Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

happili and asktofriends


  • This topic is locked This topic is locked
33 replies to this topic

#1 mac84

mac84

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 01 May 2012 - 09:36 AM

Hello,

My first time here. My laptop is infected with happili and asktofriends redirects. It's running very slow and the redirects are driving me insane. Please help?

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 PM

Posted 02 May 2012 - 12:55 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 02 May 2012 - 09:34 PM

Hello Gringo. Thank you for your assistance.

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG Security Toolbar
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 29
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Webroot Security current plugins\antimalware\AEI.exe
Webroot Security current plugins\antimalware\SSU.EXE
``````````End of Log````````````



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/15/2011 1:44:15 PM
System Uptime: 5/2/2012 8:21:58 PM (2 hours ago)
.
Motherboard: TOSHIBA | | NWQAA
Processor: Intel® Core™ i3 CPU M 370 @ 2.40GHz | CPU | 1175/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 395.616 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP137: 3/29/2012 3:58:55 PM - Installed TurboTax 2011 wrapper
RP138: 4/2/2012 3:49:23 PM - Installed TurboTax 2011 wmiiper
RP139: 4/12/2012 9:18:54 PM - Windows Update
RP140: 4/30/2012 1:55:45 PM - ARO 2012 - Before Installation
RP141: 4/30/2012 1:57:21 PM - ARO 2012 - FIRST RUN
RP142: 4/30/2012 2:12:01 PM - ARO 2012 Mon, Apr 30, 12 14:12
RP143: 4/30/2012 2:48:39 PM - avast! Free Antivirus Setup
RP144: 5/1/2012 10:34:41 AM - Windows Update
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
Adobe Reader 9.3
Apple Application Support
Apple Software Update
Ask Toolbar
Augmented Reality
AVG Security Toolbar
Constant Guard Protection Suite
D3DX10
Feeding Frenzy 2
GamesBar 2.0.1.82
Google Chrome
Google Earth
Google Update Helper
GuardedID
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Java Auto Updater
Java™ 6 Update 29
JMicron Flash Media Controller Driver
Junk Mail filter update
Label@Once 1.0
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office FrontPage 2003
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
Norton Security Suite
RCA Detective™ 3.0.0.101
RCA Memory Manager
RCA Memory Manager 3 2.0.64.714
RCA Updater 1.0.5.0
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Skype™ 5.5
SMART Notebook
SMART Product Drivers
SMART Product Update
SMART Response
TI-Nspire Teacher Software
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wmiiper
TurboTax 2011 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
Webroot Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
5/2/2012 5:47:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WebrootSpySweeperService service.
5/2/2012 5:13:57 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
5/2/2012 5:13:57 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2012 10:05:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
5/1/2012 8:39:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WiMAXAppSrv service.
4/30/2012 7:05:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.
4/30/2012 4:04:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TPCHSrv service.
4/27/2012 9:30:33 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Owner-PC\Owner SID (S-1-5-21-2994053222-4054778053-4274757011-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/26/2012 9:15:47 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.3 with the system having network hardware address F0-A2-25-CD-0A-1E. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================

Edited by mac84, 02 May 2012 - 09:36 PM.


#4 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 02 May 2012 - 09:38 PM

Gingo: Here's the second log. I'm a complete idiot when it comes to computers s I ddn't know how to zip it


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Owner at 22:22:10 on 2012-05-02
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3891.1631 [GMT -4:00]
.
AV: Webroot AntiVirus with Spy Sweeper *Disabled/Updated* {53211D91-0C31-95F2-E3A5-7661FB22889E}
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot AntiVirus with Spy Sweeper *Disabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
C:\Windows\System32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files (x86)\SMART Technologies\SMART Response\DesktopMenu.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
C:\Users\Owner\Documents\RCA Detective\RCADetective.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Aware.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Marker.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseSoftwareService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\SSU.EXE
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XUWIM5GZ\SecurityCheck[1].exe
C:\windows\SysWOW64\notepad.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.comcast.net/
uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSND&bmod=TSND
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
uInternet Settings,ProxyOverride = <local>;*.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO: CIEDownload Object: {67bcf957-85fc-4036-8dc4-d4d80e00a77b} - C:\Program Files (x86)\SMART Technologies\SMART Notebook\NotebookPlugin.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Best Buy pc app] C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [SearchEngineProtection] "C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe"
uRun: [Adobe] "rundll32.exe" "C:\Users\Owner\AppData\Local\Apple Computer\Adobe\ihkpbqo.dll",DllRegisterServer
mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
mRun: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
mRun: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [TSleepSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe"
mRun: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe"
mRun: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe"
mRun: [SMART SNMP Agent] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe" -e
mRun: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
mRun: [GIDDesktop] "C:\Program Files (x86)\SFT\GuardedID\gidd.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RCADET~1.LNK - C:\Users\Owner\Documents\RCA Detective\RCADetective.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DESKTO~1.LNK - C:\Program Files (x86)\SMART Technologies\SMART Response\DesktopMenu.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTB~1.LNK - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{21BB3017-5F9D-4459-8027-5E603E5E6219} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{21BB3017-5F9D-4459-8027-5E603E5E6219}\1426265697E45647 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{21BB3017-5F9D-4459-8027-5E603E5E6219}\35D4F46666963656 : DhcpNameServer = 192.168.3.4 192.168.3.5
TCP: Interfaces\{21BB3017-5F9D-4459-8027-5E603E5E6219}\84F64756C634F6E6E6563647 : DhcpNameServer = 172.20.1.1
TCP: Interfaces\{A3D063A4-94D8-48A0-969C-FBB107909220} : DhcpNameServer = 168.94.0.15 168.94.0.14
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: CIEDownload Object: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\SMART Notebook\NotebookPlugin.dll
BHO-X64: SMART Notebook Download Plugin - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO-X64: Constant Guard Protection Suite (COM) - No File
BHO-X64: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: GamesBar: {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
mRun-x64: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
mRun-x64: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
mRun-x64: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [TSleepSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe"
mRun-x64: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe"
mRun-x64: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe"
mRun-x64: [SMART SNMP Agent] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe" -e
mRun-x64: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
mRun-x64: [GIDDesktop] "C:\Program Files (x86)\SFT\GuardedID\gidd.exe" /s
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [?]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [2012-4-19 1160824]
R1 GIDv2;GIDv2;C:\windows\system32\drivers\GIDv2.sys --> C:\windows\system32\drivers\GIDv2.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120501.001\IDSviA64.sys [2012-5-2 488568]
R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS --> C:\windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-3-30 65608]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccsvchst.exe [2012-4-24 130008]
R2 Response Hardware;Response Hardware;C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe [2010-1-5 30504]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 ssfmonm;ssfmonm;C:\windows\system32\DRIVERS\ssfmonm.sys --> C:\windows\system32\DRIVERS\ssfmonm.sys [?]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-7-28 267192]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-12 2320920]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-4-30 932736]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe [2011-1-15 3900032]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]
R2 WRConsumerService;Webroot Client Service;C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe [2011-5-10 3276136]
R3 bpenum;bpenum;C:\windows\system32\DRIVERS\bpenum.sys --> C:\windows\system32\DRIVERS\bpenum.sys [?]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\windows\system32\DRIVERS\bpmp.sys --> C:\windows\system32\DRIVERS\bpmp.sys [?]
R3 bpusb;bpusb;C:\windows\system32\Drivers\bpusb.sys --> C:\windows\system32\Drivers\bpusb.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-7 138360]
R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETw5s64.sys --> C:\windows\system32\DRIVERS\NETw5s64.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 SMARTMouseFilterx64;HID-compliant mouse;C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys --> C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [?]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys --> C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [?]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys --> C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-10-12 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-7-22 822192]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-30 136176]
S3 acpials;ALS Sensor Filter;C:\windows\system32\DRIVERS\acpials.sys --> C:\windows\system32\DRIVERS\acpials.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-1 253088]
S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-30 136176]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-02 00:50:05 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{272A7303-123C-401E-9433-166F5D660E59}\offreg.dll
2012-05-01 20:42:51 8741536 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-01 14:35:30 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{272A7303-123C-401E-9433-166F5D660E59}\mpengine.dll
2012-05-01 13:45:03 418464 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-04-30 18:49:10 -------- d-----w- C:\ProgramData\AVAST Software
2012-04-30 18:49:10 -------- d-----w- C:\Program Files\AVAST Software
2012-04-30 18:47:38 -------- d-----w- C:\Users\Owner\AppData\Local\AVG Secure Search
2012-04-30 18:47:14 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-04-30 18:47:09 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-04-30 18:47:06 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-04-30 18:28:30 -------- d--h--w- C:\ProgramData\Common Files
2012-04-30 18:19:32 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-04-30 18:19:14 -------- d-----w- C:\ProgramData\Malwarebytes
2012-04-30 18:19:13 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-04-30 18:19:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-29 23:28:42 -------- d-----w- C:\Users\Owner\AppData\Local\{4B307CB3-0558-42AB-9434-4830EA7A0D57}
2012-04-29 23:28:18 -------- d-----w- C:\Users\Owner\AppData\Local\{E48A8F58-6C0A-4512-99F3-7745E5F81DAD}
2012-04-29 23:25:11 -------- d-----w- C:\Users\Owner\AppData\Local\{F3A8CAD6-EF3D-43C4-81DB-D72B64C436BA}
2012-04-29 20:17:45 -------- d-----w- C:\Users\Owner\AppData\Local\{7E0C5E14-8094-4F37-9627-C6DEC0E7AA88}
2012-04-29 00:46:17 -------- d-----w- C:\Users\Owner\AppData\Local\{68B3AB4A-164F-4001-B8D9-D46D68783925}
2012-04-28 17:21:17 -------- d-----w- C:\Users\Owner\AppData\Local\{FCACBEE6-762E-4195-88A2-DA4B2F60325D}
2012-04-24 10:52:27 912504 ----a-w- C:\windows\System32\drivers\N360x64\0502010.003\symefa64.sys
2012-04-24 10:52:27 450680 ----a-w- C:\windows\System32\drivers\N360x64\0502010.003\symds64.sys
2012-04-24 10:52:27 40568 ----a-w- C:\windows\System32\drivers\N360x64\0502010.003\srtspx64.sys
2012-04-24 10:52:27 386168 ----a-w- C:\windows\System32\drivers\N360x64\0502010.003\symnets.sys
2012-04-24 10:52:26 744568 ----a-w- C:\windows\System32\drivers\N360x64\0502010.003\srtsp64.sys
2012-04-24 10:52:26 171128 ----a-r- C:\windows\System32\drivers\N360x64\0502010.003\ironx64.sys
2012-04-24 10:52:04 -------- d-----w- C:\windows\System32\drivers\N360x64\0502010.003
2012-04-17 16:35:15 83968 ----a-w- C:\windows\System32\Spool\prtprocs\x64\CNBPP3.DLL
2012-04-13 01:31:22 5504880 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-04-13 01:31:22 3958128 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-04-13 01:31:21 3902320 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-04-13 01:26:54 80896 ----a-w- C:\windows\System32\imagehlp.dll
2012-04-13 01:26:54 22896 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2012-04-13 01:26:54 158720 ----a-w- C:\windows\SysWow64\imagehlp.dll
2012-04-13 01:26:52 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-04-13 01:26:49 5120 ----a-w- C:\windows\System32\wmi.dll
2012-04-13 01:26:49 220672 ----a-w- C:\windows\System32\wintrust.dll
2012-04-13 01:26:48 5120 ----a-w- C:\windows\SysWow64\wmi.dll
.
==================== Find3M ====================
.
2012-05-01 20:43:06 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-28 06:35:54 1197568 ----a-w- C:\windows\System32\wininet.dll
2012-02-28 06:33:03 57856 ----a-w- C:\windows\System32\licmgr10.dll
2012-02-28 05:40:21 981504 ----a-w- C:\windows\SysWow64\wininet.dll
2012-02-28 05:38:16 44544 ----a-w- C:\windows\SysWow64\licmgr10.dll
2012-02-28 05:17:41 482816 ----a-w- C:\windows\System32\html.iec
2012-02-28 04:35:01 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2012-02-28 04:31:46 386048 ----a-w- C:\windows\SysWow64\html.iec
2012-02-28 03:57:55 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-02-23 14:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
2012-02-15 06:27:54 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-02-15 05:44:57 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47:21 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-02-15 04:46:59 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-02-10 06:18:10 1541120 ----a-w- C:\windows\System32\DWrite.dll
2012-02-10 06:17:55 1837568 ----a-w- C:\windows\System32\d3d10warp.dll
2012-02-10 06:17:54 902656 ----a-w- C:\windows\System32\d2d1.dll
2012-02-10 06:17:54 320512 ----a-w- C:\windows\System32\d3d10_1core.dll
2012-02-10 06:17:54 197120 ----a-w- C:\windows\System32\d3d10_1.dll
2012-02-10 05:41:38 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-02-10 05:41:20 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41:20 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2012-02-10 05:41:20 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2012-02-10 05:41:19 739840 ----a-w- C:\windows\SysWow64\d2d1.dll
2012-02-03 04:16:03 3143168 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 22:24:03.95 ===============

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 PM

Posted 02 May 2012 - 09:40 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 04 May 2012 - 01:38 PM

Hi Gringo. Sorry it's taken me so long to reply but I couldn't get combofix to run. I tried 5 times and it finally went. I got the illegal error window to but didnt have the directions handy telling me to restart.

Here's the log:

ComboFix 12-05-04.02 - Owner 05/04/2012 13:07:35.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3891.1899 [GMT -4:00]
Running from: c:\users\Owner\Pictures\ComboFix.exe
AV: Webroot AntiVirus with Spy Sweeper *Disabled/Updated* {53211D91-0C31-95F2-E3A5-7661FB22889E}
SP: Webroot AntiVirus with Spy Sweeper *Disabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
.
.
((((((((((((((((((((((((( Files Created from 2012-04-04 to 2012-05-04 )))))))))))))))))))))))))))))))
.
.
2012-05-04 18:00 . 2012-05-04 18:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-04 17:35 . 2012-04-18 07:03 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85B9753E-AE72-4B71-891D-6862FC833785}\mpengine.dll
2012-05-01 20:42 . 2012-05-01 20:42 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-01 13:45 . 2012-05-01 20:43 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-30 18:49 . 2012-04-30 18:49 -------- d-----w- c:\programdata\AVAST Software
2012-04-30 18:49 . 2012-04-30 18:49 -------- d-----w- c:\program files\AVAST Software
2012-04-30 18:28 . 2012-04-30 18:28 -------- d--h--w- c:\programdata\Common Files
2012-04-30 18:19 . 2012-04-30 18:19 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-04-30 18:19 . 2012-04-30 18:19 -------- d-----w- c:\programdata\Malwarebytes
2012-04-17 16:35 . 2012-04-17 16:35 -------- d--h--w- c:\programdata\CanonBJ
2012-04-17 16:35 . 2009-07-14 01:40 83968 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP3.DLL
2012-04-13 01:31 . 2012-03-06 06:43 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-13 01:31 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-13 01:31 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-13 01:26 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-13 01:26 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-13 01:26 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-13 01:26 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-13 01:26 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-13 01:26 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-13 01:26 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-01 20:43 . 2011-06-04 12:00 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 14:18 . 2011-01-15 18:58 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-15 06:27 . 2012-03-13 21:14 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 05:44 . 2012-03-13 21:14 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47 . 2012-03-13 21:14 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:46 . 2012-03-13 21:14 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 06:18 . 2012-03-13 21:25 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 06:17 . 2012-03-13 21:25 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-10 06:17 . 2012-03-13 21:25 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-02-10 06:17 . 2012-03-13 21:25 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-10 06:17 . 2012-03-13 21:25 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-10 05:41 . 2012-03-13 21:25 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-10 05:41 . 2012-03-13 21:25 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-02-10 05:41 . 2012-03-13 21:25 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41 . 2012-03-13 21:25 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-02-10 05:41 . 2012-03-13 21:25 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-24 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-24 01:20 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-24 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchEngineProtection"="c:\program files (x86)\Gamesbar\SearchEngineProtection.exe" [2011-03-03 591248]
"Adobe"="c:\users\Owner\AppData\Local\Apple Computer\Adobe\ihkpbqo.dll" [2012-04-26 409600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-23 352256]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840]
"WebrootTrayApp"="c:\program files (x86)\Webroot\Security\Current\Framework\WRTray.exe" [2011-05-10 1378352]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe" [2010-01-05 3372328]
"SMART SNMP Agent"="c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe" [2010-01-05 1053992]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-08-24 887976]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
RCA Detective.lnk - c:\users\Owner\Documents\RCA Detective\RCADetective.exe [2011-5-17 910848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Desktop Menu.lnk - c:\program files (x86)\SMART Technologies\SMART Response\DesktopMenu.exe [2010-1-5 1930536]
SMART Board Tools.lnk - c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe [2010-1-5 11154728]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30 136176]
R3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 253088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30 136176]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-03-05 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2010-06-07 408576]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 Response Hardware;Response Hardware;c:\program files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe [2010-01-05 30504]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 ssfmonm;ssfmonm;c:\windows\system32\DRIVERS\ssfmonm.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-07-28 267192]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-06-07 911872]
S2 WRConsumerService;Webroot Client Service;c:\program files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe [2011-05-10 3276136]
S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys [x]
S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [x]
S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-07-22 822192]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 20:43]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30 04:44]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30 04:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-26 413208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-06-08 1441792]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.comcast.net/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files (x86)\SMART Technologies\SMART Response\ResponseSoftwareService.exe
.
**************************************************************************
.
Completion time: 2012-05-04 14:12:05 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-04 18:12
.
Pre-Run: 425,024,102,400 bytes free
Post-Run: 425,447,464,960 bytes free
.
- - End Of File - - 9E97389451CA8C8334133EA83BFF606E

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 PM

Posted 04 May 2012 - 02:35 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 04 May 2012 - 03:44 PM

Hi Gringo,

Can I or should I turn my firewall/antivirus software back on before running the tdss etc?

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 PM

Posted 04 May 2012 - 04:21 PM

after you run them


shut off the security programs ONLY when you are doing active scanning



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 04 May 2012 - 07:48 PM

20:39:30.0599 1272 Windows directory: C:\windows
20:39:30.0599 1272 System windows directory: C:\windows
20:39:30.0599 1272 Running under WOW64
20:39:30.0599 1272 Processor architecture: Intel x64
20:39:30.0599 1272 Number of processors: 4
20:39:30.0599 1272 Page size: 0x1000
20:39:30.0599 1272 Boot type: Normal boot
20:39:30.0599 1272 ============================================================
20:39:31.0348 1272 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:39:31.0364 1272 ============================================================
20:39:31.0364 1272 \Device\Harddisk0\DR0:
20:39:31.0364 1272 MBR partitions:
20:39:31.0364 1272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38967800
20:39:31.0364 1272 ============================================================
20:39:31.0379 1272 C: <-> \Device\Harddisk0\DR0\Partition0
20:39:31.0379 1272 ============================================================
20:39:31.0379 1272 Initialize success
20:39:31.0379 1272 ============================================================
20:39:35.0856 5216 ============================================================
20:39:35.0856 5216 Scan started
20:39:35.0856 5216 Mode: Manual;
20:39:35.0856 5216 ============================================================
20:39:37.0198 5216 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys
20:39:37.0214 5216 1394ohci - ok
20:39:37.0338 5216 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:39:37.0338 5216 ACDaemon - ok
20:39:37.0401 5216 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
20:39:37.0416 5216 ACPI - ok
20:39:37.0463 5216 acpials (12c5274cd87449a2a37a607cdb321922) C:\windows\system32\DRIVERS\acpials.sys
20:39:37.0479 5216 acpials - ok
20:39:37.0526 5216 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
20:39:37.0526 5216 AcpiPmi - ok
20:39:37.0697 5216 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:39:37.0697 5216 AdobeFlashPlayerUpdateSvc - ok
20:39:37.0775 5216 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:39:37.0806 5216 adp94xx - ok
20:39:37.0838 5216 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:39:37.0853 5216 adpahci - ok
20:39:37.0931 5216 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:39:37.0931 5216 adpu320 - ok
20:39:37.0994 5216 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
20:39:37.0994 5216 AeLookupSvc - ok
20:39:38.0150 5216 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\windows\syswow64\drivers\Afc.sys
20:39:38.0150 5216 Afc - ok
20:39:38.0259 5216 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
20:39:38.0274 5216 AFD - ok
20:39:38.0290 5216 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
20:39:38.0290 5216 agp440 - ok
20:39:38.0337 5216 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
20:39:38.0337 5216 ALG - ok
20:39:38.0368 5216 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
20:39:38.0368 5216 aliide - ok
20:39:38.0384 5216 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
20:39:38.0384 5216 amdide - ok
20:39:38.0430 5216 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:39:38.0430 5216 AmdK8 - ok
20:39:38.0462 5216 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:39:38.0462 5216 AmdPPM - ok
20:39:38.0540 5216 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
20:39:38.0540 5216 amdsata - ok
20:39:38.0602 5216 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:39:38.0618 5216 amdsbs - ok
20:39:38.0680 5216 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
20:39:38.0680 5216 amdxata - ok
20:39:38.0711 5216 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
20:39:38.0727 5216 AppID - ok
20:39:38.0758 5216 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
20:39:38.0758 5216 AppIDSvc - ok
20:39:38.0820 5216 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll
20:39:38.0820 5216 Appinfo - ok
20:39:38.0976 5216 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:39:38.0976 5216 Apple Mobile Device - ok
20:39:39.0070 5216 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:39:39.0070 5216 arc - ok
20:39:39.0132 5216 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:39:39.0132 5216 arcsas - ok
20:39:39.0179 5216 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:39:39.0179 5216 AsyncMac - ok
20:39:39.0226 5216 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
20:39:39.0226 5216 atapi - ok
20:39:39.0304 5216 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
20:39:39.0335 5216 AudioEndpointBuilder - ok
20:39:39.0351 5216 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
20:39:39.0366 5216 AudioSrv - ok
20:39:39.0444 5216 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll
20:39:39.0460 5216 AxInstSV - ok
20:39:39.0522 5216 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:39:39.0569 5216 b06bdrv - ok
20:39:39.0663 5216 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
20:39:39.0678 5216 b57nd60a - ok
20:39:39.0741 5216 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
20:39:39.0741 5216 BDESVC - ok
20:39:39.0803 5216 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:39:39.0803 5216 Beep - ok
20:39:39.0944 5216 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll
20:39:39.0959 5216 BFE - ok
20:39:40.0037 5216 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\system32\qmgr.dll
20:39:40.0037 5216 BITS - ok
20:39:40.0115 5216 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:39:40.0115 5216 blbdrive - ok
20:39:40.0240 5216 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:39:40.0256 5216 Bonjour Service - ok
20:39:40.0318 5216 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
20:39:40.0334 5216 bowser - ok
20:39:40.0380 5216 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\windows\system32\DRIVERS\bpenum.sys
20:39:40.0396 5216 bpenum - ok
20:39:40.0458 5216 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\windows\system32\DRIVERS\bpmp.sys
20:39:40.0474 5216 bpmp - ok
20:39:40.0552 5216 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\windows\system32\Drivers\bpusb.sys
20:39:40.0568 5216 bpusb - ok
20:39:40.0614 5216 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:39:40.0614 5216 BrFiltLo - ok
20:39:40.0630 5216 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:39:40.0630 5216 BrFiltUp - ok
20:39:40.0692 5216 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
20:39:40.0692 5216 BridgeMP - ok
20:39:40.0817 5216 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll
20:39:40.0817 5216 Browser - ok
20:39:40.0864 5216 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:39:40.0880 5216 Brserid - ok
20:39:40.0895 5216 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:39:40.0895 5216 BrSerWdm - ok
20:39:40.0895 5216 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:39:40.0911 5216 BrUsbMdm - ok
20:39:40.0926 5216 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:39:40.0926 5216 BrUsbSer - ok
20:39:40.0942 5216 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:39:40.0942 5216 BTHMODEM - ok
20:39:41.0036 5216 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
20:39:41.0036 5216 bthserv - ok
20:39:41.0067 5216 catchme - ok
20:39:41.0114 5216 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:39:41.0114 5216 cdfs - ok
20:39:41.0176 5216 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
20:39:41.0192 5216 cdrom - ok
20:39:41.0254 5216 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
20:39:41.0254 5216 CertPropSvc - ok
20:39:41.0270 5216 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:39:41.0270 5216 circlass - ok
20:39:41.0316 5216 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:39:41.0332 5216 CLFS - ok
20:39:41.0394 5216 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:39:41.0410 5216 clr_optimization_v2.0.50727_32 - ok
20:39:41.0441 5216 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:39:41.0457 5216 clr_optimization_v2.0.50727_64 - ok
20:39:41.0550 5216 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:39:41.0566 5216 clr_optimization_v4.0.30319_32 - ok
20:39:41.0613 5216 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:39:41.0628 5216 clr_optimization_v4.0.30319_64 - ok
20:39:41.0660 5216 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:39:41.0660 5216 CmBatt - ok
20:39:41.0706 5216 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
20:39:41.0706 5216 cmdide - ok
20:39:41.0769 5216 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
20:39:41.0816 5216 CNG - ok
20:39:41.0847 5216 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:39:41.0847 5216 Compbatt - ok
20:39:41.0862 5216 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
20:39:41.0878 5216 CompositeBus - ok
20:39:41.0894 5216 COMSysApp - ok
20:39:41.0940 5216 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:39:41.0940 5216 crcdisk - ok
20:39:41.0987 5216 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll
20:39:41.0987 5216 CryptSvc - ok
20:39:42.0190 5216 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:39:42.0190 5216 cvhsvc - ok
20:39:42.0252 5216 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
20:39:42.0268 5216 DcomLaunch - ok
20:39:42.0315 5216 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
20:39:42.0330 5216 defragsvc - ok
20:39:42.0362 5216 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
20:39:42.0377 5216 DfsC - ok
20:39:42.0440 5216 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll
20:39:42.0455 5216 Dhcp - ok
20:39:42.0486 5216 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:39:42.0486 5216 discache - ok
20:39:42.0549 5216 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:39:42.0564 5216 Disk - ok
20:39:42.0642 5216 DMAgent (61458c120cddfe7514e2db125568ca59) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
20:39:42.0642 5216 DMAgent - ok
20:39:42.0736 5216 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll
20:39:42.0752 5216 Dnscache - ok
20:39:42.0783 5216 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll
20:39:42.0798 5216 dot3svc - ok
20:39:42.0814 5216 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll
20:39:42.0814 5216 DPS - ok
20:39:42.0876 5216 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:39:42.0876 5216 drmkaud - ok
20:39:42.0954 5216 DXGKrnl (372117d46a16add8ca6e3ee3b3bdd57c) C:\windows\System32\drivers\dxgkrnl.sys
20:39:42.0970 5216 DXGKrnl - ok
20:39:43.0032 5216 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
20:39:43.0032 5216 EapHost - ok
20:39:43.0266 5216 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:39:43.0344 5216 ebdrv - ok
20:39:43.0454 5216 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe
20:39:43.0454 5216 EFS - ok
20:39:43.0610 5216 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\windows\ehome\ehRecvr.exe
20:39:43.0625 5216 ehRecvr - ok
20:39:43.0672 5216 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
20:39:43.0672 5216 ehSched - ok
20:39:43.0781 5216 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:39:43.0797 5216 elxstor - ok
20:39:43.0812 5216 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
20:39:43.0812 5216 ErrDev - ok
20:39:43.0875 5216 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
20:39:43.0875 5216 EventSystem - ok
20:39:44.0046 5216 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:39:44.0093 5216 EvtEng - ok
20:39:44.0202 5216 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:39:44.0218 5216 exfat - ok
20:39:44.0249 5216 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:39:44.0265 5216 fastfat - ok
20:39:44.0358 5216 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe
20:39:44.0374 5216 Fax - ok
20:39:44.0421 5216 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:39:44.0421 5216 fdc - ok
20:39:44.0436 5216 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
20:39:44.0436 5216 fdPHost - ok
20:39:44.0468 5216 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
20:39:44.0468 5216 FDResPub - ok
20:39:44.0483 5216 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:39:44.0483 5216 FileInfo - ok
20:39:44.0499 5216 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:39:44.0499 5216 Filetrace - ok
20:39:44.0530 5216 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:39:44.0530 5216 flpydisk - ok
20:39:44.0592 5216 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
20:39:44.0608 5216 FltMgr - ok
20:39:44.0702 5216 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\windows\system32\FntCache.dll
20:39:44.0733 5216 FontCache - ok
20:39:44.0780 5216 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:39:44.0795 5216 FontCache3.0.0.0 - ok
20:39:44.0826 5216 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:39:44.0826 5216 FsDepends - ok
20:39:44.0889 5216 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
20:39:44.0889 5216 fssfltr - ok
20:39:45.0076 5216 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:39:45.0138 5216 fsssvc - ok
20:39:45.0310 5216 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\windows\system32\drivers\Fs_Rec.sys
20:39:45.0310 5216 Fs_Rec - ok
20:39:45.0388 5216 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
20:39:45.0404 5216 fvevol - ok
20:39:45.0482 5216 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:39:45.0482 5216 gagp30kx - ok
20:39:45.0544 5216 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:39:45.0544 5216 GEARAspiWDM - ok
20:39:45.0653 5216 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll
20:39:45.0716 5216 gpsvc - ok
20:39:45.0809 5216 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:39:45.0809 5216 gupdate - ok
20:39:45.0856 5216 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:39:45.0856 5216 gupdatem - ok
20:39:45.0887 5216 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:39:45.0903 5216 hcw85cir - ok
20:39:45.0965 5216 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
20:39:45.0981 5216 HdAudAddService - ok
20:39:46.0043 5216 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
20:39:46.0059 5216 HDAudBus - ok
20:39:46.0090 5216 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
20:39:46.0090 5216 HECIx64 - ok
20:39:46.0090 5216 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:39:46.0090 5216 HidBatt - ok
20:39:46.0121 5216 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:39:46.0121 5216 HidBth - ok
20:39:46.0137 5216 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:39:46.0137 5216 HidIr - ok
20:39:46.0184 5216 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
20:39:46.0184 5216 hidserv - ok
20:39:46.0230 5216 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
20:39:46.0230 5216 HidUsb - ok
20:39:46.0262 5216 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll
20:39:46.0262 5216 hkmsvc - ok
20:39:46.0340 5216 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll
20:39:46.0355 5216 HomeGroupListener - ok
20:39:46.0386 5216 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll
20:39:46.0402 5216 HomeGroupProvider - ok
20:39:46.0433 5216 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
20:39:46.0449 5216 HpSAMD - ok
20:39:46.0542 5216 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
20:39:46.0558 5216 HTTP - ok
20:39:46.0605 5216 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
20:39:46.0605 5216 hwpolicy - ok
20:39:46.0636 5216 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
20:39:46.0636 5216 i8042prt - ok
20:39:46.0730 5216 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
20:39:46.0730 5216 iaStor - ok
20:39:46.0839 5216 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
20:39:46.0854 5216 iaStorV - ok
20:39:46.0964 5216 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:39:46.0995 5216 idsvc - ok
20:39:47.0666 5216 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\windows\system32\DRIVERS\igdkmd64.sys
20:39:47.0884 5216 igfx - ok
20:39:48.0009 5216 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:39:48.0009 5216 iirsp - ok
20:39:48.0087 5216 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll
20:39:48.0118 5216 IKEEXT - ok
20:39:48.0180 5216 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
20:39:48.0196 5216 Impcd - ok
20:39:48.0414 5216 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
20:39:48.0446 5216 IntcAzAudAddService - ok
20:39:48.0586 5216 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\windows\system32\DRIVERS\IntcDAud.sys
20:39:48.0602 5216 IntcDAud - ok
20:39:48.0648 5216 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
20:39:48.0648 5216 intelide - ok
20:39:48.0680 5216 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:39:48.0680 5216 intelppm - ok
20:39:48.0804 5216 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
20:39:48.0804 5216 IntuitUpdateServiceV4 - ok
20:39:48.0836 5216 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
20:39:48.0851 5216 IPBusEnum - ok
20:39:48.0867 5216 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:39:48.0867 5216 IpFilterDriver - ok
20:39:48.0914 5216 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll
20:39:48.0929 5216 iphlpsvc - ok
20:39:48.0960 5216 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
20:39:48.0976 5216 IPMIDRV - ok
20:39:48.0992 5216 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:39:49.0007 5216 IPNAT - ok
20:39:49.0116 5216 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
20:39:49.0132 5216 iPod Service - ok
20:39:49.0179 5216 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:39:49.0194 5216 IRENUM - ok
20:39:49.0194 5216 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
20:39:49.0194 5216 isapnp - ok
20:39:49.0226 5216 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
20:39:49.0241 5216 iScsiPrt - ok
20:39:49.0304 5216 JMCR (19496fe93696c929392f1595ed1f8bb3) C:\windows\system32\DRIVERS\jmcr.sys
20:39:49.0304 5216 JMCR - ok
20:39:49.0366 5216 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
20:39:49.0366 5216 kbdclass - ok
20:39:49.0366 5216 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
20:39:49.0382 5216 kbdhid - ok
20:39:49.0413 5216 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:39:49.0413 5216 KeyIso - ok
20:39:49.0444 5216 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
20:39:49.0460 5216 KSecDD - ok
20:39:49.0506 5216 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
20:39:49.0522 5216 KSecPkg - ok
20:39:49.0538 5216 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:39:49.0538 5216 ksthunk - ok
20:39:49.0584 5216 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
20:39:49.0600 5216 KtmRm - ok
20:39:49.0678 5216 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\System32\srvsvc.dll
20:39:49.0694 5216 LanmanServer - ok
20:39:49.0725 5216 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll
20:39:49.0740 5216 LanmanWorkstation - ok
20:39:49.0803 5216 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:39:49.0803 5216 lltdio - ok
20:39:49.0834 5216 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
20:39:49.0865 5216 lltdsvc - ok
20:39:49.0881 5216 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
20:39:49.0881 5216 lmhosts - ok
20:39:49.0990 5216 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:39:49.0990 5216 LMS - ok
20:39:50.0052 5216 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
20:39:50.0052 5216 LPCFilter - ok
20:39:50.0130 5216 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:39:50.0146 5216 LSI_FC - ok
20:39:50.0146 5216 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:39:50.0162 5216 LSI_SAS - ok
20:39:50.0177 5216 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:39:50.0193 5216 LSI_SAS2 - ok
20:39:50.0208 5216 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:39:50.0224 5216 LSI_SCSI - ok
20:39:50.0240 5216 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:39:50.0255 5216 luafv - ok
20:39:50.0286 5216 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll
20:39:50.0286 5216 Mcx2Svc - ok
20:39:50.0411 5216 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:39:50.0411 5216 MDM - ok
20:39:50.0427 5216 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:39:50.0427 5216 megasas - ok
20:39:50.0458 5216 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:39:50.0474 5216 MegaSR - ok
20:39:50.0489 5216 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:39:50.0489 5216 MMCSS - ok
20:39:50.0505 5216 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:39:50.0505 5216 Modem - ok
20:39:50.0520 5216 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:39:50.0536 5216 monitor - ok
20:39:50.0583 5216 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
20:39:50.0583 5216 mouclass - ok
20:39:50.0630 5216 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:39:50.0630 5216 mouhid - ok
20:39:50.0645 5216 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
20:39:50.0645 5216 mountmgr - ok
20:39:50.0676 5216 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
20:39:50.0692 5216 mpio - ok
20:39:50.0723 5216 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:39:50.0723 5216 mpsdrv - ok
20:39:50.0786 5216 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll
20:39:50.0832 5216 MpsSvc - ok
20:39:50.0848 5216 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
20:39:50.0864 5216 MRxDAV - ok
20:39:50.0910 5216 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
20:39:50.0926 5216 mrxsmb - ok
20:39:50.0973 5216 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:39:50.0988 5216 mrxsmb10 - ok
20:39:51.0004 5216 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:39:51.0020 5216 mrxsmb20 - ok
20:39:51.0035 5216 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
20:39:51.0035 5216 msahci - ok
20:39:51.0066 5216 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
20:39:51.0082 5216 msdsm - ok
20:39:51.0098 5216 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
20:39:51.0113 5216 MSDTC - ok
20:39:51.0129 5216 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:39:51.0144 5216 Msfs - ok
20:39:51.0191 5216 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:39:51.0191 5216 mshidkmdf - ok
20:39:51.0207 5216 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
20:39:51.0207 5216 msisadrv - ok
20:39:51.0238 5216 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
20:39:51.0254 5216 MSiSCSI - ok
20:39:51.0254 5216 msiserver - ok
20:39:51.0269 5216 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:39:51.0269 5216 MSKSSRV - ok
20:39:51.0285 5216 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:39:51.0285 5216 MSPCLOCK - ok
20:39:51.0316 5216 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:39:51.0316 5216 MSPQM - ok
20:39:51.0347 5216 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
20:39:51.0363 5216 MsRPC - ok
20:39:51.0378 5216 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
20:39:51.0378 5216 mssmbios - ok
20:39:51.0394 5216 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:39:51.0394 5216 MSTEE - ok
20:39:51.0441 5216 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:39:51.0456 5216 MTConfig - ok
20:39:51.0472 5216 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:39:51.0472 5216 Mup - ok
20:39:51.0566 5216 MyWiFiDHCPDNS (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:39:51.0597 5216 MyWiFiDHCPDNS - ok
20:39:51.0644 5216 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll
20:39:51.0659 5216 napagent - ok
20:39:51.0753 5216 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:39:51.0768 5216 NativeWifiP - ok
20:39:51.0831 5216 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
20:39:51.0846 5216 NDIS - ok
20:39:51.0878 5216 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:39:51.0878 5216 NdisCap - ok
20:39:51.0924 5216 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:39:51.0924 5216 NdisTapi - ok
20:39:51.0971 5216 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
20:39:51.0971 5216 Ndisuio - ok
20:39:52.0002 5216 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
20:39:52.0018 5216 NdisWan - ok
20:39:52.0034 5216 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
20:39:52.0049 5216 NDProxy - ok
20:39:52.0065 5216 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:39:52.0065 5216 NetBIOS - ok
20:39:52.0096 5216 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
20:39:52.0112 5216 NetBT - ok
20:39:52.0143 5216 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:39:52.0143 5216 Netlogon - ok
20:39:52.0221 5216 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
20:39:52.0236 5216 Netman - ok
20:39:52.0268 5216 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
20:39:52.0283 5216 netprofm - ok
20:39:52.0346 5216 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:39:52.0361 5216 NetTcpPortSharing - ok
20:39:52.0892 5216 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\windows\system32\DRIVERS\NETw5s64.sys
20:39:53.0079 5216 NETw5s64 - ok
20:39:53.0235 5216 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:39:53.0250 5216 nfrd960 - ok
20:39:53.0313 5216 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll
20:39:53.0328 5216 NlaSvc - ok
20:39:53.0360 5216 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:39:53.0360 5216 Npfs - ok
20:39:53.0375 5216 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
20:39:53.0375 5216 nsi - ok
20:39:53.0391 5216 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:39:53.0391 5216 nsiproxy - ok
20:39:53.0516 5216 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
20:39:53.0547 5216 Ntfs - ok
20:39:53.0625 5216 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:39:53.0625 5216 Null - ok
20:39:53.0687 5216 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
20:39:53.0703 5216 nvraid - ok
20:39:53.0765 5216 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
20:39:53.0781 5216 nvstor - ok
20:39:53.0828 5216 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
20:39:53.0843 5216 nv_agp - ok
20:39:53.0984 5216 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:39:53.0999 5216 odserv - ok
20:39:54.0030 5216 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
20:39:54.0030 5216 ohci1394 - ok
20:39:54.0108 5216 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:39:54.0124 5216 ose - ok
20:39:54.0498 5216 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:39:54.0623 5216 osppsvc - ok
20:39:54.0748 5216 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:39:54.0764 5216 p2pimsvc - ok
20:39:54.0810 5216 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
20:39:54.0842 5216 p2psvc - ok
20:39:54.0904 5216 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:39:54.0904 5216 Parport - ok
20:39:54.0920 5216 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
20:39:54.0935 5216 partmgr - ok
20:39:54.0966 5216 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
20:39:54.0982 5216 PcaSvc - ok
20:39:55.0013 5216 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys
20:39:55.0029 5216 pci - ok
20:39:55.0044 5216 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
20:39:55.0044 5216 pciide - ok
20:39:55.0091 5216 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:39:55.0107 5216 pcmcia - ok
20:39:55.0122 5216 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:39:55.0122 5216 pcw - ok
20:39:55.0185 5216 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:39:55.0216 5216 PEAUTH - ok
20:39:55.0325 5216 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
20:39:55.0325 5216 PerfHost - ok
20:39:55.0403 5216 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
20:39:55.0403 5216 PGEffect - ok
20:39:55.0497 5216 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll
20:39:55.0559 5216 pla - ok
20:39:55.0653 5216 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll
20:39:55.0700 5216 PlugPlay - ok
20:39:55.0715 5216 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
20:39:55.0731 5216 PNRPAutoReg - ok
20:39:55.0762 5216 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:39:55.0762 5216 PNRPsvc - ok
20:39:55.0824 5216 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll
20:39:55.0871 5216 PolicyAgent - ok
20:39:55.0902 5216 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
20:39:55.0918 5216 Power - ok
20:39:55.0996 5216 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
20:39:56.0012 5216 PptpMiniport - ok
20:39:56.0043 5216 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:39:56.0043 5216 Processor - ok
20:39:56.0074 5216 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll
20:39:56.0090 5216 ProfSvc - ok
20:39:56.0136 5216 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:39:56.0136 5216 ProtectedStorage - ok
20:39:56.0199 5216 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
20:39:56.0199 5216 Psched - ok
20:39:56.0355 5216 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:39:56.0433 5216 ql2300 - ok
20:39:56.0604 5216 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:39:56.0604 5216 ql40xx - ok
20:39:56.0636 5216 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
20:39:56.0651 5216 QWAVE - ok
20:39:56.0667 5216 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:39:56.0682 5216 QWAVEdrv - ok
20:39:56.0682 5216 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:39:56.0682 5216 RasAcd - ok
20:39:56.0745 5216 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:39:56.0745 5216 RasAgileVpn - ok
20:39:56.0776 5216 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
20:39:56.0776 5216 RasAuto - ok
20:39:56.0807 5216 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
20:39:56.0807 5216 Rasl2tp - ok
20:39:56.0885 5216 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll
20:39:56.0901 5216 RasMan - ok
20:39:56.0916 5216 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:39:56.0916 5216 RasPppoe - ok
20:39:56.0948 5216 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:39:56.0948 5216 RasSstp - ok
20:39:56.0979 5216 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
20:39:56.0994 5216 rdbss - ok
20:39:57.0010 5216 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:39:57.0026 5216 rdpbus - ok
20:39:57.0041 5216 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:39:57.0041 5216 RDPCDD - ok
20:39:57.0088 5216 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:39:57.0088 5216 RDPENCDD - ok
20:39:57.0104 5216 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:39:57.0104 5216 RDPREFMP - ok
20:39:57.0150 5216 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys
20:39:57.0150 5216 RDPWD - ok
20:39:57.0182 5216 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys
20:39:57.0197 5216 rdyboost - ok
20:39:57.0322 5216 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:39:57.0338 5216 RegSrvc - ok
20:39:57.0369 5216 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
20:39:57.0384 5216 RemoteAccess - ok
20:39:57.0400 5216 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
20:39:57.0416 5216 RemoteRegistry - ok
20:39:57.0525 5216 Response Hardware (0ae5b227213b1eef53894cf69e5d3e31) C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe
20:39:57.0525 5216 Response Hardware - ok
20:39:57.0540 5216 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
20:39:57.0556 5216 RpcEptMapper - ok
20:39:57.0572 5216 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
20:39:57.0572 5216 RpcLocator - ok
20:39:57.0618 5216 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
20:39:57.0634 5216 RpcSs - ok
20:39:57.0681 5216 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:39:57.0681 5216 rspndr - ok
20:39:57.0759 5216 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\windows\system32\DRIVERS\Rt64win7.sys
20:39:57.0759 5216 RTL8167 - ok
20:39:57.0790 5216 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:39:57.0806 5216 SamSs - ok
20:39:57.0821 5216 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
20:39:57.0821 5216 sbp2port - ok
20:39:57.0852 5216 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
20:39:57.0868 5216 SCardSvr - ok
20:39:57.0884 5216 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
20:39:57.0884 5216 scfilter - ok
20:39:57.0977 5216 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll
20:39:57.0993 5216 Schedule - ok
20:39:58.0040 5216 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
20:39:58.0040 5216 SCPolicySvc - ok
20:39:58.0071 5216 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\windows\system32\DRIVERS\sdbus.sys
20:39:58.0071 5216 sdbus - ok
20:39:58.0118 5216 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll
20:39:58.0133 5216 SDRSVC - ok
20:39:58.0180 5216 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:39:58.0180 5216 secdrv - ok
20:39:58.0196 5216 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll
20:39:58.0211 5216 seclogon - ok
20:39:58.0258 5216 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
20:39:58.0258 5216 SENS - ok
20:39:58.0274 5216 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
20:39:58.0289 5216 SensrSvc - ok
20:39:58.0320 5216 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:39:58.0320 5216 Serenum - ok
20:39:58.0367 5216 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:39:58.0367 5216 Serial - ok
20:39:58.0414 5216 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:39:58.0414 5216 sermouse - ok
20:39:58.0461 5216 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll
20:39:58.0476 5216 SessionEnv - ok
20:39:58.0476 5216 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
20:39:58.0492 5216 sffdisk - ok
20:39:58.0492 5216 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
20:39:58.0492 5216 sffp_mmc - ok
20:39:58.0508 5216 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
20:39:58.0508 5216 sffp_sd - ok
20:39:58.0508 5216 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:39:58.0523 5216 sfloppy - ok
20:39:58.0648 5216 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
20:39:58.0664 5216 Sftfs - ok
20:39:58.0788 5216 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:39:58.0804 5216 sftlist - ok
20:39:58.0835 5216 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
20:39:58.0835 5216 Sftplay - ok
20:39:58.0851 5216 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
20:39:58.0851 5216 Sftredir - ok
20:39:58.0866 5216 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
20:39:58.0866 5216 Sftvol - ok
20:39:58.0898 5216 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:39:58.0898 5216 sftvsa - ok
20:39:58.0976 5216 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
20:39:58.0991 5216 SharedAccess - ok
20:39:59.0038 5216 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll
20:39:59.0054 5216 ShellHWDetection - ok
20:39:59.0100 5216 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:39:59.0100 5216 SiSRaid2 - ok
20:39:59.0116 5216 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:39:59.0132 5216 SiSRaid4 - ok
20:39:59.0194 5216 SMARTMouseFilterx64 (323ddcd15db2a7fed09df1f835cafcfb) C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys
20:39:59.0194 5216 SMARTMouseFilterx64 - ok
20:39:59.0210 5216 SMARTVHidMiniVistaAmd64 (6c691320c71ca8e8c38f52b2ce652c64) C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
20:39:59.0210 5216 SMARTVHidMiniVistaAmd64 - ok
20:39:59.0256 5216 SMARTVTabletPCx64 (20563f6830badd675407af0f5bca76ba) C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys
20:39:59.0256 5216 SMARTVTabletPCx64 - ok
20:39:59.0288 5216 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:39:59.0288 5216 Smb - ok
20:39:59.0334 5216 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
20:39:59.0350 5216 SNMPTRAP - ok
20:39:59.0350 5216 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:39:59.0350 5216 spldr - ok
20:39:59.0412 5216 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe
20:39:59.0428 5216 Spooler - ok
20:39:59.0662 5216 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe
20:39:59.0709 5216 sppsvc - ok
20:39:59.0802 5216 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
20:39:59.0818 5216 sppuinotify - ok
20:39:59.0896 5216 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
20:39:59.0912 5216 srv - ok
20:39:59.0958 5216 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
20:39:59.0974 5216 srv2 - ok
20:40:00.0005 5216 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
20:40:00.0021 5216 srvnet - ok
20:40:00.0068 5216 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
20:40:00.0083 5216 SSDPSRV - ok
20:40:00.0114 5216 ssfmonm (9da88a16e0ba3476186fa3bbf68a2ecf) C:\windows\system32\DRIVERS\ssfmonm.sys
20:40:00.0114 5216 ssfmonm - ok
20:40:00.0130 5216 ssidrv (d0afe61df285b9b29fffed4cbb9a8201) C:\windows\system32\DRIVERS\ssidrv.sys
20:40:00.0146 5216 ssidrv - ok
20:40:00.0161 5216 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
20:40:00.0161 5216 SstpSvc - ok
20:40:00.0192 5216 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:40:00.0192 5216 stexstor - ok
20:40:00.0286 5216 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll
20:40:00.0317 5216 stisvc - ok
20:40:00.0333 5216 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
20:40:00.0333 5216 swenum - ok
20:40:00.0380 5216 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
20:40:00.0395 5216 swprv - ok
20:40:00.0473 5216 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
20:40:00.0473 5216 SynTP - ok
20:40:00.0614 5216 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll
20:40:00.0676 5216 SysMain - ok
20:40:00.0785 5216 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll
20:40:00.0801 5216 TabletInputService - ok
20:40:00.0832 5216 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll
20:40:00.0848 5216 TapiSrv - ok
20:40:00.0863 5216 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
20:40:00.0863 5216 TBS - ok
20:40:01.0035 5216 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
20:40:01.0066 5216 Tcpip - ok
20:40:01.0284 5216 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
20:40:01.0300 5216 TCPIP6 - ok
20:40:01.0394 5216 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
20:40:01.0394 5216 tcpipreg - ok
20:40:01.0472 5216 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
20:40:01.0472 5216 tdcmdpst - ok
20:40:01.0487 5216 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:40:01.0487 5216 TDPIPE - ok
20:40:01.0534 5216 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys
20:40:01.0534 5216 TDTCP - ok
20:40:01.0565 5216 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
20:40:01.0581 5216 tdx - ok
20:40:01.0612 5216 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
20:40:01.0612 5216 TermDD - ok
20:40:01.0690 5216 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll
20:40:01.0690 5216 TermService - ok
20:40:01.0721 5216 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
20:40:01.0737 5216 Themes - ok
20:40:01.0799 5216 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
20:40:01.0799 5216 Thpdrv - ok
20:40:01.0830 5216 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
20:40:01.0830 5216 Thpevm - ok
20:40:01.0893 5216 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\windows\system32\ThpSrv.exe
20:40:01.0908 5216 Thpsrv - ok
20:40:01.0940 5216 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:40:01.0940 5216 THREADORDER - ok
20:40:02.0018 5216 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:40:02.0018 5216 TMachInfo - ok
20:40:02.0064 5216 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
20:40:02.0080 5216 TODDSrv - ok
20:40:02.0158 5216 TosCoSrv (bdbe7a21e1de76d92f566aa80546aa4c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:40:02.0174 5216 TosCoSrv - ok
20:40:02.0236 5216 TOSHIBA eco Utility Service (152da63a2843e7e63eca8ae90d853763) C:\Program Files\TOSHIBA\TECO\TecoService.exe
20:40:02.0252 5216 TOSHIBA eco Utility Service - ok
20:40:02.0314 5216 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:40:02.0314 5216 TOSHIBA HDD SSD Alert Service - ok
20:40:02.0439 5216 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
20:40:02.0454 5216 tos_sps64 - ok
20:40:02.0548 5216 TPCHSrv (6f9e17819bfa53cff67cb1e16669500f) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
20:40:02.0564 5216 TPCHSrv - ok
20:40:02.0673 5216 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
20:40:02.0688 5216 TrkWks - ok
20:40:02.0751 5216 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe
20:40:02.0751 5216 TrustedInstaller - ok
20:40:02.0798 5216 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
20:40:02.0798 5216 tssecsrv - ok
20:40:02.0844 5216 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
20:40:02.0860 5216 tunnel - ok
20:40:02.0891 5216 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:40:02.0891 5216 TVALZ - ok
20:40:02.0954 5216 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
20:40:02.0954 5216 TVALZFL - ok
20:40:02.0985 5216 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:40:02.0985 5216 uagp35 - ok
20:40:03.0016 5216 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
20:40:03.0047 5216 udfs - ok
20:40:03.0078 5216 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
20:40:03.0078 5216 UI0Detect - ok
20:40:03.0125 5216 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
20:40:03.0141 5216 uliagpkx - ok
20:40:03.0156 5216 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
20:40:03.0156 5216 umbus - ok
20:40:03.0203 5216 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:40:03.0203 5216 UmPass - ok
20:40:03.0437 5216 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:40:03.0468 5216 UNS - ok
20:40:03.0624 5216 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
20:40:03.0640 5216 upnphost - ok
20:40:03.0718 5216 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
20:40:03.0718 5216 USBAAPL64 - ok
20:40:03.0765 5216 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys
20:40:03.0765 5216 usbccgp - ok
20:40:03.0796 5216 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
20:40:03.0796 5216 usbcir - ok
20:40:03.0827 5216 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys
20:40:03.0827 5216 usbehci - ok
20:40:03.0874 5216 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys
20:40:03.0890 5216 usbhub - ok
20:40:03.0921 5216 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys
20:40:03.0921 5216 usbohci - ok
20:40:03.0968 5216 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:40:03.0968 5216 usbprint - ok
20:40:03.0999 5216 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:40:04.0014 5216 USBSTOR - ok
20:40:04.0030 5216 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys
20:40:04.0030 5216 usbuhci - ok
20:40:04.0108 5216 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
20:40:04.0124 5216 usbvideo - ok
20:40:04.0139 5216 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
20:40:04.0155 5216 UxSms - ok
20:40:04.0186 5216 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:40:04.0186 5216 VaultSvc - ok
20:40:04.0233 5216 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
20:40:04.0233 5216 vdrvroot - ok
20:40:04.0295 5216 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe
20:40:04.0326 5216 vds - ok
20:40:04.0358 5216 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:40:04.0358 5216 vga - ok
20:40:04.0373 5216 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:40:04.0373 5216 VgaSave - ok
20:40:04.0404 5216 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
20:40:04.0420 5216 vhdmp - ok
20:40:04.0436 5216 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
20:40:04.0436 5216 viaide - ok
20:40:04.0467 5216 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
20:40:04.0467 5216 volmgr - ok
20:40:04.0498 5216 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
20:40:04.0529 5216 volmgrx - ok
20:40:04.0560 5216 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
20:40:04.0560 5216 volsnap - ok
20:40:04.0623 5216 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:40:04.0638 5216 vsmraid - ok
20:40:04.0748 5216 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe
20:40:04.0810 5216 VSS - ok
20:40:04.0935 5216 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
20:40:04.0935 5216 vwifibus - ok
20:40:04.0982 5216 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
20:40:04.0982 5216 vwififlt - ok
20:40:04.0997 5216 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
20:40:04.0997 5216 vwifimp - ok
20:40:05.0075 5216 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
20:40:05.0075 5216 W32Time - ok
20:40:05.0091 5216 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:40:05.0107 5216 WacomPen - ok
20:40:05.0153 5216 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
20:40:05.0169 5216 WANARP - ok
20:40:05.0169 5216 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
20:40:05.0169 5216 Wanarpv6 - ok
20:40:05.0325 5216 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
20:40:05.0387 5216 WatAdminSvc - ok
20:40:05.0512 5216 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe
20:40:05.0543 5216 wbengine - ok
20:40:05.0637 5216 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
20:40:05.0653 5216 WbioSrvc - ok
20:40:05.0699 5216 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\windows\System32\wcncsvc.dll
20:40:05.0715 5216 wcncsvc - ok
20:40:05.0746 5216 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
20:40:05.0746 5216 WcsPlugInService - ok
20:40:05.0777 5216 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:40:05.0777 5216 Wd - ok
20:40:05.0840 5216 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:40:05.0871 5216 Wdf01000 - ok
20:40:05.0887 5216 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:40:05.0902 5216 WdiServiceHost - ok
20:40:05.0902 5216 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:40:05.0902 5216 WdiSystemHost - ok
20:40:05.0965 5216 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\windows\system32\DRIVERS\WDKMD.sys
20:40:05.0965 5216 wdkmd - ok
20:40:06.0011 5216 WebClient (733006127f235be7c35354ebee7b9a7b) C:\windows\System32\webclnt.dll
20:40:06.0043 5216 WebClient - ok
20:40:06.0386 5216 WebrootSpySweeperService (23dd2d1ef1735b0478172a2da95a2dad) C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe
20:40:06.0433 5216 WebrootSpySweeperService - ok
20:40:06.0573 5216 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
20:40:06.0589 5216 Wecsvc - ok
20:40:06.0604 5216 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
20:40:06.0620 5216 wercplsupport - ok
20:40:06.0667 5216 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
20:40:06.0682 5216 WerSvc - ok
20:40:06.0713 5216 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:40:06.0713 5216 WfpLwf - ok
20:40:06.0823 5216 WiMAXAppSrv (8686e96e13f41ac9806a79ca8004feee) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
20:40:06.0838 5216 WiMAXAppSrv - ok
20:40:06.0869 5216 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:40:06.0869 5216 WIMMount - ok
20:40:06.0932 5216 WinDefend - ok
20:40:06.0947 5216 WinHttpAutoProxySvc - ok
20:40:07.0010 5216 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
20:40:07.0025 5216 Winmgmt - ok
20:40:07.0181 5216 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll
20:40:07.0228 5216 WinRM - ok
20:40:07.0415 5216 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
20:40:07.0415 5216 WinUsb - ok
20:40:07.0493 5216 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
20:40:07.0509 5216 Wlansvc - ok
20:40:07.0618 5216 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:40:07.0618 5216 wlcrasvc - ok
20:40:07.0821 5216 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:40:07.0868 5216 wlidsvc - ok
20:40:07.0993 5216 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
20:40:07.0993 5216 WmiAcpi - ok
20:40:08.0055 5216 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
20:40:08.0071 5216 wmiApSrv - ok
20:40:08.0133 5216 WMPNetworkSvc - ok
20:40:08.0149 5216 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
20:40:08.0149 5216 WPCSvc - ok
20:40:08.0180 5216 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll
20:40:08.0195 5216 WPDBusEnum - ok
20:40:08.0476 5216 WRConsumerService (79ac7915b54882a2a1a1fc222e3afa55) C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
20:40:08.0507 5216 WRConsumerService - ok
20:40:08.0632 5216 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:40:08.0632 5216 ws2ifsl - ok
20:40:08.0695 5216 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\windows\system32\wscsvc.dll
20:40:08.0710 5216 wscsvc - ok
20:40:08.0710 5216 WSearch - ok
20:40:08.0882 5216 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll
20:40:08.0960 5216 wuauserv - ok
20:40:09.0038 5216 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
20:40:09.0038 5216 WudfPf - ok
20:40:09.0069 5216 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
20:40:09.0085 5216 WUDFRd - ok
20:40:09.0116 5216 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll
20:40:09.0131 5216 wudfsvc - ok
20:40:09.0163 5216 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
20:40:09.0178 5216 WwanSvc - ok
20:40:09.0241 5216 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
20:40:09.0319 5216 \Device\Harddisk0\DR0 - ok
20:40:09.0334 5216 Boot (0x1200) (a8f8977726a41bab98304b299fcb4a46) \Device\Harddisk0\DR0\Partition0
20:40:09.0334 5216 \Device\Harddisk0\DR0\Partition0 - ok
20:40:09.0334 5216 ============================================================
20:40:09.0334 5216 Scan finished
20:40:09.0334 5216 ============================================================
20:40:09.0365 1876 Detected object count: 0
20:40:09.0365 1876 Actual detected object count: 0
20:40:33.0312 7084 ============================================================
20:40:33.0312 7084 Scan started
20:40:33.0312 7084 Mode: Manual;
20:40:33.0312 7084 ============================================================
20:40:33.0624 7084 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys
20:40:33.0624 7084 1394ohci - ok
20:40:33.0734 7084 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:40:33.0734 7084 ACDaemon - ok
20:40:33.0765 7084 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
20:40:33.0765 7084 ACPI - ok
20:40:33.0796 7084 acpials (12c5274cd87449a2a37a607cdb321922) C:\windows\system32\DRIVERS\acpials.sys
20:40:33.0796 7084 acpials - ok
20:40:33.0812 7084 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
20:40:33.0812 7084 AcpiPmi - ok
20:40:33.0936 7084 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:33.0936 7084 AdobeFlashPlayerUpdateSvc - ok
20:40:33.0999 7084 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:40:33.0999 7084 adp94xx - ok
20:40:34.0061 7084 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:40:34.0061 7084 adpahci - ok
20:40:34.0092 7084 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:40:34.0092 7084 adpu320 - ok
20:40:34.0124 7084 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
20:40:34.0124 7084 AeLookupSvc - ok
20:40:34.0217 7084 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\windows\syswow64\drivers\Afc.sys
20:40:34.0217 7084 Afc - ok
20:40:34.0280 7084 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
20:40:34.0280 7084 AFD - ok
20:40:34.0295 7084 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
20:40:34.0311 7084 agp440 - ok
20:40:34.0326 7084 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
20:40:34.0326 7084 ALG - ok
20:40:34.0326 7084 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
20:40:34.0342 7084 aliide - ok
20:40:34.0342 7084 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
20:40:34.0342 7084 amdide - ok
20:40:34.0358 7084 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:40:34.0358 7084 AmdK8 - ok
20:40:34.0373 7084 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:40:34.0373 7084 AmdPPM - ok
20:40:34.0404 7084 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
20:40:34.0420 7084 amdsata - ok
20:40:34.0436 7084 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:40:34.0436 7084 amdsbs - ok
20:40:34.0482 7084 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
20:40:34.0482 7084 amdxata - ok
20:40:34.0482 7084 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
20:40:34.0498 7084 AppID - ok
20:40:34.0514 7084 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
20:40:34.0514 7084 AppIDSvc - ok
20:40:34.0529 7084 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll
20:40:34.0545 7084 Appinfo - ok
20:40:34.0638 7084 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:40:34.0638 7084 Apple Mobile Device - ok
20:40:34.0654 7084 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:40:34.0654 7084 arc - ok
20:40:34.0670 7084 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:40:34.0670 7084 arcsas - ok
20:40:34.0685 7084 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:40:34.0685 7084 AsyncMac - ok
20:40:34.0732 7084 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
20:40:34.0732 7084 atapi - ok
20:40:34.0779 7084 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
20:40:34.0779 7084 AudioEndpointBuilder - ok
20:40:34.0794 7084 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
20:40:34.0810 7084 AudioSrv - ok
20:40:34.0826 7084 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll
20:40:34.0826 7084 AxInstSV - ok
20:40:34.0872 7084 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:40:34.0888 7084 b06bdrv - ok
20:40:34.0919 7084 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
20:40:34.0919 7084 b57nd60a - ok
20:40:34.0950 7084 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
20:40:34.0966 7084 BDESVC - ok
20:40:34.0982 7084 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:40:34.0982 7084 Beep - ok
20:40:35.0044 7084 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll
20:40:35.0044 7084 BFE - ok
20:40:35.0122 7084 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\system32\qmgr.dll
20:40:35.0138 7084 BITS - ok
20:40:35.0184 7084 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:40:35.0184 7084 blbdrive - ok
20:40:35.0262 7084 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:40:35.0262 7084 Bonjour Service - ok
20:40:35.0309 7084 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
20:40:35.0309 7084 bowser - ok
20:40:35.0340 7084 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\windows\system32\DRIVERS\bpenum.sys
20:40:35.0340 7084 bpenum - ok
20:40:35.0372 7084 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\windows\system32\DRIVERS\bpmp.sys
20:40:35.0372 7084 bpmp - ok
20:40:35.0387 7084 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\windows\system32\Drivers\bpusb.sys
20:40:35.0387 7084 bpusb - ok
20:40:35.0403 7084 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:40:35.0403 7084 BrFiltLo - ok
20:40:35.0434 7084 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:40:35.0434 7084 BrFiltUp - ok
20:40:35.0450 7084 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
20:40:35.0450 7084 BridgeMP - ok
20:40:35.0496 7084 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll
20:40:35.0496 7084 Browser - ok
20:40:35.0543 7084 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:40:35.0543 7084 Brserid - ok
20:40:35.0606 7084 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:40:35.0606 7084 BrSerWdm - ok
20:40:35.0621 7084 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:40:35.0621 7084 BrUsbMdm - ok
20:40:35.0621 7084 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:40:35.0621 7084 BrUsbSer - ok
20:40:35.0637 7084 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:40:35.0637 7084 BTHMODEM - ok
20:40:35.0668 7084 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
20:40:35.0668 7084 bthserv - ok
20:40:35.0668 7084 catchme - ok
20:40:35.0699 7084 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:40:35.0699 7084 cdfs - ok
20:40:35.0730 7084 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
20:40:35.0730 7084 cdrom - ok
20:40:35.0746 7084 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
20:40:35.0746 7084 CertPropSvc - ok
20:40:35.0777 7084 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:40:35.0777 7084 circlass - ok
20:40:35.0808 7084 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:40:35.0824 7084 CLFS - ok
20:40:35.0886 7084 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:35.0886 7084 clr_optimization_v2.0.50727_32 - ok
20:40:35.0933 7084 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:40:35.0933 7084 clr_optimization_v2.0.50727_64 - ok
20:40:35.0996 7084 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:40:35.0996 7084 clr_optimization_v4.0.30319_32 - ok
20:40:36.0027 7084 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:40:36.0027 7084 clr_optimization_v4.0.30319_64 - ok
20:40:36.0058 7084 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:40:36.0058 7084 CmBatt - ok
20:40:36.0089 7084 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
20:40:36.0089 7084 cmdide - ok
20:40:36.0136 7084 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
20:40:36.0152 7084 CNG - ok
20:40:36.0167 7084 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:40:36.0167 7084 Compbatt - ok
20:40:36.0183 7084 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
20:40:36.0183 7084 CompositeBus - ok
20:40:36.0198 7084 COMSysApp - ok
20:40:36.0214 7084 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:40:36.0214 7084 crcdisk - ok
20:40:36.0261 7084 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll
20:40:36.0261 7084 CryptSvc - ok
20:40:36.0401 7084 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:40:36.0417 7084 cvhsvc - ok
20:40:36.0479 7084 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
20:40:36.0479 7084 DcomLaunch - ok
20:40:36.0557 7084 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
20:40:36.0557 7084 defragsvc - ok
20:40:36.0604 7084 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
20:40:36.0604 7084 DfsC - ok
20:40:36.0635 7084 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll
20:40:36.0651 7084 Dhcp - ok
20:40:36.0666 7084 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:40:36.0666 7084 discache - ok
20:40:36.0698 7084 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:40:36.0698 7084 Disk - ok
20:40:36.0776 7084 DMAgent (61458c120cddfe7514e2db125568ca59) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
20:40:36.0791 7084 DMAgent - ok
20:40:36.0838 7084 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll
20:40:36.0838 7084 Dnscache - ok
20:40:36.0869 7084 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll
20:40:36.0869 7084 dot3svc - ok
20:40:36.0900 7084 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll
20:40:36.0900 7084 DPS - ok
20:40:36.0932 7084 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:40:36.0932 7084 drmkaud - ok
20:40:37.0025 7084 DXGKrnl (372117d46a16add8ca6e3ee3b3bdd57c) C:\windows\System32\drivers\dxgkrnl.sys
20:40:37.0025 7084 DXGKrnl - ok
20:40:37.0056 7084 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
20:40:37.0056 7084 EapHost - ok
20:40:37.0275 7084 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:40:37.0322 7084 ebdrv - ok
20:40:37.0431 7084 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe
20:40:37.0446 7084 EFS - ok
20:40:37.0509 7084 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\windows\ehome\ehRecvr.exe
20:40:37.0524 7084 ehRecvr - ok
20:40:37.0556 7084 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
20:40:37.0556 7084 ehSched - ok
20:40:37.0618 7084 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:40:37.0618 7084 elxstor - ok
20:40:37.0649 7084 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
20:40:37.0649 7084 ErrDev - ok
20:40:37.0712 7084 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
20:40:37.0712 7084 EventSystem - ok
20:40:37.0852 7084 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:40:37.0868 7084 EvtEng - ok
20:40:37.0977 7084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:40:37.0977 7084 exfat - ok
20:40:38.0008 7084 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:40:38.0008 7084 fastfat - ok
20:40:38.0538 7084 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe
20:40:38.0554 7084 Fax - ok
20:40:38.0710 7084 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:40:38.0710 7084 fdc - ok
20:40:38.0741 7084 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
20:40:38.0741 7084 fdPHost - ok
20:40:38.0757 7084 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
20:40:38.0757 7084 FDResPub - ok
20:40:38.0772 7084 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:40:38.0772 7084 FileInfo - ok
20:40:38.0788 7084 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:40:38.0804 7084 Filetrace - ok
20:40:38.0804 7084 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:40:38.0804 7084 flpydisk - ok
20:40:38.0835 7084 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
20:40:38.0850 7084 FltMgr - ok
20:40:38.0944 7084 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\windows\system32\FntCache.dll
20:40:38.0944 7084 FontCache - ok
20:40:39.0006 7084 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:40:39.0006 7084 FontCache3.0.0.0 - ok
20:40:39.0038 7084 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:40:39.0038 7084 FsDepends - ok
20:40:39.0053 7084 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
20:40:39.0053 7084 fssfltr - ok
20:40:39.0240 7084 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:40:39.0256 7084 fsssvc - ok
20:40:39.0396 7084 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\windows\system32\drivers\Fs_Rec.sys
20:40:39.0412 7084 Fs_Rec - ok
20:40:39.0443 7084 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
20:40:39.0443 7084 fvevol - ok
20:40:39.0537 7084 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:40:39.0537 7084 gagp30kx - ok
20:40:39.0615 7084 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:40:39.0615 7084 GEARAspiWDM - ok
20:40:39.0724 7084 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll
20:40:39.0740 7084 gpsvc - ok
20:40:39.0802 7084 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:39.0802 7084 gupdate - ok
20:40:39.0802 7084 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:39.0818 7084 gupdatem - ok
20:40:39.0864 7084 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:40:39.0864 7084 hcw85cir - ok
20:40:39.0896 7084 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
20:40:39.0896 7084 HdAudAddService - ok
20:40:39.0927 7084 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
20:40:39.0927 7084 HDAudBus - ok
20:40:39.0958 7084 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
20:40:39.0958 7084 HECIx64 - ok
20:40:39.0958 7084 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:40:39.0974 7084 HidBatt - ok
20:40:39.0989 7084 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:40:39.0989 7084 HidBth - ok
20:40:40.0005 7084 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:40:40.0005 7084 HidIr - ok
20:40:40.0052 7084 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
20:40:40.0067 7084 hidserv - ok
20:40:40.0083 7084 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
20:40:40.0083 7084 HidUsb - ok
20:40:40.0098 7084 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll
20:40:40.0098 7084 hkmsvc - ok
20:40:40.0130 7084 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll
20:40:40.0145 7084 HomeGroupListener - ok
20:40:40.0176 7084 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll
20:40:40.0176 7084 HomeGroupProvider - ok
20:40:40.0208 7084 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
20:40:40.0208 7084 HpSAMD - ok
20:40:40.0286 7084 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
20:40:40.0286 7084 HTTP - ok
20:40:40.0301 7084 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
20:40:40.0301 7084 hwpolicy - ok
20:40:40.0332 7084 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
20:40:40.0332 7084 i8042prt - ok
20:40:40.0395 7084 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
20:40:40.0395 7084 iaStor - ok
20:40:40.0457 7084 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
20:40:40.0457 7084 iaStorV - ok
20:40:40.0566 7084 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:40:40.0582 7084 idsvc - ok
20:40:41.0222 7084 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\windows\system32\DRIVERS\igdkmd64.sys
20:40:41.0346 7084 igfx - ok
20:40:41.0456 7084 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:40:41.0456 7084 iirsp - ok
20:40:41.0549 7084 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll
20:40:41.0549 7084 IKEEXT - ok
20:40:41.0596 7084 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
20:40:41.0596 7084 Impcd - ok
20:40:41.0736 7084 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
20:40:41.0768 7084 IntcAzAudAddService - ok
20:40:41.0846 7084 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\windows\system32\DRIVERS\IntcDAud.sys
20:40:41.0846 7084 IntcDAud - ok
20:40:41.0861 7084 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
20:40:41.0861 7084 intelide - ok
20:40:41.0877 7084 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:40:41.0877 7084 intelppm - ok
20:40:41.0955 7084 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
20:40:41.0955 7084 IntuitUpdateServiceV4 - ok
20:40:41.0970 7084 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
20:40:41.0970 7084 IPBusEnum - ok
20:40:41.0986 7084 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:40:41.0986 7084 IpFilterDriver - ok
20:40:42.0033 7084 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll
20:40:42.0048 7084 iphlpsvc - ok
20:40:42.0064 7084 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
20:40:42.0064 7084 IPMIDRV - ok
20:40:42.0080 7084 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:40:42.0080 7084 IPNAT - ok
20:40:42.0189 7084 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
20:40:42.0204 7084 iPod Service - ok
20:40:42.0220 7084 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:40:42.0220 7084 IRENUM - ok
20:40:42.0220 7084 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
20:40:42.0236 7084 isapnp - ok
20:40:42.0267 7084 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
20:40:42.0267 7084 iScsiPrt - ok
20:40:42.0298 7084 JMCR (19496fe93696c929392f1595ed1f8bb3) C:\windows\system32\DRIVERS\jmcr.sys
20:40:42.0314 7084 JMCR - ok
20:40:42.0329 7084 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
20:40:42.0329 7084 kbdclass - ok
20:40:42.0345 7084 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
20:40:42.0345 7084 kbdhid - ok
20:40:42.0376 7084 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:40:42.0376 7084 KeyIso - ok
20:40:42.0423 7084 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
20:40:42.0423 7084 KSecDD - ok
20:40:42.0454 7084 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
20:40:42.0454 7084 KSecPkg - ok
20:40:42.0470 7084 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:40:42.0470 7084 ksthunk - ok
20:40:42.0532 7084 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
20:40:42.0532 7084 KtmRm - ok
20:40:42.0579 7084 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\System32\srvsvc.dll
20:40:42.0579 7084 LanmanServer - ok
20:40:42.0610 7084 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll
20:40:42.0626 7084 LanmanWorkstation - ok
20:40:42.0641 7084 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:40:42.0641 7084 lltdio - ok
20:40:42.0688 7084 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
20:40:42.0688 7084 lltdsvc - ok
20:40:42.0704 7084 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
20:40:42.0704 7084 lmhosts - ok
20:40:42.0782 7084 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:40:42.0782 7084 LMS - ok
20:40:42.0813 7084 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
20:40:42.0813 7084 LPCFilter - ok
20:40:42.0860 7084 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:40:42.0860 7084 LSI_FC - ok
20:40:42.0875 7084 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:40:42.0875 7084 LSI_SAS - ok
20:40:42.0891 7084 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:40:42.0891 7084 LSI_SAS2 - ok
20:40:42.0906 7084 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:40:42.0906 7084 LSI_SCSI - ok
20:40:42.0922 7084 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:40:42.0922 7084 luafv - ok
20:40:42.0953 7084 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll
20:40:42.0953 7084 Mcx2Svc - ok
20:40:43.0031 7084 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:40:43.0047 7084 MDM - ok
20:40:43.0047 7084 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:40:43.0047 7084 megasas - ok
20:40:43.0094 7084 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:40:43.0094 7084 MegaSR - ok
20:40:43.0125 7084 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:40:43.0125 7084 MMCSS - ok
20:40:43.0140 7084 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:40:43.0140 7084 Modem - ok
20:40:43.0156 7084 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:40:43.0156 7084 monitor - ok
20:40:43.0172 7084 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
20:40:43.0172 7084 mouclass - ok
20:40:43.0187 7084 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:40:43.0203 7084 mouhid - ok
20:40:43.0218 7084 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
20:40:43.0218 7084 mountmgr - ok
20:40:43.0250 7084 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
20:40:43.0250 7084 mpio - ok
20:40:43.0281 7084 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:40:43.0281 7084 mpsdrv - ok
20:40:43.0359 7084 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll
20:40:43.0359 7084 MpsSvc - ok
20:40:43.0390 7084 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
20:40:43.0390 7084 MRxDAV - ok
20:40:43.0437 7084 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
20:40:43.0437 7084 mrxsmb - ok
20:40:43.0484 7084 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:40:43.0484 7084 mrxsmb10 - ok
20:40:43.0515 7084 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:40:43.0530 7084 mrxsmb20 - ok
20:40:43.0530 7084 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
20:40:43.0546 7084 msahci - ok
20:40:43.0562 7084 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
20:40:43.0562 7084 msdsm - ok
20:40:43.0593 7084 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
20:40:43.0593 7084 MSDTC - ok
20:40:43.0624 7084 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:40:43.0624 7084 Msfs - ok
20:40:43.0640 7084 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:40:43.0640 7084 mshidkmdf - ok
20:40:43.0655 7084 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
20:40:43.0655 7084 msisadrv - ok
20:40:43.0686 7084 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
20:40:43.0686 7084 MSiSCSI - ok
20:40:43.0702 7084 msiserver - ok
20:40:43.0718 7084 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:40:43.0718 7084 MSKSSRV - ok
20:40:43.0733 7084 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:40:43.0733 7084 MSPCLOCK - ok
20:40:43.0749 7084 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:40:43.0749 7084 MSPQM - ok
20:40:43.0780 7084 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
20:40:43.0796 7084 MsRPC - ok
20:40:43.0811 7084 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
20:40:43.0811 7084 mssmbios - ok
20:40:43.0827 7084 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:40:43.0827 7084 MSTEE - ok
20:40:43.0842 7084 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:40:43.0842 7084 MTConfig - ok
20:40:43.0858 7084 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:40:43.0858 7084 Mup - ok
20:40:43.0936 7084 MyWiFiDHCPDNS (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:40:43.0936 7084 MyWiFiDHCPDNS - ok
20:40:43.0998 7084 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll
20:40:44.0014 7084 napagent - ok
20:40:44.0045 7084 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:40:44.0045 7084 NativeWifiP - ok
20:40:44.0123 7084 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
20:40:44.0139 7084 NDIS - ok
20:40:44.0154 7084 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:40:44.0154 7084 NdisCap - ok
20:40:44.0186 7084 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:40:44.0186 7084 NdisTapi - ok
20:40:44.0201 7084 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
20:40:44.0201 7084 Ndisuio - ok
20:40:44.0232 7084 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
20:40:44.0232 7084 NdisWan - ok
20:40:44.0248 7084 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
20:40:44.0248 7084 NDProxy - ok
20:40:44.0264 7084 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:40:44.0264 7084 NetBIOS - ok
20:40:44.0295 7084 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
20:40:44.0295 7084 NetBT - ok
20:40:44.0326 7084 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:40:44.0326 7084 Netlogon - ok
20:40:44.0373 7084 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
20:40:44.0373 7084 Netman - ok
20:40:44.0404 7084 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
20:40:44.0420 7084 netprofm - ok
20:40:44.0482 7084 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:40:44.0482 7084 NetTcpPortSharing - ok
20:40:45.0044 7084 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\windows\system32\DRIVERS\NETw5s64.sys
20:40:45.0137 7084 NETw5s64 - ok
20:40:45.0278 7084 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:40:45.0278 7084 nfrd960 - ok
20:40:45.0324 7084 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll
20:40:45.0324 7084 NlaSvc - ok
20:40:45.0356 7084 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:40:45.0356 7084 Npfs - ok
20:40:45.0371 7084 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
20:40:45.0371 7084 nsi - ok
20:40:45.0387 7084 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:40:45.0387 7084 nsiproxy - ok
20:40:45.0512 7084 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
20:40:45.0527 7084 Ntfs - ok
20:40:45.0668 7084 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:40:45.0668 7084 Null - ok
20:40:45.0699 7084 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
20:40:45.0699 7084 nvraid - ok
20:40:45.0730 7084 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
20:40:45.0730 7084 nvstor - ok
20:40:45.0746 7084 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
20:40:45.0746 7084 nv_agp - ok
20:40:45.0870 7084 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:40:45.0886 7084 odserv - ok
20:40:45.0933 7084 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
20:40:45.0933 7084 ohci1394 - ok
20:40:45.0980 7084 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:40:45.0980 7084 ose - ok
20:40:46.0307 7084 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:40:46.0370 7084 osppsvc - ok
20:40:46.0494 7084 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:40:46.0510 7084 p2pimsvc - ok
20:40:46.0557 7084 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
20:40:46.0557 7084 p2psvc - ok
20:40:46.0619 7084 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:40:46.0619 7084 Parport - ok
20:40:46.0650 7084 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
20:40:46.0650 7084 partmgr - ok
20:40:46.0682 7084 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
20:40:46.0682 7084 PcaSvc - ok
20:40:46.0713 7084 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys
20:40:46.0713 7084 pci - ok
20:40:46.0728 7084 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
20:40:46.0728 7084 pciide - ok
20:40:46.0760 7084 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:40:46.0775 7084 pcmcia - ok
20:40:46.0791 7084 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:40:46.0791 7084 pcw - ok
20:40:46.0853 7084 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:40:46.0853 7084 PEAUTH - ok
20:40:46.0931 7084 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
20:40:46.0931 7084 PerfHost - ok
20:40:46.0978 7084 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
20:40:46.0978 7084 PGEffect - ok
20:40:47.0072 7084 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll
20:40:47.0087 7084 pla - ok
20:40:47.0150 7084 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll
20:40:47.0165 7084 PlugPlay - ok
20:40:47.0181 7084 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
20:40:47.0181 7084 PNRPAutoReg - ok
20:40:47.0212 7084 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:40:47.0228 7084 PNRPsvc - ok
20:40:47.0274 7084 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll
20:40:47.0290 7084 PolicyAgent - ok
20:40:47.0306 7084 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
20:40:47.0321 7084 Power - ok
20:40:47.0368 7084 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
20:40:47.0384 7084 PptpMiniport - ok
20:40:47.0399 7084 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:40:47.0399 7084 Processor - ok
20:40:47.0430 7084 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll
20:40:47.0430 7084 ProfSvc - ok
20:40:47.0477 7084 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:40:47.0477 7084 ProtectedStorage - ok
20:40:47.0493 7084 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
20:40:47.0493 7084 Psched - ok
20:40:47.0602 7084 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:40:47.0633 7084 ql2300 - ok
20:40:47.0742 7084 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:40:47.0742 7084 ql40xx - ok
20:40:47.0774 7084 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
20:40:47.0789 7084 QWAVE - ok
20:40:47.0805 7084 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:40:47.0805 7084 QWAVEdrv - ok
20:40:47.0805 7084 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:40:47.0805 7084 RasAcd - ok
20:40:47.0836 7084 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:40:47.0836 7084 RasAgileVpn - ok
20:40:47.0867 7084 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
20:40:47.0867 7084 RasAuto - ok
20:40:47.0883 7084 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
20:40:47.0883 7084 Rasl2tp - ok
20:40:47.0930 7084 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll
20:40:47.0930 7084 RasMan - ok
20:40:47.0961 7084 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:40:47.0961 7084 RasPppoe - ok
20:40:47.0976 7084 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:40:47.0976 7084 RasSstp - ok
20:40:48.0008 7084 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
20:40:48.0023 7084 rdbss - ok
20:40:48.0039 7084 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:40:48.0039 7084 rdpbus - ok
20:40:48.0054 7084 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:40:48.0054 7084 RDPCDD - ok
20:40:48.0070 7084 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:40:48.0070 7084 RDPENCDD - ok
20:40:48.0086 7084 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:40:48.0101 7084 RDPREFMP - ok
20:40:48.0132 7084 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys
20:40:48.0132 7084 RDPWD - ok
20:40:48.0164 7084 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys
20:40:48.0179 7084 rdyboost - ok
20:40:48.0288 7084 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:40:48.0304 7084 RegSrvc - ok
20:40:48.0335 7084 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
20:40:48.0335 7084 RemoteAccess - ok
20:40:48.0382 7084 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
20:40:48.0382 7084 RemoteRegistry - ok
20:40:48.0460 7084 Response Hardware (0ae5b227213b1eef53894cf69e5d3e31) C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe
20:40:48.0460 7084 Response Hardware - ok
20:40:48.0476 7084 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
20:40:48.0491 7084 RpcEptMapper - ok
20:40:48.0507 7084 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
20:40:48.0507 7084 RpcLocator - ok
20:40:48.0554 7084 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
20:40:48.0569 7084 RpcSs - ok
20:40:48.0632 7084 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:40:48.0632 7084 rspndr - ok
20:40:48.0678 7084 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\windows\system32\DRIVERS\Rt64win7.sys
20:40:48.0678 7084 RTL8167 - ok
20:40:48.0725 7084 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:40:48.0725 7084 SamSs - ok
20:40:48.0756 7084 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
20:40:48.0756 7084 sbp2port - ok
20:40:48.0788 7084 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
20:40:48.0788 7084 SCardSvr - ok
20:40:48.0803 7084 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
20:40:48.0803 7084 scfilter - ok
20:40:48.0897 7084 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll
20:40:48.0912 7084 Schedule - ok
20:40:48.0944 7084 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
20:40:48.0944 7084 SCPolicySvc - ok
20:40:48.0975 7084 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\windows\system32\DRIVERS\sdbus.sys
20:40:48.0975 7084 sdbus - ok
20:40:48.0990 7084 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll
20:40:49.0006 7084 SDRSVC - ok
20:40:49.0006 7084 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:40:49.0006 7084 secdrv - ok
20:40:49.0022 7084 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll
20:40:49.0037 7084 seclogon - ok
20:40:49.0053 7084 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
20:40:49.0053 7084 SENS - ok
20:40:49.0068 7084 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
20:40:49.0084 7084 SensrSvc - ok
20:40:49.0084 7084 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:40:49.0084 7084 Serenum - ok
20:40:49.0100 7084 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:40:49.0115 7084 Serial - ok
20:40:49.0115 7084 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:40:49.0115 7084 sermouse - ok
20:40:49.0162 7084 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll
20:40:49.0162 7084 SessionEnv - ok
20:40:49.0162 7084 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
20:40:49.0162 7084 sffdisk - ok
20:40:49.0178 7084 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
20:40:49.0178 7084 sffp_mmc - ok
20:40:49.0178 7084 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
20:40:49.0193 7084 sffp_sd - ok
20:40:49.0193 7084 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:40:49.0193 7084 sfloppy - ok
20:40:49.0271 7084 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
20:40:49.0287 7084 Sftfs - ok
20:40:49.0380 7084 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:40:49.0380 7084 sftlist - ok
20:40:49.0427 7084 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
20:40:49.0427 7084 Sftplay - ok
20:40:49.0443 7084 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
20:40:49.0443 7084 Sftredir - ok
20:40:49.0458 7084 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
20:40:49.0458 7084 Sftvol - ok
20:40:49.0490 7084 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:40:49.0490 7084 sftvsa - ok
20:40:49.0536 7084 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
20:40:49.0552 7084 SharedAccess - ok
20:40:49.0599 7084 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll
20:40:49.0599 7084 ShellHWDetection - ok
20:40:49.0630 7084 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:40:49.0630 7084 SiSRaid2 - ok
20:40:49.0646 7084 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:40:49.0646 7084 SiSRaid4 - ok
20:40:49.0677 7084 SMARTMouseFilterx64 (323ddcd15db2a7fed09df1f835cafcfb) C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys
20:40:49.0677 7084 SMARTMouseFilterx64 - ok
20:40:49.0692 7084 SMARTVHidMiniVistaAmd64 (6c691320c71ca8e8c38f52b2ce652c64) C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
20:40:49.0708 7084 SMARTVHidMiniVistaAmd64 - ok
20:40:49.0724 7084 SMARTVTabletPCx64 (20563f6830badd675407af0f5bca76ba) C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys
20:40:49.0724 7084 SMARTVTabletPCx64 - ok
20:40:49.0739 7084 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:40:49.0739 7084 Smb - ok
20:40:49.0770 7084 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
20:40:49.0770 7084 SNMPTRAP - ok
20:40:49.0786 7084 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:40:49.0786 7084 spldr - ok
20:40:49.0848 7084 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe
20:40:49.0848 7084 Spooler - ok
20:40:50.0082 7084 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe
20:40:50.0129 7084 sppsvc - ok
20:40:50.0238 7084 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
20:40:50.0238 7084 sppuinotify - ok
20:40:50.0316 7084 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
20:40:50.0332 7084 srv - ok
20:40:50.0394 7084 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
20:40:50.0394 7084 srv2 - ok
20:40:50.0457 7084 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
20:40:50.0457 7084 srvnet - ok
20:40:50.0488 7084 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
20:40:50.0488 7084 SSDPSRV - ok
20:40:50.0519 7084 ssfmonm (9da88a16e0ba3476186fa3bbf68a2ecf) C:\windows\system32\DRIVERS\ssfmonm.sys
20:40:50.0519 7084 ssfmonm - ok
20:40:50.0535 7084 ssidrv (d0afe61df285b9b29fffed4cbb9a8201) C:\windows\system32\DRIVERS\ssidrv.sys
20:40:50.0550 7084 ssidrv - ok
20:40:50.0566 7084 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
20:40:50.0566 7084 SstpSvc - ok
20:40:50.0628 7084 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:40:50.0628 7084 stexstor - ok
20:40:50.0691 7084 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll
20:40:50.0706 7084 stisvc - ok
20:40:50.0722 7084 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
20:40:50.0722 7084 swenum - ok
20:40:50.0769 7084 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
20:40:50.0784 7084 swprv - ok
20:40:50.0831 7084 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
20:40:50.0831 7084 SynTP - ok
20:40:50.0956 7084 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll
20:40:50.0987 7084 SysMain - ok
20:40:51.0096 7084 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll
20:40:51.0096 7084 TabletInputService - ok
20:40:51.0128 7084 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll
20:40:51.0143 7084 TapiSrv - ok
20:40:51.0174 7084 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
20:40:51.0174 7084 TBS - ok
20:40:51.0346 7084 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
20:40:51.0377 7084 Tcpip - ok
20:40:51.0564 7084 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
20:40:51.0596 7084 TCPIP6 - ok
20:40:51.0674 7084 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
20:40:51.0689 7084 tcpipreg - ok
20:40:51.0720 7084 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
20:40:51.0720 7084 tdcmdpst - ok
20:40:51.0736 7084 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:40:51.0736 7084 TDPIPE - ok
20:40:51.0767 7084 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys
20:40:51.0767 7084 TDTCP - ok
20:40:51.0798 7084 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
20:40:51.0798 7084 tdx - ok
20:40:51.0814 7084 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
20:40:51.0814 7084 TermDD - ok
20:40:51.0876 7084 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll
20:40:51.0892 7084 TermService - ok
20:40:51.0923 7084 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
20:40:51.0923 7084 Themes - ok
20:40:51.0954 7084 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
20:40:51.0954 7084 Thpdrv - ok
20:40:51.0970 7084 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
20:40:51.0970 7084 Thpevm - ok
20:40:52.0017 7084 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\windows\system32\ThpSrv.exe
20:40:52.0032 7084 Thpsrv - ok
20:40:52.0064 7084 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:40:52.0064 7084 THREADORDER - ok
20:40:52.0126 7084 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:40:52.0126 7084 TMachInfo - ok
20:40:52.0157 7084 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
20:40:52.0173 7084 TODDSrv - ok
20:40:52.0235 7084 TosCoSrv (bdbe7a21e1de76d92f566aa80546aa4c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:40:52.0251 7084 TosCoSrv - ok
20:40:52.0313 7084 TOSHIBA eco Utility Service (152da63a2843e7e63eca8ae90d853763) C:\Program Files\TOSHIBA\TECO\TecoService.exe
20:40:52.0313 7084 TOSHIBA eco Utility Service - ok
20:40:52.0344 7084 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:40:52.0360 7084 TOSHIBA HDD SSD Alert Service - ok
20:40:52.0438 7084 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
20:40:52.0438 7084 tos_sps64 - ok
20:40:52.0516 7084 TPCHSrv (6f9e17819bfa53cff67cb1e16669500f) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
20:40:52.0516 7084 TPCHSrv - ok
20:40:52.0625 7084 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
20:40:52.0641 7084 TrkWks - ok
20:40:52.0703 7084 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe
20:40:52.0703 7084 TrustedInstaller - ok
20:40:52.0750 7084 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
20:40:52.0750 7084 tssecsrv - ok
20:40:52.0766 7084 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
20:40:52.0781 7084 tunnel - ok
20:40:52.0797 7084 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:40:52.0797 7084 TVALZ - ok
20:40:52.0812 7084 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
20:40:52.0812 7084 TVALZFL - ok
20:40:52.0844 7084 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:40:52.0844 7084 uagp35 - ok
20:40:52.0890 7084 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
20:40:52.0890 7084 udfs - ok
20:40:52.0906 7084 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
20:40:52.0922 7084 UI0Detect - ok
20:40:52.0937 7084 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
20:40:52.0937 7084 uliagpkx - ok
20:40:52.0953 7084 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
20:40:52.0953 7084 umbus - ok
20:40:52.0984 7084 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:40:52.0984 7084 UmPass - ok
20:40:53.0171 7084 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:40:53.0202 7084 UNS - ok
20:40:53.0343 7084 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
20:40:53.0343 7084 upnphost - ok
20:40:53.0390 7084 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
20:40:53.0390 7084 USBAAPL64 - ok
20:40:53.0436 7084 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys
20:40:53.0436 7084 usbccgp - ok
20:40:53.0468 7084 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
20:40:53.0468 7084 usbcir - ok
20:40:53.0499 7084 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys
20:40:53.0499 7084 usbehci - ok
20:40:53.0530 7084 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys
20:40:53.0530 7084 usbhub - ok
20:40:53.0561 7084 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys
20:40:53.0577 7084 usbohci - ok
20:40:53.0592 7084 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:40:53.0592 7084 usbprint - ok
20:40:53.0639 7084 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:40:53.0639 7084 USBSTOR - ok
20:40:53.0655 7084 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys
20:40:53.0655 7084 usbuhci - ok
20:40:53.0702 7084 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
20:40:53.0702 7084 usbvideo - ok
20:40:53.0733 7084 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
20:40:53.0733 7084 UxSms - ok
20:40:53.0780 7084 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
20:40:53.0780 7084 VaultSvc - ok
20:40:53.0795 7084 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
20:40:53.0811 7084 vdrvroot - ok
20:40:53.0858 7084 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe
20:40:53.0858 7084 vds - ok
20:40:53.0873 7084 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:40:53.0873 7084 vga - ok
20:40:53.0889 7084 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:40:53.0889 7084 VgaSave - ok
20:40:53.0936 7084 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
20:40:53.0936 7084 vhdmp - ok
20:40:53.0951 7084 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
20:40:53.0951 7084 viaide - ok
20:40:53.0982 7084 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
20:40:53.0982 7084 volmgr - ok
20:40:54.0014 7084 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
20:40:54.0029 7084 volmgrx - ok
20:40:54.0060 7084 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
20:40:54.0060 7084 volsnap - ok
20:40:54.0107 7084 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:40:54.0107 7084 vsmraid - ok
20:40:54.0216 7084 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe
20:40:54.0248 7084 VSS - ok
20:40:54.0357 7084 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
20:40:54.0357 7084 vwifibus - ok
20:40:54.0388 7084 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
20:40:54.0388 7084 vwififlt - ok
20:40:54.0404 7084 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
20:40:54.0404 7084 vwifimp - ok
20:40:54.0450 7084 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
20:40:54.0450 7084 W32Time - ok
20:40:54.0466 7084 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:40:54.0466 7084 WacomPen - ok
20:40:54.0497 7084 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
20:40:54.0497 7084 WANARP - ok
20:40:54.0497 7084 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
20:40:54.0513 7084 Wanarpv6 - ok
20:40:54.0622 7084 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
20:40:54.0638 7084 WatAdminSvc - ok
20:40:54.0747 7084 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe
20:40:54.0762 7084 wbengine - ok
20:40:54.0840 7084 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
20:40:54.0856 7084 WbioSrvc - ok
20:40:54.0903 7084 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\windows\System32\wcncsvc.dll
20:40:54.0918 7084 wcncsvc - ok
20:40:54.0934 7084 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
20:40:54.0934 7084 WcsPlugInService - ok
20:40:54.0981 7084 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:40:54.0981 7084 Wd - ok
20:40:55.0028 7084 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:40:55.0043 7084 Wdf01000 - ok
20:40:55.0074 7084 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:40:55.0074 7084 WdiServiceHost - ok
20:40:55.0074 7084 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:40:55.0090 7084 WdiSystemHost - ok
20:40:55.0106 7084 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\windows\system32\DRIVERS\WDKMD.sys
20:40:55.0106 7084 wdkmd - ok
20:40:55.0152 7084 WebClient (733006127f235be7c35354ebee7b9a7b) C:\windows\System32\webclnt.dll
20:40:55.0168 7084 WebClient - ok
20:40:55.0511 7084 WebrootSpySweeperService (23dd2d1ef1735b0478172a2da95a2dad) C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe
20:40:55.0558 7084 WebrootSpySweeperService - ok
20:40:55.0667 7084 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
20:40:55.0667 7084 Wecsvc - ok
20:40:55.0683 7084 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
20:40:55.0698 7084 wercplsupport - ok
20:40:55.0714 7084 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
20:40:55.0714 7084 WerSvc - ok
20:40:55.0761 7084 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:40:55.0761 7084 WfpLwf - ok
20:40:55.0870 7084 WiMAXAppSrv (8686e96e13f41ac9806a79ca8004feee) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
20:40:55.0870 7084 WiMAXAppSrv - ok
20:40:55.0901 7084 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:40:55.0901 7084 WIMMount - ok
20:40:55.0917 7084 WinDefend - ok
20:40:55.0932 7084 WinHttpAutoProxySvc - ok
20:40:55.0995 7084 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
20:40:55.0995 7084 Winmgmt - ok
20:40:56.0151 7084 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll
20:40:56.0182 7084 WinRM - ok
20:40:56.0307 7084 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
20:40:56.0307 7084 WinUsb - ok
20:40:56.0369 7084 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
20:40:56.0385 7084 Wlansvc - ok
20:40:56.0463 7084 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:40:56.0463 7084 wlcrasvc - ok
20:40:56.0650 7084 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:40:56.0681 7084 wlidsvc - ok
20:40:56.0822 7084 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
20:40:56.0822 7084 WmiAcpi - ok
20:40:56.0884 7084 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
20:40:56.0900 7084 wmiApSrv - ok
20:40:56.0931 7084 WMPNetworkSvc - ok
20:40:56.0946 7084 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
20:40:56.0946 7084 WPCSvc - ok
20:40:56.0978 7084 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll
20:40:56.0993 7084 WPDBusEnum - ok
20:40:57.0243 7084 WRConsumerService (79ac7915b54882a2a1a1fc222e3afa55) C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
20:40:57.0290 7084 WRConsumerService - ok
20:40:57.0399 7084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:40:57.0399 7084 ws2ifsl - ok
20:40:57.0430 7084 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\windows\system32\wscsvc.dll
20:40:57.0430 7084 wscsvc - ok
20:40:57.0446 7084 WSearch - ok
20:40:57.0617 7084 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll
20:40:57.0648 7084 wuauserv - ok
20:40:57.0726 7084 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
20:40:57.0742 7084 WudfPf - ok
20:40:57.0758 7084 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
20:40:57.0773 7084 WUDFRd - ok
20:40:57.0789 7084 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll
20:40:57.0789 7084 wudfsvc - ok
20:40:57.0820 7084 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
20:40:57.0836 7084 WwanSvc - ok
20:40:57.0867 7084 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
20:40:57.0945 7084 \Device\Harddisk0\DR0 - ok
20:40:57.0960 7084 Boot (0x1200) (a8f8977726a41bab98304b299fcb4a46) \Device\Harddisk0\DR0\Partition0
20:40:57.0960 7084 \Device\Harddisk0\DR0\Partition0 - ok
20:40:57.0960 7084 ============================================================
20:40:57.0960 7084 Scan finished
20:40:57.0960 7084 ============================================================
20:40:57.0976 5584 Detected object count: 0
20:40:57.0976 5584 Actual detected object count: 0

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 PM

Posted 04 May 2012 - 08:15 PM

Hello


That looks good let me have the aswMBR report when complete and let me know about the redirects


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 04 May 2012 - 08:42 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-04 20:48:59
-----------------------------
20:48:59.961 OS Version: Windows x64 6.1.7600
20:48:59.961 Number of processors: 4 586 0x2505
20:48:59.961 ComputerName: OWNER-PC UserName: Owner
20:49:01.396 Initialize success
21:07:32.811 AVAST engine defs: 12050401
21:07:58.051 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:07:58.051 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
21:07:58.067 Disk 0 MBR read successfully
21:07:58.067 Disk 0 MBR scan
21:07:58.083 Disk 0 Windows VISTA default MBR code
21:07:58.098 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:07:58.114 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463567 MB offset 3074048
21:07:58.161 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 11872 MB offset 952459264
21:07:58.207 Disk 0 scanning C:\windows\system32\drivers
21:08:09.720 Service scanning
21:08:35.850 Modules scanning
21:08:35.866 Disk 0 trace - called modules:
21:08:35.897 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys hal.dll
21:08:36.412 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c9a060]
21:08:36.412 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8004c99060]
21:08:36.428 5 thpdrv.sys[fffff88001b20cc0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049b6050]
21:08:39.033 AVAST engine scan C:\windows
21:08:42.278 AVAST engine scan C:\windows\system32
21:12:16.981 AVAST engine scan C:\windows\system32\drivers
21:12:31.037 AVAST engine scan C:\Users\Owner
21:12:31.489 File: C:\Users\Owner\AppData\Local\Apple Computer\Adobe\xyqwy.dll **INFECTED** Win32:Malware-gen
21:14:45.760 File: C:\Users\Owner\Desktop\InstallSecurityCentral_728.exe **INFECTED** Win32:MalOb-IZ [Cryp]
21:15:24.026 AVAST engine scan C:\ProgramData
21:19:14.517 Scan finished successfully
21:39:40.176 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
21:39:40.176 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 PM

Posted 04 May 2012 - 08:58 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\program files (x86)\Ask.com

File::
C:\Users\Owner\AppData\Local\Apple Computer\Adobe\xyqwy.dll 
C:\Users\Owner\Desktop\InstallSecurityCentral_728.exe

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 04 May 2012 - 09:00 PM

I have a redirect when I use google to search. findsearchengineresults.com this is the link:

http://63.209.69.107/search/web/used+ford+expeditions+sale/C10/ecn/46355-8909_1233/v5

#15 mac84

mac84
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 04 May 2012 - 09:17 PM

running combfix/cfscript now




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users