14:57.0738 1332 McComponentHostService - ok
12:14:57.0769 1332 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
12:14:57.0769 1332 Mcx2Svc - ok
12:14:57.0816 1332 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:14:57.0816 1332 megasas - ok
12:14:57.0878 1332 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:14:57.0878 1332 MegaSR - ok
12:14:57.0909 1332 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:14:57.0925 1332 MMCSS - ok
12:14:57.0956 1332 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:14:57.0956 1332 Modem - ok
12:14:58.0003 1332 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:14:58.0003 1332 monitor - ok
12:14:58.0019 1332 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:14:58.0019 1332 mouclass - ok
12:14:58.0034 1332 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:14:58.0034 1332 mouhid - ok
12:14:58.0081 1332 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:14:58.0081 1332 MountMgr - ok
12:14:58.0128 1332 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
12:14:58.0128 1332 MpFilter - ok
12:14:58.0159 1332 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
12:14:58.0159 1332 mpio - ok
12:14:58.0237 1332 MpKsl4b99bdc3 - ok
12:14:58.0253 1332 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
12:14:58.0253 1332 MpNWMon - ok
12:14:58.0284 1332 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:14:58.0284 1332 mpsdrv - ok
12:14:58.0331 1332 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
12:14:58.0331 1332 MpsSvc - ok
12:14:58.0346 1332 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:14:58.0346 1332 Mraid35x - ok
12:14:58.0409 1332 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:14:58.0409 1332 MRxDAV - ok
12:14:58.0440 1332 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:14:58.0440 1332 mrxsmb - ok
12:14:58.0518 1332 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:14:58.0518 1332 mrxsmb10 - ok
12:14:58.0533 1332 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:14:58.0533 1332 mrxsmb20 - ok
12:14:58.0549 1332 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
12:14:58.0549 1332 msahci - ok
12:14:58.0580 1332 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
12:14:58.0580 1332 msdsm - ok
12:14:58.0627 1332 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
12:14:58.0627 1332 MSDTC - ok
12:14:58.0705 1332 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:14:58.0705 1332 Msfs - ok
12:14:58.0767 1332 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:14:58.0767 1332 msisadrv - ok
12:14:58.0814 1332 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
12:14:58.0830 1332 MSiSCSI - ok
12:14:58.0830 1332 msiserver - ok
12:14:58.0908 1332 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:14:58.0908 1332 MSKSSRV - ok
12:14:59.0079 1332 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
12:14:59.0079 1332 MsMpSvc - ok
12:14:59.0111 1332 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:14:59.0111 1332 MSPCLOCK - ok
12:14:59.0173 1332 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:14:59.0173 1332 MSPQM - ok
12:14:59.0220 1332 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:14:59.0220 1332 MsRPC - ok
12:14:59.0267 1332 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:14:59.0267 1332 mssmbios - ok
12:14:59.0329 1332 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:14:59.0329 1332 MSTEE - ok
12:14:59.0360 1332 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:14:59.0360 1332 Mup - ok
12:14:59.0407 1332 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
12:14:59.0407 1332 napagent - ok
12:14:59.0485 1332 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:14:59.0485 1332 NativeWifiP - ok
12:14:59.0579 1332 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:14:59.0594 1332 NDIS - ok
12:14:59.0625 1332 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:14:59.0625 1332 NdisTapi - ok
12:14:59.0641 1332 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:14:59.0641 1332 Ndisuio - ok
12:14:59.0703 1332 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:14:59.0719 1332 NdisWan - ok
12:14:59.0735 1332 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:14:59.0735 1332 NDProxy - ok
12:14:59.0766 1332 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:14:59.0766 1332 NetBIOS - ok
12:14:59.0813 1332 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:14:59.0813 1332 netbt - ok
12:14:59.0859 1332 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:14:59.0859 1332 Netlogon - ok
12:14:59.0906 1332 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
12:14:59.0906 1332 Netman - ok
12:14:59.0922 1332 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
12:14:59.0937 1332 netprofm - ok
12:15:00.0093 1332 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:15:00.0093 1332 NetTcpPortSharing - ok
12:15:00.0203 1332 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:15:00.0203 1332 nfrd960 - ok
12:15:00.0249 1332 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:15:00.0249 1332 NisDrv - ok
12:15:00.0421 1332 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
12:15:00.0421 1332 NisSrv - ok
12:15:00.0483 1332 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
12:15:00.0483 1332 NlaSvc - ok
12:15:00.0515 1332 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:15:00.0515 1332 Npfs - ok
12:15:00.0530 1332 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
12:15:00.0530 1332 nsi - ok
12:15:00.0577 1332 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:15:00.0577 1332 nsiproxy - ok
12:15:00.0655 1332 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:15:00.0655 1332 Ntfs - ok
12:15:00.0702 1332 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:15:00.0702 1332 ntrigdigi - ok
12:15:00.0733 1332 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:15:00.0733 1332 Null - ok
12:15:00.0780 1332 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:15:00.0780 1332 nvraid - ok
12:15:00.0795 1332 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:15:00.0795 1332 nvstor - ok
12:15:00.0811 1332 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:15:00.0811 1332 nv_agp - ok
12:15:00.0827 1332 NwlnkFlt - ok
12:15:00.0842 1332 NwlnkFwd - ok
12:15:01.0014 1332 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:15:01.0014 1332 odserv - ok
12:15:01.0045 1332 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
12:15:01.0061 1332 ohci1394 - ok
12:15:01.0107 1332 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:01.0107 1332 ose - ok
12:15:01.0170 1332 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:15:01.0170 1332 p2pimsvc - ok
12:15:01.0201 1332 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:15:01.0201 1332 p2psvc - ok
12:15:01.0326 1332 PalmUSBD - ok
12:15:01.0388 1332 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:15:01.0388 1332 Parport - ok
12:15:01.0435 1332 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
12:15:01.0435 1332 partmgr - ok
12:15:01.0451 1332 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:15:01.0451 1332 Parvdm - ok
12:15:01.0497 1332 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
12:15:01.0497 1332 PcaSvc - ok
12:15:01.0513 1332 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:15:01.0513 1332 pci - ok
12:15:01.0560 1332 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:15:01.0560 1332 pciide - ok
12:15:01.0575 1332 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:15:01.0575 1332 pcmcia - ok
12:15:01.0669 1332 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:15:01.0669 1332 PEAUTH - ok
12:15:01.0778 1332 pinger (6dbf2ac2bdaff355995ab25eccc4cfe1) C:\TOSHIBA\IVP\ISM\pinger.exe
12:15:01.0778 1332 pinger - ok
12:15:01.0872 1332 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
12:15:01.0887 1332 pla - ok
12:15:01.0934 1332 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
12:15:01.0934 1332 PlugPlay - ok
12:15:01.0997 1332 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:15:02.0012 1332 PNRPAutoReg - ok
12:15:02.0028 1332 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:15:02.0043 1332 PNRPsvc - ok
12:15:02.0075 1332 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
12:15:02.0075 1332 PolicyAgent - ok
12:15:02.0184 1332 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:15:02.0184 1332 PptpMiniport - ok
12:15:02.0215 1332 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
12:15:02.0231 1332 Processor - ok
12:15:02.0262 1332 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
12:15:02.0262 1332 ProfSvc - ok
12:15:02.0309 1332 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:15:02.0309 1332 ProtectedStorage - ok
12:15:02.0340 1332 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:15:02.0340 1332 PSched - ok
12:15:02.0355 1332 PTDUBus (dbaf8a53d7669efb4742896b458181d0) C:\Windows\system32\DRIVERS\PTDUBus.sys
12:15:02.0355 1332 PTDUBus - ok
12:15:02.0418 1332 PTDUMdm (fa4e2a5cf478624d3154fb045fb2d076) C:\Windows\system32\DRIVERS\PTDUMdm.sys
12:15:02.0418 1332 PTDUMdm - ok
12:15:02.0433 1332 PTDUVsp (9c489b38ca13f251289004fe4f8631dd) C:\Windows\system32\DRIVERS\PTDUVsp.sys
12:15:02.0433 1332 PTDUVsp - ok
12:15:02.0449 1332 PTDUWFLT (37a75ac00d26364a5ea2050a6f85c2d0) C:\Windows\system32\DRIVERS\PTDUWFLT.sys
12:15:02.0449 1332 PTDUWFLT - ok
12:15:02.0480 1332 PTDUWWAN (f4a789a94ff74a47eb321be4465259d0) C:\Windows\system32\DRIVERS\PTDUWWAN.sys
12:15:02.0480 1332 PTDUWWAN - ok
12:15:02.0527 1332 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys
12:15:02.0527 1332 PxHelp20 - ok
12:15:02.0605 1332 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:15:02.0621 1332 ql2300 - ok
12:15:02.0636 1332 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:15:02.0636 1332 ql40xx - ok
12:15:02.0699 1332 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
12:15:02.0699 1332 QWAVE - ok
12:15:02.0730 1332 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:15:02.0730 1332 QWAVEdrv - ok
12:15:02.0839 1332 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
12:15:02.0839 1332 RapiMgr - ok
12:15:02.0870 1332 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:15:02.0870 1332 RasAcd - ok
12:15:02.0917 1332 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
12:15:02.0917 1332 RasAuto - ok
12:15:02.0948 1332 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:15:02.0948 1332 Rasl2tp - ok
12:15:03.0042 1332 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
12:15:03.0042 1332 RasMan - ok
12:15:03.0073 1332 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:15:03.0073 1332 RasPppoe - ok
12:15:03.0120 1332 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:15:03.0120 1332 RasSstp - ok
12:15:03.0135 1332 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:15:03.0135 1332 rdbss - ok
12:15:03.0151 1332 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:15:03.0151 1332 RDPCDD - ok
12:15:03.0213 1332 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
12:15:03.0213 1332 rdpdr - ok
12:15:03.0229 1332 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:15:03.0229 1332 RDPENCDD - ok
12:15:03.0245 1332 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
12:15:03.0260 1332 RDPWD - ok
12:15:03.0338 1332 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
12:15:03.0338 1332 RemoteAccess - ok
12:15:03.0369 1332 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
12:15:03.0385 1332 RemoteRegistry - ok
12:15:03.0416 1332 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
12:15:03.0416 1332 RpcLocator - ok
12:15:03.0463 1332 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:15:03.0463 1332 RpcSs - ok
12:15:03.0572 1332 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:15:03.0572 1332 rspndr - ok
12:15:03.0666 1332 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
12:15:03.0681 1332 RTL8169 - ok
12:15:03.0681 1332 RTSTOR (01c64783db1f40e1e3df67dd36199b35) C:\Windows\system32\drivers\RTSTOR.SYS
12:15:03.0697 1332 RTSTOR - ok
12:15:03.0744 1332 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:15:03.0744 1332 SamSs - ok
12:15:03.0759 1332 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:15:03.0759 1332 sbp2port - ok
12:15:03.0806 1332 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
12:15:03.0806 1332 SCardSvr - ok
12:15:03.0853 1332 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
12:15:03.0853 1332 Schedule - ok
12:15:03.0900 1332 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:15:03.0900 1332 SCPolicySvc - ok
12:15:03.0931 1332 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
12:15:03.0931 1332 SDRSVC - ok
12:15:04.0040 1332 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
12:15:04.0040 1332 SeaPort - ok
12:15:04.0149 1332 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:15:04.0149 1332 secdrv - ok
12:15:04.0181 1332 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
12:15:04.0196 1332 seclogon - ok
12:15:04.0212 1332 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
12:15:04.0212 1332 SENS - ok
12:15:04.0227 1332 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:15:04.0227 1332 Serenum - ok
12:15:04.0243 1332 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:15:04.0243 1332 Serial - ok
12:15:04.0259 1332 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:15:04.0259 1332 sermouse - ok
12:15:04.0290 1332 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
12:15:04.0305 1332 SessionEnv - ok
12:15:04.0321 1332 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
12:15:04.0321 1332 sffdisk - ok
12:15:04.0337 1332 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
12:15:04.0337 1332 sffp_mmc - ok
12:15:04.0352 1332 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
12:15:04.0352 1332 sffp_sd - ok
12:15:04.0368 1332 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:15:04.0368 1332 sfloppy - ok
12:15:04.0415 1332 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
12:15:04.0415 1332 SharedAccess - ok
12:15:04.0461 1332 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
12:15:04.0461 1332 ShellHWDetection - ok
12:15:04.0477 1332 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:15:04.0477 1332 sisagp - ok
12:15:04.0493 1332 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:15:04.0493 1332 SiSRaid2 - ok
12:15:04.0508 1332 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:15:04.0508 1332 SiSRaid4 - ok
12:15:04.0649 1332 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
12:15:04.0664 1332 slsvc - ok
12:15:04.0742 1332 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
12:15:04.0742 1332 SLUINotify - ok
12:15:04.0789 1332 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:15:04.0789 1332 Smb - ok
12:15:04.0836 1332 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
12:15:04.0836 1332 SNMPTRAP - ok
12:15:04.0867 1332 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:15:04.0883 1332 spldr - ok
12:15:04.0914 1332 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
12:15:04.0929 1332 Spooler - ok
12:15:04.0961 1332 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:15:04.0976 1332 srv - ok
12:15:05.0007 1332 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:15:05.0007 1332 srv2 - ok
12:15:05.0039 1332 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:15:05.0039 1332 srvnet - ok
12:15:05.0070 1332 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
12:15:05.0085 1332 SSDPSRV - ok
12:15:05.0148 1332 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
12:15:05.0148 1332 SstpSvc - ok
12:15:05.0273 1332 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
12:15:05.0273 1332 stisvc - ok
12:15:05.0304 1332 SVRPEDRV - ok
12:15:05.0413 1332 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:15:05.0413 1332 swenum - ok
12:15:05.0475 1332 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
12:15:05.0475 1332 swprv - ok
12:15:05.0569 1332 Swupdtmr (e1292c1ed4deb17b8a9b586d22cb2061) c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
12:15:05.0585 1332 Swupdtmr - ok
12:15:05.0600 1332 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:15:05.0600 1332 Symc8xx - ok
12:15:05.0616 1332 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:15:05.0616 1332 Sym_hi - ok
12:15:05.0631 1332 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:15:05.0631 1332 Sym_u3 - ok
12:15:05.0663 1332 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
12:15:05.0678 1332 SynTP - ok
12:15:05.0741 1332 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
12:15:05.0756 1332 SysMain - ok
12:15:05.0787 1332 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
12:15:05.0787 1332 TabletInputService - ok
12:15:05.0850 1332 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
12:15:05.0850 1332 TapiSrv - ok
12:15:05.0865 1332 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
12:15:05.0865 1332 TBS - ok
12:15:05.0990 1332 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
12:15:05.0990 1332 Tcpip - ok
12:15:06.0037 1332 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
12:15:06.0053 1332 Tcpip6 - ok
12:15:06.0099 1332 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
12:15:06.0099 1332 tcpipreg - ok
12:15:06.0131 1332 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:15:06.0131 1332 tdcmdpst - ok
12:15:06.0177 1332 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:15:06.0177 1332 TDPIPE - ok
12:15:06.0209 1332 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:15:06.0209 1332 TDTCP - ok
12:15:06.0240 1332 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:15:06.0240 1332 tdx - ok
12:15:06.0255 1332 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:15:06.0255 1332 TermDD - ok
12:15:06.0318 1332 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
12:15:06.0318 1332 TermService - ok
12:15:06.0365 1332 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
12:15:06.0365 1332 Themes - ok
12:15:06.0396 1332 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:15:06.0396 1332 THREADORDER - ok
12:15:06.0567 1332 TNaviSrv (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
12:15:06.0567 1332 TNaviSrv - ok
12:15:06.0630 1332 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
12:15:06.0630 1332 TODDSrv - ok
12:15:06.0755 1332 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:15:06.0755 1332 TosCoSrv - ok
12:15:06.0848 1332 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
12:15:06.0848 1332 TOSHIBA SMART Log Service - ok
12:15:06.0989 1332 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
12:15:06.0989 1332 tos_sps32 - ok
12:15:07.0051 1332 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
12:15:07.0051 1332 TrkWks - ok
12:15:07.0098 1332 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
12:15:07.0098 1332 TrustedInstaller - ok
12:15:07.0145 1332 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:15:07.0145 1332 tssecsrv - ok
12:15:07.0207 1332 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:15:07.0207 1332 tunmp - ok
12:15:07.0223 1332 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:15:07.0223 1332 tunnel - ok
12:15:07.0238 1332 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:15:07.0238 1332 TVALZ - ok
12:15:07.0254 1332 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:15:07.0254 1332 uagp35 - ok
12:15:07.0285 1332 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:15:07.0301 1332 udfs - ok
12:15:07.0316 1332 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
12:15:07.0316 1332 UI0Detect - ok
12:15:07.0472 1332 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
12:15:07.0472 1332 UleadBurningHelper - ok
12:15:07.0597 1332 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:15:07.0597 1332 uliagpkx - ok
12:15:07.0613 1332 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:15:07.0613 1332 uliahci - ok
12:15:07.0628 1332 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:15:07.0628 1332 UlSata - ok
12:15:07.0644 1332 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:15:07.0644 1332 ulsata2 - ok
12:15:07.0659 1332 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:15:07.0659 1332 umbus - ok
12:15:07.0722 1332 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
12:15:07.0722 1332 upnphost - ok
12:15:07.0831 1332 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
12:15:07.0831 1332 USBAAPL - ok
12:15:07.0862 1332 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:15:07.0862 1332 usbccgp - ok
12:15:07.0940 1332 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:15:07.0940 1332 usbcir - ok
12:15:07.0956 1332 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:15:07.0956 1332 usbehci - ok
12:15:07.0971 1332 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:15:07.0971 1332 usbhub - ok
12:15:07.0987 1332 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
12:15:07.0987 1332 usbohci - ok
12:15:08.0003 1332 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:15:08.0003 1332 usbprint - ok
12:15:08.0065 1332 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
12:15:08.0065 1332 usbscan - ok
12:15:08.0081 1332 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:15:08.0081 1332 USBSTOR - ok
12:15:08.0096 1332 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:15:08.0096 1332 usbuhci - ok
12:15:08.0127 1332 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
12:15:08.0143 1332 usbvideo - ok
12:15:08.0174 1332 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
12:15:08.0174 1332 usb_rndisx - ok
12:15:08.0190 1332 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
12:15:08.0190 1332 UVCFTR - ok
12:15:08.0237 1332 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
12:15:08.0237 1332 UxSms - ok
12:15:08.0283 1332 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
12:15:08.0283 1332 vds - ok
12:15:08.0299 1332 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:15:08.0299 1332 vga - ok
12:15:08.0346 1332 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:15:08.0346 1332 VgaSave - ok
12:15:08.0361 1332 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:15:08.0361 1332 viaagp - ok
12:15:08.0377 1332 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:15:08.0377 1332 ViaC7 - ok
12:15:08.0393 1332 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
12:15:08.0393 1332 viaide - ok
12:15:08.0408 1332 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:15:08.0408 1332 volmgr - ok
12:15:08.0439 1332 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:15:08.0439 1332 volmgrx - ok
12:15:08.0502 1332 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:15:08.0502 1332 volsnap - ok
12:15:08.0517 1332 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:15:08.0533 1332 vsmraid - ok
12:15:08.0611 1332 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
12:15:08.0627 1332 VSS - ok
12:15:08.0658 1332 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
12:15:08.0673 1332 W32Time - ok
12:15:08.0689 1332 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:15:08.0689 1332 WacomPen - ok
12:15:08.0720 1332 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:15:08.0720 1332 Wanarp - ok
12:15:08.0720 1332 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:15:08.0720 1332 Wanarpv6 - ok
12:15:08.0861 1332 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
12:15:08.0861 1332 WcesComm - ok
12:15:08.0939 1332 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
12:15:08.0939 1332 wcncsvc - ok
12:15:08.0970 1332 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
12:15:08.0985 1332 WcsPlugInService - ok
12:15:09.0017 1332 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:15:09.0017 1332 Wd - ok
12:15:09.0048 1332 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:15:09.0048 1332 Wdf01000 - ok
12:15:09.0079 1332 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:15:09.0095 1332 WdiServiceHost - ok
12:15:09.0095 1332 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:15:09.0095 1332 WdiSystemHost - ok
12:15:09.0141 1332 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
12:15:09.0141 1332 WebClient - ok
12:15:09.0188 1332 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
12:15:09.0188 1332 Wecsvc - ok
12:15:09.0204 1332 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
12:15:09.0204 1332 wercplsupport - ok
12:15:09.0235 1332 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
12:15:09.0235 1332 WerSvc - ok
12:15:09.0329 1332 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
12:15:09.0329 1332 WinDefend - ok
12:15:09.0344 1332 WinHttpAutoProxySvc - ok
12:15:09.0407 1332 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
12:15:09.0407 1332 Winmgmt - ok
12:15:09.0469 1332 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
12:15:09.0485 1332 WinRM - ok
12:15:09.0594 1332 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
12:15:09.0594 1332 winusb - ok
12:15:09.0656 1332 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
12:15:09.0672 1332 Wlansvc - ok
12:15:09.0812 1332 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:15:09.0812 1332 wlcrasvc - ok
12:15:09.0968 1332 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:15:09.0968 1332 wlidsvc - ok
12:15:10.0140 1332 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
12:15:10.0140 1332 WmiAcpi - ok
12:15:10.0233 1332 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
12:15:10.0233 1332 wmiApSrv - ok
12:15:10.0327 1332 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:15:10.0343 1332 WMPNetworkSvc - ok
12:15:10.0358 1332 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
12:15:10.0374 1332 WPCSvc - ok
12:15:10.0452 1332 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
12:15:10.0452 1332 WPDBusEnum - ok
12:15:10.0608 1332 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:15:10.0623 1332 WpdUsb - ok
12:15:10.0904 1332 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:15:10.0904 1332 WPFFontCache_v0400 - ok
12:15:10.0951 1332 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:15:10.0951 1332 ws2ifsl - ok
12:15:10.0998 1332 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
12:15:10.0998 1332 wscsvc - ok
12:15:10.0998 1332 WSearch - ok
12:15:11.0107 1332 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
12:15:11.0123 1332 wuauserv - ok
12:15:11.0154 1332 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:15:11.0154 1332 WUDFRd - ok
12:15:11.0201 1332 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
12:15:11.0201 1332 wudfsvc - ok
12:15:11.0294 1332 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
12:15:11.0357 1332 \Device\Harddisk0\DR0 - ok
12:15:11.0357 1332 Boot (0x1200) (d138f9ddcba85c47c99311a4bf71f2fa) \Device\Harddisk0\DR0\Partition0
12:15:11.0357 1332 \Device\Harddisk0\DR0\Partition0 - ok
12:15:11.0372 1332 ============================================================
12:15:11.0372 1332 Scan finished
12:15:11.0372 1332 ============================================================
12:15:11.0388 1272 Detected object count: 0
12:15:11.0388 1272 Actual detected object count: 0
12:15:16.0380 1744 Deinitialize success

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:05 PM

Posted 03 April 2012 - 04:49 PM

Hello,

And the Combofix log? How is the machine running after Combofix has been ran?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 buck6691

buck6691
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 03 April 2012 - 05:47 PM

could not run combofix till I get MS Security Essentials disabled or removed. I cannot remove it because it is in safe mode and gives me an error code (0x8004FF11 )...indicating that I must get to the install wizard b4 removal. Should I try removing MS Security Essentials through the Registry Editor?

#6 buck6691

buck6691
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 03 April 2012 - 08:40 PM

Ran Combofix, although I am not sure if I disabled Essentials through Microsoft support instructions to get it to run. Combofix:

ComboFix 12-04-03.02 - dje 04/03/2012 18:58:05.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2941.2409 [GMT -5:00]
Running from: c:\users\dje\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\config\systemprofile\1e3dc425-5762.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2012-03-04 to 2012-04-04 )))))))))))))))))))))))))))))))
.
.
2012-04-04 00:06 . 2012-04-04 00:06 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-04-04 00:06 . 2012-04-04 00:08 -------- d-----w- c:\users\dje\AppData\Local\temp
2012-04-04 00:06 . 2012-04-04 00:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-02 18:13 . 2012-04-02 18:13 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-02 18:01 . 2012-02-09 18:17 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03B313FD-3C45-443B-8133-7373CDA755B0}\gapaengine.dll
2012-03-30 03:26 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52586650-325D-47BE-99DF-E0FC57071453}\mpengine.dll
2012-03-26 02:05 . 2012-03-26 02:06 -------- d--h--w- c:\users\dje\AppData\Roaming\Byqain
2012-03-26 01:31 . 2012-03-26 01:31 -------- d--h--w- c:\program files\NirSoft
2012-03-14 05:14 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-14 04:58 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 04:58 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 04:58 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 04:58 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 04:58 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-14 04:58 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-13 23:29 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-13 23:29 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-13 07:02 . 2011-08-11 22:00 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-02-08 06:03 . 2011-05-21 16:37 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2009-10-02 23:30 237072 ----a-w- c:\windows\system32\MpSigStub.exe
2012-01-30 19:08 . 2012-01-30 19:08 0 ---ha-w- c:\users\dje\AppData\Local\BIT4D88.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-16 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-30 4911104]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-26 413696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
"NDSTray.exe"="NDSTray.exe" [BU]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"DLCXCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]
.
c:\users\dje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
TurboApps WinMobile Conduit.lnk - c:\users\dje\AppData\Roaming\Microsoft\Installer\{0F321D2E-F1D6-42EC-A946-2181CA76BDA6}\_B2EA742869F2F0FEF1D448.exe [2010-3-26 18670]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-08-31 06:51 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-01-27 23:40 133104 ----atw- c:\users\dje\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-07-19 23:29 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - PXHELP20
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-16 17:41]
.
2012-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-16 17:41]
.
2012-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3108643506-636927696-2022615235-1000Core.job
- c:\users\dje\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-27 23:40]
.
2012-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3108643506-636927696-2022615235-1000UA.job
- c:\users\dje\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-27 23:40]
.
2012-04-02 c:\windows\Tasks\User_Feed_Synchronization-{941FC98D-A7EF-4D39-9913-D071F6301A4B}.job
- c:\windows\system32\msfeedssync.exe [2012-02-20 04:44]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
TCP: DhcpNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-VNFgalygGdHd.exe - c:\programdata\VNFgalygGdHd.exe
HKCU-Run-toscdspd - TOSCDSPD.EXE
HKLM-Run-jswtrayutil - c:\program files\Jumpstart\jswtrayutil.exe
HKLM-Run-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
HKLM-Run-Malwarebytes' Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-03 19:08
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-04-03 19:10:28
ComboFix-quarantined-files.txt 2012-04-04 00:10
.
Pre-Run: 174,782,922,752 bytes free
Post-Run: 174,780,723,200 bytes free
.
- - End Of File - - 81D26F9E4204BF1034A7BEFDE67D4F50


Also ran TDSSKiller:20:25:10.0796 5272 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
20:25:12.0809 5272 ============================================================
20:25:12.0809 5272 Current date / time: 2012/04/03 20:25:12.0809
20:25:12.0809 5272 SystemInfo:
20:25:12.0809 5272
20:25:12.0809 5272 OS Version: 6.0.6002 ServicePack: 2.0
20:25:12.0809 5272 Product type: Workstation
20:25:12.0809 5272 ComputerName: DJE-PC
20:25:12.0809 5272 UserName: dje
20:25:12.0809 5272 Windows directory: C:\Windows
20:25:12.0809 5272 System windows directory: C:\Windows
20:25:12.0809 5272 Processor architecture: Intel x86
20:25:12.0809 5272 Number of processors: 2
20:25:12.0809 5272 Page size: 0x1000
20:25:12.0809 5272 Boot type: Normal boot
20:25:12.0809 5272 ============================================================
20:25:19.0642 5272 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:25:19.0657 5272 \Device\Harddisk0\DR0:
20:25:19.0657 5272 MBR used
20:25:19.0657 5272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000
20:25:19.0720 5272 Initialize success
20:25:19.0720 5272 ============================================================
20:25:26.0365 5244 ============================================================
20:25:26.0365 5244 Scan started
20:25:26.0365 5244 Mode: Manual;
20:25:26.0365 5244 ============================================================
20:25:27.0317 5244 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:25:27.0332 5244 ACPI - ok
20:25:27.0395 5244 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:25:27.0395 5244 adp94xx - ok
20:25:27.0442 5244 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:25:27.0442 5244 adpahci - ok
20:25:27.0457 5244 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:25:27.0457 5244 adpu160m - ok
20:25:27.0551 5244 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:25:27.0566 5244 adpu320 - ok
20:25:27.0660 5244 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:25:27.0660 5244 AeLookupSvc - ok
20:25:27.0754 5244 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:25:27.0754 5244 AFD - ok
20:25:27.0847 5244 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
20:25:27.0847 5244 AgereModemAudio - ok
20:25:27.0988 5244 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
20:25:28.0003 5244 AgereSoftModem - ok
20:25:28.0081 5244 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:25:28.0081 5244 agp440 - ok
20:25:28.0222 5244 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:25:28.0222 5244 aic78xx - ok
20:25:28.0315 5244 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:25:28.0315 5244 ALG - ok
20:25:28.0331 5244 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:25:28.0331 5244 aliide - ok
20:25:28.0346 5244 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:25:28.0346 5244 amdagp - ok
20:25:28.0456 5244 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:25:28.0456 5244 amdide - ok
20:25:28.0471 5244 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:25:28.0471 5244 AmdK7 - ok
20:25:28.0487 5244 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:25:28.0502 5244 AmdK8 - ok
20:25:28.0565 5244 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:25:28.0580 5244 Appinfo - ok
20:25:28.0924 5244 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:25:28.0924 5244 Apple Mobile Device - ok
20:25:29.0236 5244 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:25:29.0236 5244 arc - ok
20:25:29.0485 5244 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:25:29.0485 5244 arcsas - ok
20:25:29.0579 5244 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:25:29.0579 5244 AsyncMac - ok
20:25:29.0610 5244 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:25:29.0610 5244 atapi - ok
20:25:29.0719 5244 athr (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys
20:25:29.0735 5244 athr - ok
20:25:29.0844 5244 Ati External Event Utility (581b9be9e92a0f3856cc85ec011edc6f) C:\Windows\system32\Ati2evxx.exe
20:25:29.0844 5244 Ati External Event Utility - ok
20:25:30.0109 5244 atikmdag (22d300f835600c9c634860cf2912f9cf) C:\Windows\system32\DRIVERS\atikmdag.sys
20:25:30.0125 5244 atikmdag - ok
20:25:30.0187 5244 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:25:30.0187 5244 AtiPcie - ok
20:25:30.0390 5244 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:25:30.0390 5244 AudioEndpointBuilder - ok
20:25:30.0406 5244 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:25:30.0406 5244 Audiosrv - ok
20:25:30.0655 5244 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:25:30.0655 5244 BBSvc - ok
20:25:30.0874 5244 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:25:30.0874 5244 Beep - ok
20:25:31.0045 5244 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:25:31.0061 5244 BFE - ok
20:25:31.0248 5244 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
20:25:31.0264 5244 BITS - ok
20:25:31.0388 5244 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:25:31.0388 5244 blbdrive - ok
20:25:31.0576 5244 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
20:25:31.0591 5244 Bonjour Service - ok
20:25:31.0685 5244 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:25:31.0685 5244 bowser - ok
20:25:31.0778 5244 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:25:31.0778 5244 BrFiltLo - ok
20:25:31.0856 5244 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:25:31.0856 5244 BrFiltUp - ok
20:25:31.0950 5244 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:25:31.0950 5244 Browser - ok
20:25:31.0997 5244 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:25:31.0997 5244 Brserid - ok
20:25:32.0075 5244 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:25:32.0075 5244 BrSerWdm - ok
20:25:32.0106 5244 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:25:32.0106 5244 BrUsbMdm - ok
20:25:32.0231 5244 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:25:32.0231 5244 BrUsbSer - ok
20:25:32.0246 5244 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:25:32.0262 5244 BTHMODEM - ok
20:25:32.0356 5244 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
20:25:32.0356 5244 BthServ - ok
20:25:32.0480 5244 catchme - ok
20:25:32.0590 5244 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:25:32.0590 5244 cdfs - ok
20:25:32.0683 5244 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\Windows\system32\drivers\Cdr4_xp.sys
20:25:32.0683 5244 Cdr4_xp - ok
20:25:32.0730 5244 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\Windows\system32\drivers\Cdralw2k.sys
20:25:32.0730 5244 Cdralw2k - ok
20:25:32.0824 5244 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:25:32.0824 5244 cdrom - ok
20:25:32.0917 5244 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:25:32.0917 5244 CertPropSvc - ok
20:25:32.0964 5244 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:25:32.0964 5244 circlass - ok
20:25:33.0120 5244 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:25:33.0120 5244 CLFS - ok
20:25:33.0385 5244 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:25:33.0385 5244 clr_optimization_v2.0.50727_32 - ok
20:25:33.0635 5244 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:25:33.0635 5244 clr_optimization_v4.0.30319_32 - ok
20:25:33.0744 5244 CLTNetCnService - ok
20:25:34.0165 5244 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:25:34.0165 5244 CmBatt - ok
20:25:34.0181 5244 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:25:34.0181 5244 cmdide - ok
20:25:34.0212 5244 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:25:34.0212 5244 Compbatt - ok
20:25:34.0228 5244 COMSysApp - ok
20:25:34.0462 5244 ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
20:25:34.0462 5244 ConfigFree Service - ok
20:25:34.0477 5244 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:25:34.0477 5244 crcdisk - ok
20:25:34.0586 5244 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:25:34.0586 5244 Crusoe - ok
20:25:34.0680 5244 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
20:25:34.0680 5244 CryptSvc - ok
20:25:34.0805 5244 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:25:34.0805 5244 DcomLaunch - ok
20:25:34.0852 5244 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:25:34.0852 5244 DfsC - ok
20:25:35.0039 5244 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:25:35.0086 5244 DFSR - ok
20:25:35.0242 5244 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:25:35.0242 5244 Dhcp - ok
20:25:35.0460 5244 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:25:35.0460 5244 disk - ok
20:25:35.0538 5244 dlcx_device - ok
20:25:35.0647 5244 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:25:35.0647 5244 Dnscache - ok
20:25:35.0756 5244 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:25:35.0756 5244 dot3svc - ok
20:25:35.0819 5244 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:25:35.0819 5244 DPS - ok
20:25:35.0990 5244 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:25:35.0990 5244 drmkaud - ok
20:25:36.0084 5244 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:25:36.0084 5244 DXGKrnl - ok
20:25:36.0162 5244 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:25:36.0162 5244 E1G60 - ok
20:25:36.0209 5244 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:25:36.0209 5244 EapHost - ok
20:25:36.0334 5244 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:25:36.0334 5244 Ecache - ok
20:25:36.0646 5244 eeCtrl (70aeac5d481b2904b40f2173e280b1b5) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:25:36.0661 5244 eeCtrl - ok
20:25:36.0989 5244 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:25:36.0989 5244 ehRecvr - ok
20:25:37.0129 5244 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:25:37.0129 5244 ehSched - ok
20:25:37.0145 5244 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:25:37.0145 5244 ehstart - ok
20:25:37.0550 5244 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:25:37.0550 5244 elxstor - ok
20:25:37.0660 5244 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:25:37.0660 5244 EMDMgmt - ok
20:25:37.0847 5244 EraserUtilRebootDrv (00bd6fc4a873d3341dcf9aef2d3c841e) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:25:37.0862 5244 EraserUtilRebootDrv - ok
20:25:38.0174 5244 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:25:38.0174 5244 ErrDev - ok
20:25:38.0268 5244 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:25:38.0268 5244 EventSystem - ok
20:25:38.0486 5244 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:25:38.0486 5244 exfat - ok
20:25:38.0642 5244 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:25:38.0642 5244 fastfat - ok
20:25:38.0705 5244 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:25:38.0705 5244 fdc - ok
20:25:39.0032 5244 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:25:39.0032 5244 fdPHost - ok
20:25:39.0064 5244 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:25:39.0064 5244 FDResPub - ok
20:25:39.0173 5244 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:25:39.0173 5244 FileInfo - ok
20:25:39.0188 5244 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:25:39.0188 5244 Filetrace - ok
20:25:39.0204 5244 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:25:39.0204 5244 flpydisk - ok
20:25:39.0329 5244 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:25:39.0329 5244 FltMgr - ok
20:25:39.0454 5244 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:25:39.0469 5244 FontCache - ok
20:25:39.0641 5244 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:25:39.0641 5244 FontCache3.0.0.0 - ok
20:25:39.0703 5244 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
20:25:39.0703 5244 fssfltr - ok
20:25:39.0890 5244 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:25:39.0906 5244 fsssvc - ok
20:25:39.0984 5244 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:25:39.0984 5244 Fs_Rec - ok
20:25:40.0109 5244 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
20:25:40.0109 5244 FwLnk - ok
20:25:40.0124 5244 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:25:40.0124 5244 gagp30kx - ok
20:25:40.0312 5244 GameConsoleService (01a5829dd261b4f3dd66d7e9f9b973f5) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
20:25:40.0312 5244 GameConsoleService - ok
20:25:40.0374 5244 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:25:40.0374 5244 GEARAspiWDM - ok
20:25:40.0514 5244 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:25:40.0514 5244 GoogleDesktopManager-051210-111108 - ok
20:25:40.0592 5244 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:25:40.0592 5244 gpsvc - ok
20:25:40.0702 5244 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:25:40.0702 5244 gupdate - ok
20:25:40.0733 5244 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:25:40.0733 5244 gupdatem - ok
20:25:40.0842 5244 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:25:40.0842 5244 gusvc - ok
20:25:41.0138 5244 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:25:41.0154 5244 HdAudAddService - ok
20:25:41.0294 5244 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:25:41.0310 5244 HDAudBus - ok
20:25:41.0372 5244 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:25:41.0372 5244 HidBth - ok
20:25:41.0388 5244 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:25:41.0388 5244 HidIr - ok
20:25:41.0435 5244 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
20:25:41.0435 5244 hidserv - ok
20:25:41.0466 5244 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:25:41.0466 5244 HidUsb - ok
20:25:41.0544 5244 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:25:41.0544 5244 hkmsvc - ok
20:25:41.0606 5244 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:25:41.0606 5244 HpCISSs - ok
20:25:41.0653 5244 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:25:41.0669 5244 HTTP - ok
20:25:41.0700 5244 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:25:41.0700 5244 i2omp - ok
20:25:41.0762 5244 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:25:41.0762 5244 i8042prt - ok
20:25:41.0794 5244 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:25:41.0794 5244 iaStorV - ok
20:25:41.0950 5244 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:25:41.0950 5244 IDriverT - ok
20:25:42.0324 5244 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:25:42.0340 5244 idsvc - ok
20:25:42.0589 5244 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:25:42.0589 5244 iirsp - ok
20:25:42.0714 5244 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:25:42.0730 5244 IKEEXT - ok
20:25:42.0948 5244 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
20:25:42.0964 5244 IntcAzAudAddService - ok
20:25:43.0026 5244 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:25:43.0026 5244 intelide - ok
20:25:43.0073 5244 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:25:43.0073 5244 intelppm - ok
20:25:43.0104 5244 IO_Memory - ok
20:25:43.0244 5244 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:25:43.0244 5244 IPBusEnum - ok
20:25:43.0276 5244 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:25:43.0291 5244 IpFilterDriver - ok
20:25:43.0432 5244 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:25:43.0432 5244 iphlpsvc - ok
20:25:43.0463 5244 IpInIp - ok
20:25:43.0510 5244 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:25:43.0510 5244 IPMIDRV - ok
20:25:43.0603 5244 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:25:43.0603 5244 IPNAT - ok
20:25:43.0837 5244 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
20:25:43.0853 5244 iPod Service - ok
20:25:43.0931 5244 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:25:43.0931 5244 IRENUM - ok
20:25:44.0352 5244 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:25:44.0368 5244 isapnp - ok
20:25:44.0446 5244 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:25:44.0461 5244 iScsiPrt - ok
20:25:44.0477 5244 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:25:44.0477 5244 iteatapi - ok
20:25:44.0492 5244 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:25:44.0492 5244 iteraid - ok
20:25:44.0680 5244 jswpsapi (723ba0aec942e91c0a9ce146e73deceb) C:\Program Files\Jumpstart\jswpsapi.exe
20:25:44.0695 5244 jswpsapi - ok
20:25:44.0820 5244 jswpslwf (7e72514a3a1c5a9f3bff0660b3866c2b) C:\Windows\system32\DRIVERS\jswpslwf.sys
20:25:44.0820 5244 jswpslwf - ok
20:25:44.0851 5244 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:25:44.0851 5244 kbdclass - ok
20:25:44.0882 5244 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:25:44.0882 5244 kbdhid - ok
20:25:44.0945 5244 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:25:44.0945 5244 KeyIso - ok
20:25:45.0054 5244 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
20:25:45.0054 5244 KR10I - ok
20:25:45.0132 5244 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
20:25:45.0132 5244 KR10N - ok
20:25:45.0210 5244 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:25:45.0210 5244 KSecDD - ok
20:25:45.0288 5244 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:25:45.0304 5244 KtmRm - ok
20:25:45.0382 5244 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
20:25:45.0382 5244 LanmanServer - ok
20:25:45.0460 5244 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:25:45.0460 5244 LanmanWorkstation - ok
20:25:45.0943 5244 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
20:25:46.0006 5244 LiveUpdate - ok
20:25:46.0115 5244 LiveUpdate Notice Ex - ok
20:25:46.0286 5244 LiveUpdate Notice Service (2d1389e05a807d956829f44bd4b60389) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
20:25:46.0302 5244 LiveUpdate Notice Service - ok
20:25:46.0630 5244 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:25:46.0630 5244 lltdio - ok
20:25:46.0786 5244 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:25:46.0801 5244 lltdsvc - ok
20:25:46.0832 5244 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:25:46.0832 5244 lmhosts - ok
20:25:46.0926 5244 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:25:46.0926 5244 LSI_FC - ok
20:25:46.0988 5244 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:25:46.0988 5244 LSI_SAS - ok
20:25:47.0082 5244 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:25:47.0082 5244 LSI_SCSI - ok
20:25:47.0176 5244 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:25:47.0176 5244 luafv - ok
20:25:47.0207 5244 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:25:47.0207 5244 Mcx2Svc - ok
20:25:47.0269 5244 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:25:47.0269 5244 megasas - ok
20:25:47.0332 5244 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:25:47.0332 5244 MegaSR - ok
20:25:47.0394 5244 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:25:47.0394 5244 MMCSS - ok
20:25:47.0488 5244 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:25:47.0488 5244 Modem - ok
20:25:47.0534 5244 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:25:47.0534 5244 monitor - ok
20:25:47.0550 5244 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:25:47.0550 5244 mouclass - ok
20:25:47.0581 5244 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:25:47.0581 5244 mouhid - ok
20:25:47.0597 5244 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:25:47.0612 5244 MountMgr - ok
20:25:47.0690 5244 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
20:25:47.0690 5244 MpFilter - ok
20:25:47.0722 5244 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:25:47.0722 5244 mpio - ok
20:25:47.0815 5244 MpKsl4b99bdc3 - ok
20:25:47.0909 5244 MpKslac9b8673 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{52586650-325D-47BE-99DF-E0FC57071453}\MpKslac9b8673.sys
20:25:47.0909 5244 MpKslac9b8673 - ok
20:25:48.0112 5244 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:25:48.0112 5244 MpNWMon - ok
20:25:48.0174 5244 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:25:48.0174 5244 mpsdrv - ok
20:25:48.0283 5244 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:25:48.0299 5244 MpsSvc - ok
20:25:48.0314 5244 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:25:48.0314 5244 Mraid35x - ok
20:25:48.0377 5244 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:25:48.0377 5244 MRxDAV - ok
20:25:48.0517 5244 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:48.0517 5244 mrxsmb - ok
20:25:48.0595 5244 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:48.0595 5244 mrxsmb10 - ok
20:25:48.0689 5244 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:48.0689 5244 mrxsmb20 - ok
20:25:48.0798 5244 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
20:25:48.0814 5244 msahci - ok
20:25:48.0876 5244 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:25:48.0876 5244 msdsm - ok
20:25:48.0923 5244 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:25:48.0923 5244 MSDTC - ok
20:25:49.0032 5244 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:25:49.0032 5244 Msfs - ok
20:25:49.0110 5244 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:25:49.0110 5244 msisadrv - ok
20:25:49.0188 5244 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:25:49.0204 5244 MSiSCSI - ok
20:25:49.0250 5244 msiserver - ok
20:25:49.0344 5244 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:25:49.0344 5244 MSKSSRV - ok
20:25:49.0812 5244 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:25:49.0812 5244 MsMpSvc - ok
20:25:50.0046 5244 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:50.0062 5244 MSPCLOCK - ok
20:25:50.0140 5244 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:25:50.0140 5244 MSPQM - ok
20:25:50.0311 5244 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:25:50.0327 5244 MsRPC - ok
20:25:50.0405 5244 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:25:50.0405 5244 mssmbios - ok
20:25:50.0514 5244 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:25:50.0514 5244 MSTEE - ok
20:25:50.0576 5244 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:25:50.0576 5244 Mup - ok
20:25:50.0654 5244 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:25:50.0670 5244 napagent - ok
20:25:50.0748 5244 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:25:50.0764 5244 NativeWifiP - ok
20:25:50.0826 5244 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:25:50.0842 5244 NDIS - ok
20:25:50.0920 5244 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:50.0935 5244 NdisTapi - ok
20:25:50.0966 5244 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:50.0966 5244 Ndisuio - ok
20:25:51.0107 5244 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:51.0122 5244 NdisWan - ok
20:25:51.0169 5244 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:25:51.0169 5244 NDProxy - ok
20:25:51.0200 5244 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:25:51.0200 5244 NetBIOS - ok
20:25:51.0247 5244 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:25:51.0247 5244 netbt - ok
20:25:51.0325 5244 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:25:51.0325 5244 Netlogon - ok
20:25:51.0372 5244 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:25:51.0372 5244 Netman - ok
20:25:51.0434 5244 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:25:51.0450 5244 netprofm - ok
20:25:51.0715 5244 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:25:51.0715 5244 NetTcpPortSharing - ok
20:25:51.0871 5244 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:25:51.0871 5244 nfrd960 - ok
20:25:51.0918 5244 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:25:51.0918 5244 NisDrv - ok
20:25:52.0136 5244 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:25:52.0136 5244 NisSrv - ok
20:25:52.0214 5244 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:25:52.0214 5244 NlaSvc - ok
20:25:52.0370 5244 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:25:52.0370 5244 Npfs - ok
20:25:52.0417 5244 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:25:52.0417 5244 nsi - ok
20:25:52.0511 5244 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:25:52.0511 5244 nsiproxy - ok
20:25:52.0620 5244 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:25:52.0636 5244 Ntfs - ok
20:25:52.0682 5244 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:25:52.0682 5244 ntrigdigi - ok
20:25:52.0776 5244 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:25:52.0776 5244 Null - ok
20:25:52.0823 5244 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:25:52.0823 5244 nvraid - ok
20:25:52.0885 5244 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:25:52.0885 5244 nvstor - ok
20:25:52.0932 5244 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:25:52.0932 5244 nv_agp - ok
20:25:53.0041 5244 NwlnkFlt - ok
20:25:53.0057 5244 NwlnkFwd - ok
20:25:53.0338 5244 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:25:53.0353 5244 odserv - ok
20:25:53.0462 5244 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
20:25:53.0462 5244 ohci1394 - ok
20:25:53.0556 5244 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:25:53.0556 5244 ose - ok
20:25:53.0665 5244 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:25:53.0665 5244 p2pimsvc - ok
20:25:53.0712 5244 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:25:53.0728 5244 p2psvc - ok
20:25:53.0915 5244 PalmUSBD - ok
20:25:53.0993 5244 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:25:53.0993 5244 Parport - ok
20:25:54.0086 5244 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:25:54.0086 5244 partmgr - ok
20:25:54.0118 5244 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:25:54.0133 5244 Parvdm - ok
20:25:54.0258 5244 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:25:54.0258 5244 PcaSvc - ok
20:25:54.0336 5244 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:25:54.0336 5244 pci - ok
20:25:54.0383 5244 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:25:54.0383 5244 pciide - ok
20:25:54.0414 5244 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:25:54.0414 5244 pcmcia - ok
20:25:54.0523 5244 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:25:54.0539 5244 PEAUTH - ok
20:25:54.0726 5244 pinger (6dbf2ac2bdaff355995ab25eccc4cfe1) C:\TOSHIBA\IVP\ISM\pinger.exe
20:25:54.0726 5244 pinger - ok
20:25:54.0944 5244 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:25:54.0960 5244 pla - ok
20:25:55.0147 5244 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:25:55.0163 5244 PlugPlay - ok
20:25:55.0256 5244 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:25:55.0256 5244 PNRPAutoReg - ok
20:25:55.0459 5244 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:25:55.0475 5244 PNRPsvc - ok
20:25:55.0553 5244 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:25:55.0553 5244 PolicyAgent - ok
20:25:55.0756 5244 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:25:55.0756 5244 PptpMiniport - ok
20:25:55.0927 5244 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:25:55.0927 5244 Processor - ok
20:25:56.0021 5244 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:25:56.0036 5244 ProfSvc - ok
20:25:56.0192 5244 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:25:56.0192 5244 ProtectedStorage - ok
20:25:56.0255 5244 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:25:56.0255 5244 PSched - ok
20:25:56.0364 5244 PTDUBus (dbaf8a53d7669efb4742896b458181d0) C:\Windows\system32\DRIVERS\PTDUBus.sys
20:25:56.0364 5244 PTDUBus - ok
20:25:56.0426 5244 PTDUMdm (fa4e2a5cf478624d3154fb045fb2d076) C:\Windows\system32\DRIVERS\PTDUMdm.sys
20:25:56.0426 5244 PTDUMdm - ok
20:25:56.0520 5244 PTDUVsp (9c489b38ca13f251289004fe4f8631dd) C:\Windows\system32\DRIVERS\PTDUVsp.sys
20:25:56.0520 5244 PTDUVsp - ok
20:25:56.0551 5244 PTDUWFLT (37a75ac00d26364a5ea2050a6f85c2d0) C:\Windows\system32\DRIVERS\PTDUWFLT.sys
20:25:56.0551 5244 PTDUWFLT - ok
20:25:56.0645 5244 PTDUWWAN (f4a789a94ff74a47eb321be4465259d0) C:\Windows\system32\DRIVERS\PTDUWWAN.sys
20:25:56.0660 5244 PTDUWWAN - ok
20:25:56.0738 5244 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys
20:25:56.0738 5244 PxHelp20 - ok
20:25:56.0848 5244 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:25:56.0863 5244 ql2300 - ok
20:25:56.0879 5244 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:25:56.0879 5244 ql40xx - ok
20:25:57.0004 5244 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:25:57.0004 5244 QWAVE - ok
20:25:57.0082 5244 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:25:57.0082 5244 QWAVEdrv - ok
20:25:57.0253 5244 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
20:25:57.0269 5244 RapiMgr - ok
20:25:57.0331 5244 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:25:57.0331 5244 RasAcd - ok
20:25:57.0440 5244 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:25:57.0456 5244 RasAuto - ok
20:25:57.0565 5244 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:57.0565 5244 Rasl2tp - ok
20:25:57.0674 5244 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:25:57.0674 5244 RasMan - ok
20:25:57.0737 5244 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:57.0737 5244 RasPppoe - ok
20:25:57.0862 5244 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:25:57.0862 5244 RasSstp - ok
20:25:57.0908 5244 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:25:57.0924 5244 rdbss - ok
20:25:57.0955 5244 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:57.0955 5244 RDPCDD - ok
20:25:58.0049 5244 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:25:58.0064 5244 rdpdr - ok
20:25:58.0096 5244 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:25:58.0096 5244 RDPENCDD - ok
20:25:58.0142 5244 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
20:25:58.0142 5244 RDPWD - ok
20:25:58.0267 5244 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:25:58.0267 5244 RemoteAccess - ok
20:25:58.0345 5244 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:25:58.0361 5244 RemoteRegistry - ok
20:25:58.0423 5244 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:25:58.0423 5244 RpcLocator - ok
20:25:58.0517 5244 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:25:58.0517 5244 RpcSs - ok
20:25:58.0798 5244 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:25:58.0798 5244 rspndr - ok
20:25:58.0891 5244 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
20:25:58.0891 5244 RTL8169 - ok
20:25:58.0969 5244 RTSTOR (01c64783db1f40e1e3df67dd36199b35) C:\Windows\system32\drivers\RTSTOR.SYS
20:25:58.0969 5244 RTSTOR - ok
20:25:59.0016 5244 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:25:59.0032 5244 SamSs - ok
20:25:59.0063 5244 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:25:59.0063 5244 sbp2port - ok
20:25:59.0110 5244 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:25:59.0110 5244 SCardSvr - ok
20:25:59.0203 5244 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:25:59.0219 5244 Schedule - ok
20:25:59.0297 5244 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:25:59.0312 5244 SCPolicySvc - ok
20:25:59.0453 5244 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:25:59.0468 5244 SDRSVC - ok
20:25:59.0687 5244 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:25:59.0702 5244 SeaPort - ok
20:25:59.0952 5244 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:25:59.0952 5244 secdrv - ok
20:25:59.0999 5244 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:26:00.0014 5244 seclogon - ok
20:26:00.0373 5244 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
20:26:00.0389 5244 SENS - ok
20:26:00.0560 5244 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:26:00.0560 5244 Serenum - ok
20:26:00.0576 5244 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:26:00.0576 5244 Serial - ok
20:26:00.0607 5244 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:26:00.0623 5244 sermouse - ok
20:26:00.0716 5244 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:26:00.0716 5244 SessionEnv - ok
20:26:00.0810 5244 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:26:00.0810 5244 sffdisk - ok
20:26:00.0841 5244 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:26:00.0841 5244 sffp_mmc - ok
20:26:00.0935 5244 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:26:00.0935 5244 sffp_sd - ok
20:26:00.0950 5244 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:26:00.0950 5244 sfloppy - ok
20:26:01.0216 5244 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:26:01.0216 5244 SharedAccess - ok
20:26:01.0434 5244 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:26:01.0434 5244 ShellHWDetection - ok
20:26:01.0481 5244 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:26:01.0481 5244 sisagp - ok
20:26:01.0715 5244 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:26:01.0715 5244 SiSRaid2 - ok
20:26:01.0730 5244 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:26:01.0730 5244 SiSRaid4 - ok
20:26:01.0933 5244 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:26:01.0964 5244 slsvc - ok
20:26:02.0042 5244 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:26:02.0042 5244 SLUINotify - ok
20:26:02.0120 5244 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:26:02.0120 5244 Smb - ok
20:26:02.0198 5244 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:26:02.0198 5244 SNMPTRAP - ok
20:26:02.0261 5244 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:26:02.0261 5244 spldr - ok
20:26:02.0323 5244 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:26:02.0339 5244 Spooler - ok
20:26:02.0448 5244 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:26:02.0448 5244 srv - ok
20:26:02.0588 5244 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:26:02.0604 5244 srv2 - ok
20:26:02.0666 5244 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:26:02.0666 5244 srvnet - ok
20:26:02.0729 5244 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:26:02.0744 5244 SSDPSRV - ok
20:26:02.0854 5244 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:26:02.0854 5244 SstpSvc - ok
20:26:03.0025 5244 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:26:03.0041 5244 stisvc - ok
20:26:03.0103 5244 SVRPEDRV - ok
20:26:03.0259 5244 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:26:03.0259 5244 swenum - ok
20:26:03.0353 5244 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:26:03.0368 5244 swprv - ok
20:26:03.0509 5244 Swupdtmr (e1292c1ed4deb17b8a9b586d22cb2061) c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
20:26:03.0509 5244 Swupdtmr - ok
20:26:03.0680 5244 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:26:03.0680 5244 Symc8xx - ok
20:26:03.0743 5244 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:26:03.0743 5244 Sym_hi - ok
20:26:03.0758 5244 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:26:03.0758 5244 Sym_u3 - ok
20:26:03.0899 5244 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
20:26:03.0899 5244 SynTP - ok
20:26:04.0008 5244 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:26:04.0024 5244 SysMain - ok
20:26:04.0070 5244 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:26:04.0070 5244 TabletInputService - ok
20:26:04.0117 5244 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:26:04.0117 5244 TapiSrv - ok
20:26:04.0164 5244 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:26:04.0180 5244 TBS - ok
20:26:04.0460 5244 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
20:26:04.0460 5244 Tcpip - ok
20:26:04.0538 5244 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
20:26:04.0554 5244 Tcpip6 - ok
20:26:04.0632 5244 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
20:26:04.0632 5244 tcpipreg - ok
20:26:04.0694 5244 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
20:26:04.0694 5244 tdcmdpst - ok
20:26:04.0757 5244 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:26:04.0757 5244 TDPIPE - ok
20:26:04.0866 5244 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:26:04.0866 5244 TDTCP - ok
20:26:04.0975 5244 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:26:04.0975 5244 tdx - ok
20:26:05.0069 5244 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:26:05.0069 5244 TermDD - ok
20:26:05.0209 5244 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:26:05.0209 5244 TermService - ok
20:26:05.0318 5244 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:26:05.0318 5244 Themes - ok
20:26:05.0396 5244 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:26:05.0396 5244 THREADORDER - ok
20:26:05.0724 5244 TNaviSrv (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
20:26:05.0724 5244 TNaviSrv - ok
20:26:05.0833 5244 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
20:26:05.0833 5244 TODDSrv - ok
20:26:05.0989 5244 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:26:05.0989 5244 TosCoSrv - ok
20:26:06.0098 5244 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
20:26:06.0098 5244 TOSHIBA SMART Log Service - ok
20:26:06.0488 5244 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
20:26:06.0488 5244 tos_sps32 - ok
20:26:06.0582 5244 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:26:06.0598 5244 TrkWks - ok
20:26:06.0629 5244 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:26:06.0629 5244 TrustedInstaller - ok
20:26:06.0769 5244 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:26:06.0785 5244 tssecsrv - ok
20:26:06.0847 5244 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:26:06.0847 5244 tunmp - ok
20:26:06.0894 5244 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:26:06.0894 5244 tunnel - ok
20:26:06.0988 5244 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
20:26:06.0988 5244 TVALZ - ok
20:26:07.0034 5244 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:26:07.0034 5244 uagp35 - ok
20:26:07.0112 5244 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:26:07.0128 5244 udfs - ok
20:26:07.0175 5244 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:26:07.0175 5244 UI0Detect - ok
20:26:07.0362 5244 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
20:26:07.0362 5244 UleadBurningHelper - ok
20:26:07.0502 5244 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:26:07.0502 5244 uliagpkx - ok
20:26:07.0612 5244 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:26:07.0612 5244 uliahci - ok
20:26:07.0705 5244 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:26:07.0705 5244 UlSata - ok
20:26:07.0736 5244 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:26:07.0736 5244 ulsata2 - ok
20:26:07.0799 5244 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:26:07.0799 5244 umbus - ok
20:26:07.0986 5244 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:26:07.0986 5244 upnphost - ok
20:26:08.0111 5244 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:26:08.0111 5244 USBAAPL - ok
20:26:08.0126 5244 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:26:08.0142 5244 usbccgp - ok
20:26:08.0158 5244 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:26:08.0158 5244 usbcir - ok
20:26:08.0251 5244 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:26:08.0251 5244 usbehci - ok
20:26:08.0282 5244 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:26:08.0282 5244 usbhub - ok
20:26:08.0345 5244 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:26:08.0345 5244 usbohci - ok
20:26:08.0376 5244 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:26:08.0376 5244 usbprint - ok
20:26:08.0423 5244 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:26:08.0423 5244 usbscan - ok
20:26:08.0438 5244 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:26:08.0438 5244 USBSTOR - ok
20:26:08.0516 5244 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:26:08.0516 5244 usbuhci - ok
20:26:08.0626 5244 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:26:08.0626 5244 usbvideo - ok
20:26:08.0641 5244 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
20:26:08.0641 5244 usb_rndisx - ok
20:26:08.0672 5244 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
20:26:08.0688 5244 UVCFTR - ok
20:26:08.0782 5244 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:26:08.0797 5244 UxSms - ok
20:26:08.0969 5244 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:26:08.0969 5244 vds - ok
20:26:09.0140 5244 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:26:09.0140 5244 vga - ok
20:26:09.0187 5244 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:26:09.0203 5244 VgaSave - ok
20:26:09.0265 5244 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:26:09.0265 5244 viaagp - ok
20:26:09.0281 5244 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:26:09.0296 5244 ViaC7 - ok
20:26:09.0312 5244 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:26:09.0312 5244 viaide - ok
20:26:09.0374 5244 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:26:09.0374 5244 volmgr - ok
20:26:09.0468 5244 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:26:09.0468 5244 volmgrx - ok
20:26:09.0484 5244 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:26:09.0499 5244 volsnap - ok
20:26:09.0640 5244 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:26:09.0640 5244 vsmraid - ok
20:26:09.0733 5244 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:26:09.0749 5244 VSS - ok
20:26:09.0827 5244 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:26:09.0827 5244 W32Time - ok
20:26:10.0045 5244 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:26:10.0045 5244 WacomPen - ok
20:26:10.0108 5244 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:26:10.0108 5244 Wanarp - ok
20:26:10.0108 5244 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:26:10.0108 5244 Wanarpv6 - ok
20:26:10.0295 5244 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
20:26:10.0310 5244 WcesComm - ok
20:26:10.0420 5244 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:26:10.0435 5244 wcncsvc - ok
20:26:10.0498 5244 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:26:10.0513 5244 WcsPlugInService - ok
20:26:10.0810 5244 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:26:10.0810 5244 Wd - ok
20:26:11.0184 5244 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:26:11.0200 5244 Wdf01000 - ok
20:26:11.0543 5244 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:26:11.0543 5244 WdiServiceHost - ok
20:26:11.0574 5244 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:26:11.0590 5244 WdiSystemHost - ok
20:26:11.0699 5244 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:26:11.0699 5244 WebClient - ok
20:26:11.0761 5244 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:26:11.0777 5244 Wecsvc - ok
20:26:11.0839 5244 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:26:11.0839 5244 wercplsupport - ok
20:26:11.0980 5244 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:26:11.0980 5244 WerSvc - ok
20:26:12.0120 5244 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:26:12.0136 5244 WinDefend - ok
20:26:12.0136 5244 WinHttpAutoProxySvc - ok
20:26:12.0338 5244 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:26:12.0338 5244 Winmgmt - ok
20:26:12.0604 5244 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:26:12.0619 5244 WinRM - ok
20:26:12.0900 5244 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
20:26:12.0916 5244 winusb - ok
20:26:13.0009 5244 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:26:13.0025 5244 Wlansvc - ok
20:26:13.0306 5244 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:26:13.0306 5244 wlcrasvc - ok
20:26:13.0602 5244 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:26:13.0618 5244 wlidsvc - ok
20:26:13.0852 5244 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
20:26:13.0852 5244 WmiAcpi - ok
20:26:14.0023 5244 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:26:14.0023 5244 wmiApSrv - ok
20:26:14.0148 5244 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:26:14.0164 5244 WMPNetworkSvc - ok
20:26:14.0320 5244 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:26:14.0320 5244 WPCSvc - ok
20:26:14.0413 5244 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:26:14.0413 5244 WPDBusEnum - ok
20:26:14.0585 5244 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:26:14.0585 5244 WpdUsb - ok
20:26:15.0084 5244 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:26:15.0084 5244 WPFFontCache_v0400 - ok
20:26:15.0287 5244 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:26:15.0287 5244 ws2ifsl - ok
20:26:15.0334 5244 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
20:26:15.0334 5244 wscsvc - ok
20:26:15.0380 5244 WSearch - ok
20:26:15.0583 5244 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
20:26:15.0614 5244 wuauserv - ok
20:26:15.0802 5244 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:26:15.0802 5244 WUDFRd - ok
20:26:15.0880 5244 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:26:15.0880 5244 wudfsvc - ok
20:26:16.0036 5244 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
20:26:16.0114 5244 \Device\Harddisk0\DR0 - ok
20:26:16.0114 5244 Boot (0x1200) (d138f9ddcba85c47c99311a4bf71f2fa) \Device\Harddisk0\DR0\Partition0
20:26:16.0129 5244 \Device\Harddisk0\DR0\Partition0 - ok
20:26:16.0129 5244 ============================================================
20:26:16.0129 5244 Scan finished
20:26:16.0129 5244 ============================================================
20:26:16.0145 3836 Detected object count: 0
20:26:16.0145 3836 Actual detected object count: 0
20:26:34.0631 4992 Deinitialize success


The machine is running fine...I am putting the Windows Firewall back on and updating MS Security Essentials, but I Like MBAM. Which is more effective? I hope this ends the nightmare. THANK you!!!!!!!!!!

#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:05 PM

Posted 04 April 2012 - 07:34 PM

Hello,

Now that your machine is running better let's run a couple of other scanners to make sure there is nothing leftover.


1.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


Things to include in your next reply::
MBAM log
Eset log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:05 PM

Posted 07 April 2012 - 11:53 AM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:05 PM

Posted 09 April 2012 - 05:47 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users