Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Internet and no Windows firewall


  • This topic is locked This topic is locked
18 replies to this topic

#1 sb07

sb07

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 23 May 2012 - 11:32 PM

I am having a problem connecting to the internet. Actually, I connect ok, but Windows doesn't seem to know it. FSS says that Localhost is blocked. Ping doesn't work even though nslookup works. Browsers cannot display URLs.

The Windows firewall cannot be started.

Here is the link where the problem is discussed:

My link



I was referred to download and run DDS and GMER. The GMER download links time out for me so all I can do is post the DDS log and attach the attach file:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by admin at 23:39:30 on 2012-05-23
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\alg.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\ACFXAU32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\mcupdate.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IObit\Advanced SystemCare 5\DelayLoad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\mobsync.exe
C:\Users\admin\Desktop\dds.scr
C:\Windows\system32\REGSVR32.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.toshibadirect.com/dpdstart
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mStart Page = hxxp://www.dragonbbs.com
mDefault_Page_URL = hxxp://www.dragonbbs.com
mWindow Title = Dragon Internet
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NDSTray.exe] NDSTray.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\icq7.4\ICQ.exe
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110}
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: klogon - c:\windows\system32\klogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R? aawservice;Lavasoft Ad-Aware Service
R? AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service
R? epmntdrv;epmntdrv
R? EuGdiDrv;EuGdiDrv
R? IO_Memory;IO_Memory
R? jswpsapi;Jumpstart Wifi Protected Setup
R? MFE_RR;MFE_RR
R? MpKsle679543d;MpKsle679543d
R? NisDrv;Microsoft Network Inspection System
R? NisSrv;Microsoft Network Inspection
R? NWUSBCDFIL;Novatel Wireless Installation CD
R? NWUSBPort2;Novatel Wireless USB Status2 Port Driver
R? pwdrvio;pwdrvio
R? pwdspio;pwdspio
R? SVRPEDRV;SVRPEDRV
R? WPFFontCache_v0400;WPFFontCache_v0400
S? acfva;acfva
S? AdvancedSystemCareService5;Advanced SystemCare Service 5
S? ConfigFree Service;ConfigFree Service
S? dgcfltr;DGC Filter Driver
S? ezGOSvc;Easybits GO Services for Windows
S? FontCache;Windows Font Cache Service
S? FwLnk;FwLnk Driver
S? jswpslwf;JumpStart Wireless Filter Driver
S? kl2;kl2
S? klmouflt;Kaspersky Lab KLMOUFLT
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? MpFilter;Microsoft Malware Protection Driver
S? TOSHIBA SMART Log Service;TOSHIBA SMART Log Service
.
=============== Created Last 30 ================
.
2012-05-24 02:06:13 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b2876505-378c-4e2c-8be1-48c421718802}\offreg.dll
2012-05-24 01:25:04 891448 ----a-w- C:\tcpip.sys
2012-05-23 05:14:44 -------- d-----w- c:\users\admin\appdata\local\Opera
2012-05-23 03:21:13 -------- d-----w- c:\users\admin\appdata\roaming\Malwarebytes
2012-05-23 03:00:55 -------- d-----w- c:\users\admin\appdata\roaming\IObit
2012-05-22 04:22:43 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-21 03:34:10 -------- d-----w- c:\windows\system32\wbem\repository
2012-05-21 02:35:43 -------- d-----w- c:\programdata\Malwarebytes
2012-05-21 02:35:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-21 02:35:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-20 23:21:42 -------- d-----w- c:\program files\DLLSuite
2012-05-19 18:34:46 -------- d-----w- c:\program files\Dragon Internet
2012-05-19 03:46:34 -------- dc----w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2012-05-19 03:45:40 -------- d-----w- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2012-05-19 03:40:11 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-19 03:40:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-05-18 21:50:44 -------- d-----w- c:\users\admin\AbiSuite
2012-05-15 19:31:29 -------- d-----w- c:\program files\common files\FTL Shared
2012-05-15 06:06:32 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{0b5d8087-ba63-4a2f-a7cc-0c8ff7404b6e}\mpengine.dll
2012-05-15 03:54:22 -------- d-----w- c:\program files\Qualcomm
2012-05-15 03:54:22 -------- d-----w- c:\program files\Netscape
2012-05-15 03:53:28 9728 ----a-w- c:\windows\system32\rnaph.dll
2012-05-14 04:52:10 -------- d-----w- c:\programdata\IObit
2012-05-14 04:51:20 -------- d-----w- c:\program files\IObit
2012-05-13 21:17:38 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-05-13 21:14:50 -------- d-----w- c:\windows\TempFA2B2319-FCE2-5246-1C6F-52F8D52354BF-Signatures
2012-05-13 19:28:45 -------- d-----w- c:\programdata\LocalNet
2012-05-13 04:38:30 -------- d-----w- c:\programdata\CheckPoint
2012-05-13 03:38:36 -------- d-----w- c:\programdata\SpeedyPC Software
2012-05-13 02:22:54 -------- d-----w- c:\program files\cfos6link
2012-05-13 02:05:26 723 ----a-w- C:\vapad.tmp
2012-05-11 00:31:14 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-11 00:31:13 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-11 00:31:13 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-11 00:31:13 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-05-11 00:31:12 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-11 00:31:12 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-05-11 00:30:34 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 00:30:33 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-11 00:30:33 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 00:30:03 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-11 00:30:03 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-11 00:30:03 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-11 00:30:03 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-11 00:30:03 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 06:56:16 5120 ----a-w- c:\windows\system32\wmi.dll
2012-05-10 06:56:15 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-05-10 06:56:15 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-05-10 06:56:15 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-05-10 06:50:39 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-05-10 06:45:17 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 06:45:16 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-05-10 06:42:11 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-05-10 06:41:56 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 06:41:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-05-10 06:41:53 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-05-01 01:50:59 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-05-01 01:50:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-21 00:44:12 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 23:43:31.33 ===============

Attached Files


Edited by sb07, 23 May 2012 - 11:33 PM.


BC AdBot (Login to Remove)

 


#2 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 24 May 2012 - 02:34 AM

I finally managed to download and run gmer, and I am attaching the log file as instructed. Thanks.

Attached Files

  • Attached File  Ark.log   21.02KB   4 downloads


#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:24 AM

Posted 28 May 2012 - 08:45 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download these tools to a CD or Flash Drive using a good computer.
Copy the files to the desktop of the infected computer.

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#4 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 28 May 2012 - 05:25 PM

17:59:52.0401 1088 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
17:59:52.0432 1088 ============================================================
17:59:52.0432 1088 Current date / time: 2012/05/28 17:59:52.0432
17:59:52.0432 1088 SystemInfo:
17:59:52.0432 1088
17:59:52.0432 1088 OS Version: 6.0.6002 ServicePack: 2.0
17:59:52.0432 1088 Product type: Workstation
17:59:52.0432 1088 ComputerName: JEO-PC
17:59:52.0432 1088 UserName: admin
17:59:52.0432 1088 Windows directory: C:\Windows
17:59:52.0432 1088 System windows directory: C:\Windows
17:59:52.0432 1088 Processor architecture: Intel x86
17:59:52.0432 1088 Number of processors: 2
17:59:52.0432 1088 Page size: 0x1000
17:59:52.0432 1088 Boot type: Normal boot
17:59:52.0432 1088 ============================================================
17:59:55.0037 1088 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:59:55.0458 1088 Drive \Device\Harddisk1\DR1 - Size: 0x1D9C00000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:59:55.0458 1088 ============================================================
17:59:55.0458 1088 \Device\Harddisk0\DR0:
17:59:55.0458 1088 MBR partitions:
17:59:55.0458 1088 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1272AEB0
17:59:55.0458 1088 \Device\Harddisk1\DR1:
17:59:55.0474 1088 MBR partitions:
17:59:55.0474 1088 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x1, BlocksNum 0x70E425
17:59:55.0474 1088 ============================================================
17:59:55.0536 1088 C: <-> \Device\Harddisk0\DR0\Partition0
17:59:55.0536 1088 ============================================================
17:59:55.0536 1088 Initialize success
17:59:55.0536 1088 ============================================================
17:59:57.0783 1756 ============================================================
17:59:57.0783 1756 Scan started
17:59:57.0783 1756 Mode: Manual;
17:59:57.0783 1756 ============================================================
17:59:58.0610 1756 aawservice - ok
17:59:58.0859 1756 acfva (426b4845468b690cfeeb268488d3aa0b) C:\Windows\system32\DRIVERS\ACFVA32.sys
17:59:58.0859 1756 acfva - ok
17:59:58.0953 1756 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:59:58.0953 1756 ACPI - ok
17:59:59.0109 1756 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:59:59.0124 1756 AdobeFlashPlayerUpdateSvc - ok
17:59:59.0249 1756 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
17:59:59.0265 1756 adp94xx - ok
17:59:59.0312 1756 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
17:59:59.0327 1756 adpahci - ok
17:59:59.0358 1756 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
17:59:59.0358 1756 adpu160m - ok
17:59:59.0405 1756 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
17:59:59.0405 1756 adpu320 - ok
18:00:00.0076 1756 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
18:00:00.0076 1756 AdvancedSystemCareService5 - ok
18:00:00.0138 1756 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
18:00:00.0138 1756 AeLookupSvc - ok
18:00:00.0294 1756 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:00:00.0294 1756 AFD - ok
18:00:00.0622 1756 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
18:00:00.0684 1756 AgereSoftModem - ok
18:00:00.0762 1756 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:00:00.0762 1756 agp440 - ok
18:00:00.0809 1756 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:00:00.0825 1756 aic78xx - ok
18:00:00.0856 1756 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
18:00:00.0872 1756 ALG - ok
18:00:00.0887 1756 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:00:00.0887 1756 aliide - ok
18:00:00.0918 1756 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:00:00.0918 1756 amdagp - ok
18:00:00.0934 1756 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:00:00.0934 1756 amdide - ok
18:00:01.0012 1756 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:00:01.0012 1756 AmdK7 - ok
18:00:01.0043 1756 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:00:01.0043 1756 AmdK8 - ok
18:00:01.0121 1756 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
18:00:01.0121 1756 Appinfo - ok
18:00:01.0262 1756 Apple Mobile Device (5af91391d92a921e984b97c88e994d00) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:00:01.0277 1756 Apple Mobile Device - ok
18:00:01.0402 1756 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:00:01.0402 1756 arc - ok
18:00:01.0464 1756 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:00:01.0464 1756 arcsas - ok
18:00:01.0511 1756 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:01.0511 1756 AsyncMac - ok
18:00:01.0542 1756 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:00:01.0558 1756 atapi - ok
18:00:02.0182 1756 athr (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys
18:00:02.0213 1756 athr - ok
18:00:02.0354 1756 Ati External Event Utility (817a5e89e933429da0d6f9c5baadd6f1) C:\Windows\system32\Ati2evxx.exe
18:00:02.0369 1756 Ati External Event Utility - ok
18:00:03.0212 1756 atikmdag (a2b6478963451a99c28da8133b648142) C:\Windows\system32\DRIVERS\atikmdag.sys
18:00:03.0321 1756 atikmdag - ok
18:00:03.0680 1756 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
18:00:03.0680 1756 AtiPcie - ok
18:00:03.0929 1756 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
18:00:03.0992 1756 AudioEndpointBuilder - ok
18:00:03.0992 1756 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
18:00:04.0007 1756 Audiosrv - ok
18:00:04.0070 1756 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:00:04.0070 1756 Beep - ok
18:00:04.0179 1756 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
18:00:04.0194 1756 BFE - ok
18:00:04.0335 1756 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
18:00:04.0366 1756 BITS - ok
18:00:04.0413 1756 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:00:04.0413 1756 blbdrive - ok
18:00:04.0616 1756 Bonjour Service (a4a5e7868f4d86548e71aef7d9f681fc) C:\Program Files\Bonjour\mDNSResponder.exe
18:00:04.0631 1756 Bonjour Service - ok
18:00:04.0678 1756 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:00:04.0678 1756 bowser - ok
18:00:04.0756 1756 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:00:04.0772 1756 BrFiltLo - ok
18:00:04.0787 1756 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:00:04.0787 1756 BrFiltUp - ok
18:00:04.0818 1756 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
18:00:04.0818 1756 Browser - ok
18:00:04.0850 1756 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:00:04.0865 1756 Brserid - ok
18:00:04.0881 1756 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:00:04.0881 1756 BrSerWdm - ok
18:00:04.0912 1756 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:00:04.0912 1756 BrUsbMdm - ok
18:00:04.0928 1756 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:00:04.0928 1756 BrUsbSer - ok
18:00:04.0959 1756 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:00:04.0959 1756 BTHMODEM - ok
18:00:05.0021 1756 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\Windows\system32\Drivers\SPCA561.SYS
18:00:05.0099 1756 CA561 - ok
18:00:05.0380 1756 catchme - ok
18:00:05.0442 1756 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:00:05.0442 1756 cdfs - ok
18:00:05.0536 1756 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:00:05.0536 1756 cdrom - ok
18:00:05.0614 1756 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
18:00:05.0614 1756 CertPropSvc - ok
18:00:05.0645 1756 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:00:05.0645 1756 circlass - ok
18:00:05.0832 1756 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:00:05.0832 1756 CLFS - ok
18:00:06.0066 1756 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:06.0066 1756 clr_optimization_v2.0.50727_32 - ok
18:00:06.0144 1756 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:06.0144 1756 CmBatt - ok
18:00:06.0176 1756 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:00:06.0176 1756 cmdide - ok
18:00:06.0191 1756 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:00:06.0191 1756 Compbatt - ok
18:00:06.0207 1756 COMSysApp - ok
18:00:06.0519 1756 ConfigFree Service (15c8e0fad1827dec596f4b8c316dedc7) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
18:00:06.0519 1756 ConfigFree Service - ok
18:00:06.0566 1756 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:00:06.0566 1756 crcdisk - ok
18:00:06.0581 1756 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:00:06.0581 1756 Crusoe - ok
18:00:06.0659 1756 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
18:00:06.0659 1756 CryptSvc - ok
18:00:06.0800 1756 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
18:00:06.0815 1756 DcomLaunch - ok
18:00:06.0846 1756 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:00:06.0846 1756 DfsC - ok
18:00:07.0782 1756 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
18:00:07.0860 1756 DFSR - ok
18:00:08.0235 1756 dgcfltr (5d4f72e23f1c38cc94fde95c28f04cb0) C:\Windows\system32\DRIVERS\ACFDCP32.sys
18:00:08.0235 1756 dgcfltr - ok
18:00:08.0344 1756 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
18:00:08.0360 1756 Dhcp - ok
18:00:08.0438 1756 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:00:08.0438 1756 disk - ok
18:00:08.0516 1756 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
18:00:08.0516 1756 Dnscache - ok
18:00:08.0609 1756 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
18:00:08.0609 1756 dot3svc - ok
18:00:08.0703 1756 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
18:00:08.0703 1756 Dot4 - ok
18:00:08.0750 1756 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:00:08.0750 1756 Dot4Print - ok
18:00:08.0781 1756 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
18:00:08.0781 1756 dot4usb - ok
18:00:08.0828 1756 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
18:00:08.0843 1756 DPS - ok
18:00:08.0921 1756 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:00:08.0921 1756 drmkaud - ok
18:00:09.0030 1756 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:00:09.0030 1756 DXGKrnl - ok
18:00:09.0062 1756 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:00:09.0093 1756 E1G60 - ok
18:00:09.0155 1756 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
18:00:09.0171 1756 EapHost - ok
18:00:09.0233 1756 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:00:09.0233 1756 Ecache - ok
18:00:09.0358 1756 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
18:00:09.0358 1756 ehRecvr - ok
18:00:09.0405 1756 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
18:00:09.0420 1756 ehSched - ok
18:00:09.0436 1756 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
18:00:09.0436 1756 ehstart - ok
18:00:09.0576 1756 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:00:09.0623 1756 elxstor - ok
18:00:09.0764 1756 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
18:00:09.0795 1756 EMDMgmt - ok
18:00:09.0873 1756 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
18:00:09.0888 1756 epmntdrv - ok
18:00:09.0920 1756 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:00:09.0920 1756 ErrDev - ok
18:00:09.0982 1756 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
18:00:09.0982 1756 EuGdiDrv - ok
18:00:10.0107 1756 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
18:00:10.0138 1756 EventSystem - ok
18:00:10.0294 1756 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:00:10.0294 1756 exfat - ok
18:00:10.0388 1756 ezGOSvc (da7ed3a484a2a03fd8aec1b3a0db401c) C:\Windows\system32\ezGOSvc.dll
18:00:10.0388 1756 ezGOSvc - ok
18:00:10.0450 1756 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:00:10.0450 1756 fastfat - ok
18:00:10.0512 1756 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:00:10.0528 1756 fdc - ok
18:00:10.0559 1756 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
18:00:10.0559 1756 fdPHost - ok
18:00:10.0575 1756 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
18:00:10.0575 1756 FDResPub - ok
18:00:10.0637 1756 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:00:10.0637 1756 FileInfo - ok
18:00:10.0653 1756 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:00:10.0653 1756 Filetrace - ok
18:00:10.0684 1756 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:00:10.0684 1756 flpydisk - ok
18:00:10.0746 1756 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:00:10.0746 1756 FltMgr - ok
18:00:11.0027 1756 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
18:00:11.0074 1756 FontCache - ok
18:00:11.0230 1756 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:00:11.0230 1756 FontCache3.0.0.0 - ok
18:00:11.0277 1756 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
18:00:11.0277 1756 Fs_Rec - ok
18:00:11.0526 1756 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
18:00:11.0526 1756 FwLnk - ok
18:00:11.0573 1756 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:00:11.0573 1756 gagp30kx - ok
18:00:11.0698 1756 GameConsoleService (3eafdd637416393722aa98e940dfd0a0) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
18:00:11.0704 1756 GameConsoleService - ok
18:00:11.0790 1756 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:00:11.0791 1756 GEARAspiWDM - ok
18:00:11.0933 1756 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
18:00:11.0946 1756 gpsvc - ok
18:00:12.0049 1756 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:00:12.0055 1756 HdAudAddService - ok
18:00:12.0304 1756 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:00:12.0335 1756 HDAudBus - ok
18:00:12.0367 1756 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:00:12.0367 1756 HidBth - ok
18:00:12.0382 1756 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:00:12.0382 1756 HidIr - ok
18:00:12.0429 1756 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
18:00:12.0429 1756 hidserv - ok
18:00:12.0460 1756 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:00:12.0460 1756 HidUsb - ok
18:00:12.0491 1756 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
18:00:12.0507 1756 hkmsvc - ok
18:00:12.0523 1756 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:00:12.0538 1756 HpCISSs - ok
18:00:13.0178 1756 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:00:13.0193 1756 hpqcxs08 - ok
18:00:13.0271 1756 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:00:13.0271 1756 hpqddsvc - ok
18:00:13.0334 1756 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:00:13.0349 1756 HTTP - ok
18:00:13.0381 1756 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:00:13.0381 1756 i2omp - ok
18:00:13.0459 1756 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:00:13.0459 1756 i8042prt - ok
18:00:13.0521 1756 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:00:13.0521 1756 iaStorV - ok
18:00:13.0833 1756 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:00:13.0833 1756 IDriverT - ok
18:00:14.0176 1756 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:00:14.0223 1756 idsvc - ok
18:00:14.0426 1756 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:00:14.0426 1756 iirsp - ok
18:00:14.0551 1756 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
18:00:14.0566 1756 IKEEXT - ok
18:00:15.0065 1756 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
18:00:15.0081 1756 IntcAzAudAddService - ok
18:00:15.0424 1756 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:00:15.0424 1756 intelide - ok
18:00:15.0533 1756 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:00:15.0533 1756 intelppm - ok
18:00:15.0565 1756 IO_Memory - ok
18:00:15.0611 1756 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
18:00:15.0611 1756 IPBusEnum - ok
18:00:15.0674 1756 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:00:15.0674 1756 IpFilterDriver - ok
18:00:15.0783 1756 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
18:00:15.0799 1756 iphlpsvc - ok
18:00:15.0799 1756 IpInIp - ok
18:00:15.0845 1756 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:00:15.0845 1756 IPMIDRV - ok
18:00:15.0939 1756 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:00:15.0955 1756 IPNAT - ok
18:00:16.0251 1756 iPod Service (4eaba123e0dd31d3272599cf437065ee) C:\Program Files\iPod\bin\iPodService.exe
18:00:16.0267 1756 iPod Service - ok
18:00:16.0298 1756 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:00:16.0298 1756 IRENUM - ok
18:00:16.0329 1756 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:00:16.0329 1756 isapnp - ok
18:00:16.0423 1756 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:00:16.0423 1756 iScsiPrt - ok
18:00:16.0454 1756 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:00:16.0454 1756 iteatapi - ok
18:00:16.0501 1756 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:00:16.0516 1756 iteraid - ok
18:00:16.0859 1756 jswpsapi (957135960e7533ea5c7ea0bfb34f8efd) C:\Program Files\Jumpstart\jswpsapi.exe
18:00:16.0891 1756 jswpsapi - ok
18:00:16.0922 1756 jswpslwf (11ad410f41af42ba12e63187e3ec141a) C:\Windows\system32\DRIVERS\jswpslwf.sys
18:00:16.0922 1756 jswpslwf - ok
18:00:16.0937 1756 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:00:16.0937 1756 kbdclass - ok
18:00:16.0969 1756 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:00:16.0969 1756 kbdhid - ok
18:00:17.0015 1756 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:00:17.0015 1756 KeyIso - ok
18:00:17.0109 1756 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
18:00:17.0109 1756 KL1 - ok
18:00:17.0140 1756 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
18:00:17.0140 1756 kl2 - ok
18:00:17.0187 1756 KLIF - ok
18:00:17.0218 1756 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
18:00:17.0218 1756 klmouflt - ok
18:00:17.0281 1756 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
18:00:17.0296 1756 KR10I - ok
18:00:17.0343 1756 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
18:00:17.0359 1756 KR10N - ok
18:00:17.0437 1756 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
18:00:17.0452 1756 KSecDD - ok
18:00:17.0546 1756 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
18:00:17.0561 1756 KtmRm - ok
18:00:17.0639 1756 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
18:00:17.0639 1756 LanmanServer - ok
18:00:17.0686 1756 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
18:00:17.0686 1756 LanmanWorkstation - ok
18:00:17.0827 1756 Lavasoft Kernexplorer - ok
18:00:17.0873 1756 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:00:17.0873 1756 lltdio - ok
18:00:17.0936 1756 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
18:00:17.0936 1756 lltdsvc - ok
18:00:17.0967 1756 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
18:00:17.0983 1756 lmhosts - ok
18:00:18.0014 1756 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:00:18.0014 1756 LSI_FC - ok
18:00:18.0061 1756 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:00:18.0061 1756 LSI_SAS - ok
18:00:18.0170 1756 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:00:18.0170 1756 LSI_SCSI - ok
18:00:18.0217 1756 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:00:18.0217 1756 luafv - ok
18:00:18.0248 1756 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
18:00:18.0248 1756 Mcx2Svc - ok
18:00:18.0310 1756 mdmxsdk (1968508adb20192a03a30c25f16db506) C:\Windows\system32\DRIVERS\ACFSDK32.sys
18:00:18.0310 1756 mdmxsdk - ok
18:00:18.0388 1756 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:00:18.0388 1756 megasas - ok
18:00:18.0466 1756 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:00:18.0482 1756 MegaSR - ok
18:00:18.0809 1756 MFE_RR - ok
18:00:18.0997 1756 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
18:00:19.0012 1756 MMCSS - ok
18:00:19.0028 1756 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:00:19.0028 1756 Modem - ok
18:00:19.0059 1756 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
18:00:19.0059 1756 MODEMCSA - ok
18:00:19.0121 1756 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:00:19.0121 1756 monitor - ok
18:00:19.0137 1756 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:00:19.0137 1756 mouclass - ok
18:00:19.0168 1756 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:00:19.0168 1756 mouhid - ok
18:00:19.0184 1756 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:00:19.0184 1756 MountMgr - ok
18:00:19.0262 1756 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
18:00:19.0262 1756 MpFilter - ok
18:00:19.0355 1756 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:00:19.0355 1756 mpio - ok
18:00:19.0777 1756 MpKsle679543d - ok
18:00:19.0870 1756 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:00:19.0870 1756 mpsdrv - ok
18:00:20.0011 1756 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
18:00:20.0026 1756 MpsSvc - ok
18:00:20.0057 1756 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:00:20.0057 1756 Mraid35x - ok
18:00:20.0120 1756 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:00:20.0120 1756 MRxDAV - ok
18:00:20.0167 1756 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:00:20.0167 1756 mrxsmb - ok
18:00:20.0245 1756 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:00:20.0260 1756 mrxsmb10 - ok
18:00:20.0276 1756 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:00:20.0276 1756 mrxsmb20 - ok
18:00:20.0338 1756 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
18:00:20.0354 1756 msahci - ok
18:00:20.0541 1756 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:00:20.0541 1756 msdsm - ok
18:00:20.0603 1756 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
18:00:20.0603 1756 MSDTC - ok
18:00:20.0666 1756 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:00:20.0666 1756 Msfs - ok
18:00:20.0775 1756 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:00:20.0775 1756 msisadrv - ok
18:00:20.0869 1756 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
18:00:20.0869 1756 MSiSCSI - ok
18:00:20.0884 1756 msiserver - ok
18:00:20.0915 1756 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:00:20.0931 1756 MSKSSRV - ok
18:00:21.0071 1756 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:00:21.0071 1756 MsMpSvc - ok
18:00:21.0134 1756 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:00:21.0134 1756 MSPCLOCK - ok
18:00:21.0196 1756 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:00:21.0196 1756 MSPQM - ok
18:00:21.0274 1756 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:00:21.0274 1756 MsRPC - ok
18:00:21.0337 1756 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:00:21.0337 1756 mssmbios - ok
18:00:21.0383 1756 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:00:21.0383 1756 MSTEE - ok
18:00:21.0430 1756 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:00:21.0430 1756 Mup - ok
18:00:21.0493 1756 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
18:00:21.0508 1756 napagent - ok
18:00:21.0617 1756 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:00:21.0633 1756 NativeWifiP - ok
18:00:21.0727 1756 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:00:21.0742 1756 NDIS - ok
18:00:21.0773 1756 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:00:21.0773 1756 NdisTapi - ok
18:00:21.0789 1756 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:00:21.0789 1756 Ndisuio - ok
18:00:21.0836 1756 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:00:21.0836 1756 NdisWan - ok
18:00:21.0867 1756 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:00:21.0867 1756 NDProxy - ok
18:00:21.0883 1756 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
18:00:21.0898 1756 Net Driver HPZ12 - ok
18:00:21.0914 1756 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:00:21.0914 1756 NetBIOS - ok
18:00:22.0117 1756 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:00:22.0132 1756 netbt - ok
18:00:22.0195 1756 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:00:22.0195 1756 Netlogon - ok
18:00:22.0366 1756 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
18:00:22.0382 1756 Netman - ok
18:00:22.0491 1756 NetMsmqActivator (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:00:22.0507 1756 NetMsmqActivator - ok
18:00:22.0507 1756 NetPipeActivator (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:00:22.0507 1756 NetPipeActivator - ok
18:00:22.0616 1756 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
18:00:22.0663 1756 netprofm - ok
18:00:22.0663 1756 NetTcpActivator (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:00:22.0663 1756 NetTcpActivator - ok
18:00:22.0678 1756 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:00:22.0678 1756 NetTcpPortSharing - ok
18:00:22.0756 1756 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:00:22.0756 1756 nfrd960 - ok
18:00:22.0834 1756 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:00:22.0834 1756 NisDrv - ok
18:00:22.0928 1756 NisSrv - ok
18:00:23.0006 1756 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
18:00:23.0006 1756 NlaSvc - ok
18:00:23.0053 1756 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:00:23.0053 1756 Npfs - ok
18:00:23.0068 1756 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
18:00:23.0084 1756 nsi - ok
18:00:23.0099 1756 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:00:23.0099 1756 nsiproxy - ok
18:00:23.0302 1756 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:00:23.0349 1756 Ntfs - ok
18:00:23.0380 1756 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:00:23.0380 1756 ntrigdigi - ok
18:00:23.0411 1756 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:00:23.0411 1756 Null - ok
18:00:23.0458 1756 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:00:23.0458 1756 nvraid - ok
18:00:23.0489 1756 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:00:23.0489 1756 nvstor - ok
18:00:23.0521 1756 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:00:23.0521 1756 nv_agp - ok
18:00:23.0567 1756 NWADI (fc2a8aaa0f3321f41231ede0af1968ae) C:\Windows\system32\DRIVERS\NWADIenum.sys
18:00:23.0583 1756 NWADI - ok
18:00:23.0583 1756 NwlnkFlt - ok
18:00:23.0583 1756 NwlnkFwd - ok
18:00:23.0661 1756 NWUSBCDFIL (224131778c92aee8c13afac5fbff19ca) C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
18:00:23.0661 1756 NWUSBCDFIL - ok
18:00:23.0739 1756 NWUSBModem (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbmdm.sys
18:00:23.0739 1756 NWUSBModem - ok
18:00:23.0833 1756 NWUSBPort (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser.sys
18:00:23.0833 1756 NWUSBPort - ok
18:00:23.0926 1756 NWUSBPort2 (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser2.sys
18:00:23.0926 1756 NWUSBPort2 - ok
18:00:24.0628 1756 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:00:24.0644 1756 odserv - ok
18:00:24.0722 1756 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
18:00:24.0722 1756 ohci1394 - ok
18:00:24.0769 1756 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:00:24.0769 1756 ose - ok
18:00:24.0940 1756 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:00:24.0956 1756 p2pimsvc - ok
18:00:24.0956 1756 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:00:24.0971 1756 p2psvc - ok
18:00:25.0096 1756 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:00:25.0096 1756 Parport - ok
18:00:25.0159 1756 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
18:00:25.0159 1756 partmgr - ok
18:00:25.0190 1756 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:00:25.0190 1756 Parvdm - ok
18:00:25.0221 1756 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
18:00:25.0221 1756 PcaSvc - ok
18:00:25.0283 1756 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:00:25.0283 1756 pci - ok
18:00:25.0330 1756 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
18:00:25.0330 1756 pciide - ok
18:00:25.0361 1756 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:00:25.0377 1756 pcmcia - ok
18:00:25.0595 1756 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:00:25.0658 1756 PEAUTH - ok
18:00:25.0751 1756 pinger (5354bcc0e7a38c171a4c49574f20c091) C:\TOSHIBA\IVP\ISM\pinger.exe
18:00:25.0751 1756 pinger - ok
18:00:26.0204 1756 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
18:00:26.0282 1756 pla - ok
18:00:26.0687 1756 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
18:00:26.0703 1756 PlugPlay - ok
18:00:26.0765 1756 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
18:00:26.0765 1756 Pml Driver HPZ12 - ok
18:00:26.0906 1756 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:00:26.0921 1756 PNRPAutoReg - ok
18:00:26.0937 1756 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:00:26.0937 1756 PNRPsvc - ok
18:00:27.0015 1756 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
18:00:27.0031 1756 PolicyAgent - ok
18:00:27.0093 1756 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:00:27.0093 1756 PptpMiniport - ok
18:00:27.0140 1756 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
18:00:27.0140 1756 Processor - ok
18:00:27.0202 1756 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
18:00:27.0202 1756 ProfSvc - ok
18:00:27.0249 1756 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:00:27.0249 1756 ProtectedStorage - ok
18:00:27.0311 1756 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:00:27.0327 1756 PSched - ok
18:00:27.0389 1756 pwdrvio (31c396331f61990ce235b046a03be0a1) C:\Windows\system32\pwdrvio.sys
18:00:27.0389 1756 pwdrvio - ok
18:00:27.0467 1756 pwdspio (cee974ef297015b9600dcd16a82821b4) C:\Windows\system32\pwdspio.sys
18:00:27.0467 1756 pwdspio - ok
18:00:27.0514 1756 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
18:00:27.0514 1756 PxHelp20 - ok
18:00:27.0857 1756 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:00:27.0967 1756 ql2300 - ok
18:00:28.0029 1756 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:00:28.0029 1756 ql40xx - ok
18:00:28.0091 1756 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
18:00:28.0107 1756 QWAVE - ok
18:00:28.0123 1756 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:00:28.0123 1756 QWAVEdrv - ok
18:00:28.0232 1756 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
18:00:28.0232 1756 RapiMgr - ok
18:00:28.0263 1756 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:00:28.0263 1756 RasAcd - ok
18:00:28.0310 1756 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
18:00:28.0310 1756 RasAuto - ok
18:00:28.0341 1756 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:00:28.0341 1756 Rasl2tp - ok
18:00:28.0419 1756 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
18:00:28.0419 1756 RasMan - ok
18:00:28.0466 1756 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:00:28.0466 1756 RasPppoe - ok
18:00:28.0497 1756 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:00:28.0497 1756 RasSstp - ok
18:00:28.0559 1756 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:00:28.0575 1756 rdbss - ok
18:00:28.0591 1756 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:00:28.0606 1756 RDPCDD - ok
18:00:28.0653 1756 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:00:28.0653 1756 rdpdr - ok
18:00:28.0669 1756 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:00:28.0669 1756 RDPENCDD - ok
18:00:28.0731 1756 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
18:00:28.0731 1756 RDPWD - ok
18:00:28.0809 1756 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
18:00:28.0809 1756 RemoteAccess - ok
18:00:28.0856 1756 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
18:00:28.0871 1756 RemoteRegistry - ok
18:00:28.0934 1756 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
18:00:28.0934 1756 RimUsb - ok
18:00:29.0027 1756 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
18:00:29.0027 1756 RimVSerPort - ok
18:00:29.0074 1756 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
18:00:29.0090 1756 ROOTMODEM - ok
18:00:29.0293 1756 Roxio UPnP Renderer 9 (afd61a7c48a3e15c86a6fadf0b69a2e4) C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
18:00:29.0293 1756 Roxio UPnP Renderer 9 - ok
18:00:29.0651 1756 RoxMediaDB9 (6ba45db2953d0fc7c8107b2e3024cb89) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:00:29.0714 1756 RoxMediaDB9 - ok
18:00:29.0870 1756 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
18:00:29.0870 1756 RpcLocator - ok
18:00:29.0995 1756 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
18:00:29.0995 1756 RpcSs - ok
18:00:30.0073 1756 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:00:30.0088 1756 rspndr - ok
18:00:30.0213 1756 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
18:00:30.0213 1756 RTL8169 - ok
18:00:30.0275 1756 RTSTOR (9ff7d9cf3a5f296613588b0e8db83afe) C:\Windows\system32\drivers\RTSTOR.SYS
18:00:30.0275 1756 RTSTOR - ok
18:00:30.0307 1756 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:00:30.0307 1756 SamSs - ok
18:00:30.0353 1756 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:00:30.0353 1756 sbp2port - ok
18:00:30.0400 1756 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
18:00:30.0416 1756 SCardSvr - ok
18:00:30.0509 1756 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
18:00:30.0525 1756 Schedule - ok
18:00:30.0572 1756 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
18:00:30.0572 1756 SCPolicySvc - ok
18:00:30.0619 1756 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
18:00:30.0619 1756 SDRSVC - ok
18:00:30.0665 1756 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:00:30.0665 1756 secdrv - ok
18:00:30.0681 1756 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
18:00:30.0681 1756 seclogon - ok
18:00:30.0712 1756 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
18:00:30.0712 1756 SENS - ok
18:00:30.0743 1756 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:00:30.0743 1756 Serenum - ok
18:00:30.0821 1756 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:00:30.0821 1756 Serial - ok
18:00:30.0853 1756 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:00:30.0853 1756 sermouse - ok
18:00:30.0931 1756 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
18:00:30.0931 1756 SessionEnv - ok
18:00:30.0946 1756 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:00:30.0946 1756 sffdisk - ok
18:00:31.0024 1756 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:00:31.0024 1756 sffp_mmc - ok
18:00:31.0055 1756 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:00:31.0055 1756 sffp_sd - ok
18:00:31.0102 1756 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:00:31.0102 1756 sfloppy - ok
18:00:31.0211 1756 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
18:00:31.0211 1756 SharedAccess - ok
18:00:31.0274 1756 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
18:00:31.0289 1756 ShellHWDetection - ok
18:00:31.0321 1756 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:00:31.0321 1756 sisagp - ok
18:00:31.0352 1756 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:00:31.0352 1756 SiSRaid2 - ok
18:00:31.0383 1756 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:00:31.0383 1756 SiSRaid4 - ok
18:00:32.0054 1756 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
18:00:32.0163 1756 slsvc - ok
18:00:32.0381 1756 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
18:00:32.0381 1756 SLUINotify - ok
18:00:32.0444 1756 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:00:32.0444 1756 Smb - ok
18:00:32.0475 1756 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
18:00:32.0475 1756 SNMPTRAP - ok
18:00:32.0506 1756 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:00:32.0506 1756 spldr - ok
18:00:32.0553 1756 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
18:00:32.0553 1756 Spooler - ok
18:00:32.0600 1756 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:00:32.0615 1756 srv - ok
18:00:32.0647 1756 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:00:32.0662 1756 srv2 - ok
18:00:32.0693 1756 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:00:32.0693 1756 srvnet - ok
18:00:32.0725 1756 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
18:00:32.0740 1756 SSDPSRV - ok
18:00:32.0756 1756 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
18:00:32.0771 1756 SstpSvc - ok
18:00:32.0943 1756 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
18:00:32.0974 1756 stisvc - ok
18:00:33.0052 1756 SVRPEDRV (3e4239b92139f7174a0da7d53fe5e1ab) C:\Windows\System32\sysprep\PEDrv.sys
18:00:33.0068 1756 SVRPEDRV - ok
18:00:33.0115 1756 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:00:33.0115 1756 swenum - ok
18:00:33.0349 1756 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
18:00:33.0380 1756 swprv - ok
18:00:33.0442 1756 Swupdtmr (f70b7ee10d25f62a38e3e7858a06cabf) c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
18:00:33.0442 1756 Swupdtmr - ok
18:00:33.0473 1756 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:00:33.0489 1756 Symc8xx - ok
18:00:33.0505 1756 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:00:33.0505 1756 Sym_hi - ok
18:00:33.0520 1756 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:00:33.0520 1756 Sym_u3 - ok
18:00:33.0614 1756 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
18:00:33.0614 1756 SynTP - ok
18:00:33.0754 1756 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
18:00:33.0817 1756 SysMain - ok
18:00:33.0848 1756 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
18:00:33.0848 1756 TabletInputService - ok
18:00:33.0926 1756 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
18:00:33.0926 1756 TapiSrv - ok
18:00:33.0957 1756 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
18:00:33.0973 1756 TBS - ok
18:00:34.0113 1756 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
18:00:34.0129 1756 Tcpip - ok
18:00:34.0144 1756 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
18:00:34.0144 1756 Tcpip6 - ok
18:00:34.0175 1756 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
18:00:34.0175 1756 tcpipreg - ok
18:00:34.0207 1756 tdcmdpst (6fdfba25002ce4bac463ac866ae71405) C:\Windows\system32\DRIVERS\tdcmdpst.sys
18:00:34.0207 1756 tdcmdpst - ok
18:00:34.0238 1756 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:00:34.0253 1756 TDPIPE - ok
18:00:34.0269 1756 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:00:34.0285 1756 TDTCP - ok
18:00:34.0316 1756 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:00:34.0316 1756 tdx - ok
18:00:34.0363 1756 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:00:34.0363 1756 TermDD - ok
18:00:34.0487 1756 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
18:00:34.0503 1756 TermService - ok
18:00:34.0565 1756 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
18:00:34.0565 1756 Themes - ok
18:00:34.0612 1756 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
18:00:34.0612 1756 THREADORDER - ok
18:00:34.0877 1756 TNaviSrv (b79ddc3af04e9b4288e2fbd84dfbb663) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
18:00:34.0877 1756 TNaviSrv - ok
18:00:35.0065 1756 TosCoSrv (9be7ad3ab51f2c45c71bb2606e29d34c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:00:35.0065 1756 TosCoSrv - ok
18:00:35.0143 1756 TOSHIBA SMART Log Service (3c0befe847d3df53f6b51ac581a02536) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
18:00:35.0143 1756 TOSHIBA SMART Log Service - ok
18:00:35.0221 1756 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
18:00:35.0221 1756 tos_sps32 - ok
18:00:35.0267 1756 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
18:00:35.0267 1756 TrkWks - ok
18:00:35.0345 1756 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
18:00:35.0345 1756 TrustedInstaller - ok
18:00:35.0377 1756 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:00:35.0377 1756 tssecsrv - ok
18:00:35.0408 1756 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:00:35.0408 1756 tunmp - ok
18:00:35.0423 1756 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:00:35.0439 1756 tunnel - ok
18:00:35.0486 1756 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:00:35.0486 1756 TVALZ - ok
18:00:35.0517 1756 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:00:35.0517 1756 uagp35 - ok
18:00:35.0579 1756 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:00:35.0579 1756 udfs - ok
18:00:35.0626 1756 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
18:00:35.0626 1756 UI0Detect - ok
18:00:35.0657 1756 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:00:35.0657 1756 uliagpkx - ok
18:00:35.0704 1756 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:00:35.0704 1756 uliahci - ok
18:00:35.0751 1756 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:00:35.0751 1756 UlSata - ok
18:00:35.0782 1756 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:00:35.0798 1756 ulsata2 - ok
18:00:35.0845 1756 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:00:35.0845 1756 umbus - ok
18:00:35.0891 1756 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
18:00:35.0891 1756 upnphost - ok
18:00:35.0954 1756 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
18:00:35.0954 1756 USBAAPL - ok
18:00:36.0063 1756 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:00:36.0063 1756 usbccgp - ok
18:00:36.0110 1756 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:00:36.0110 1756 usbcir - ok
18:00:36.0219 1756 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:00:36.0219 1756 usbehci - ok
18:00:36.0344 1756 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:00:36.0344 1756 usbhub - ok
18:00:36.0406 1756 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
18:00:36.0406 1756 usbohci - ok
18:00:36.0469 1756 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:00:36.0469 1756 usbprint - ok
18:00:36.0562 1756 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:00:36.0562 1756 usbscan - ok
18:00:36.0749 1756 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
18:00:36.0749 1756 usbser - ok
18:00:36.0859 1756 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:00:36.0859 1756 USBSTOR - ok
18:00:36.0921 1756 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:00:36.0921 1756 usbuhci - ok
18:00:36.0999 1756 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:00:36.0999 1756 usbvideo - ok
18:00:37.0061 1756 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
18:00:37.0061 1756 usb_rndisx - ok
18:00:37.0186 1756 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
18:00:37.0186 1756 UxSms - ok
18:00:37.0295 1756 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
18:00:37.0311 1756 vds - ok
18:00:37.0451 1756 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:00:37.0451 1756 vga - ok
18:00:37.0483 1756 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:00:37.0483 1756 VgaSave - ok
18:00:37.0514 1756 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:00:37.0514 1756 viaagp - ok
18:00:37.0576 1756 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:00:37.0592 1756 ViaC7 - ok
18:00:37.0623 1756 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:00:37.0623 1756 viaide - ok
18:00:37.0670 1756 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:00:37.0670 1756 volmgr - ok
18:00:37.0763 1756 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:00:37.0779 1756 volmgrx - ok
18:00:37.0873 1756 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:00:37.0888 1756 volsnap - ok
18:00:38.0013 1756 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:00:38.0029 1756 vsmraid - ok
18:00:38.0325 1756 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
18:00:38.0372 1756 VSS - ok
18:00:38.0497 1756 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
18:00:38.0512 1756 W32Time - ok
18:00:39.0183 1756 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:00:39.0183 1756 WacomPen - ok
18:00:39.0199 1756 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:00:39.0199 1756 Wanarp - ok
18:00:39.0214 1756 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:00:39.0214 1756 Wanarpv6 - ok
18:00:39.0464 1756 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
18:00:39.0464 1756 WcesComm - ok
18:00:39.0620 1756 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
18:00:39.0635 1756 wcncsvc - ok
18:00:39.0682 1756 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
18:00:39.0698 1756 WcsPlugInService - ok
18:00:39.0760 1756 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:00:39.0760 1756 Wd - ok
18:00:39.0885 1756 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:00:39.0901 1756 Wdf01000 - ok
18:00:39.0932 1756 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
18:00:39.0932 1756 WdiServiceHost - ok
18:00:39.0932 1756 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
18:00:39.0947 1756 WdiSystemHost - ok
18:00:40.0072 1756 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
18:00:40.0088 1756 WebClient - ok
18:00:40.0166 1756 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
18:00:40.0166 1756 Wecsvc - ok
18:00:40.0259 1756 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
18:00:40.0259 1756 wercplsupport - ok
18:00:40.0322 1756 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
18:00:40.0322 1756 WerSvc - ok
18:00:40.0743 1756 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
18:00:40.0743 1756 WinDefend - ok
18:00:40.0759 1756 WinHttpAutoProxySvc - ok
18:00:40.0883 1756 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
18:00:40.0883 1756 Winmgmt - ok
18:00:41.0086 1756 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
18:00:41.0164 1756 WinRM - ok
18:00:41.0320 1756 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
18:00:41.0320 1756 WinUSB - ok
18:00:41.0601 1756 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
18:00:41.0632 1756 Wlansvc - ok
18:00:41.0648 1756 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
18:00:41.0663 1756 WmiAcpi - ok
18:00:41.0757 1756 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
18:00:41.0773 1756 wmiApSrv - ok
18:00:42.0085 1756 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:00:42.0209 1756 WMPNetworkSvc - ok
18:00:42.0365 1756 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
18:00:42.0381 1756 WPCSvc - ok
18:00:42.0475 1756 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
18:00:42.0475 1756 WPDBusEnum - ok
18:00:42.0787 1756 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:00:42.0787 1756 WpdUsb - ok
18:00:42.0865 1756 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:00:42.0865 1756 ws2ifsl - ok
18:00:42.0974 1756 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
18:00:42.0974 1756 wscsvc - ok
18:00:42.0974 1756 WSearch - ok
18:00:43.0754 1756 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
18:00:43.0816 1756 wuauserv - ok
18:00:44.0861 1756 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:00:44.0861 1756 WUDFRd - ok
18:00:44.0971 1756 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
18:00:44.0971 1756 wudfsvc - ok
18:00:45.0080 1756 XAudio (3ed8c75a7c21d45f9515d15735093e64) C:\Windows\system32\DRIVERS\ACFXAU32.sys
18:00:45.0080 1756 XAudio - ok
18:00:45.0267 1756 XAudioService (985f8fcfed13cf2babadc55d2fefc2cc) C:\Windows\system32\DRIVERS\ACFXAU32.exe
18:00:45.0267 1756 XAudioService - ok
18:00:45.0485 1756 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
18:00:46.0421 1756 \Device\Harddisk0\DR0 - ok
18:00:46.0484 1756 MBR (0x1B8) (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk1\DR1
18:00:50.0025 1756 \Device\Harddisk1\DR1 - ok
18:00:50.0041 1756 Boot (0x1200) (b7b2da7275a0ac9f4b0ec5599881711d) \Device\Harddisk0\DR0\Partition0
18:00:50.0056 1756 \Device\Harddisk0\DR0\Partition0 - ok
18:00:50.0056 1756 Boot (0x1200) (dbd810c8e00d106600064b311c0bc4b1) \Device\Harddisk1\DR1\Partition0
18:00:50.0056 1756 \Device\Harddisk1\DR1\Partition0 - ok
18:00:50.0056 1756 ============================================================
18:00:50.0056 1756 Scan finished
18:00:50.0056 1756 ============================================================
18:00:50.0072 2328 Detected object count: 0
18:00:50.0072 2328 Actual detected object count: 0
18:03:52.0875 3964 Deinitialize success

#5 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 28 May 2012 - 05:48 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-28 18:30:09
-----------------------------
18:30:09.129 OS Version: Windows 6.0.6002 Service Pack 2
18:30:09.129 Number of processors: 2 586 0x301
18:30:09.129 ComputerName: JEO-PC UserName: admin
18:30:10.751 Initialize success
18:30:17.935 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:30:17.935 Disk 0 Vendor: TOSHIBA_MK1652GSX LV010M Size: 152627MB BusType: 3
18:30:17.951 Disk 0 MBR read successfully
18:30:17.951 Disk 0 MBR scan
18:30:17.951 Disk 0 Windows VISTA default MBR code
18:30:17.966 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:30:17.997 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 151125 MB offset 3074048
18:30:17.997 Disk 0 scanning sectors +312579760
18:30:18.075 Disk 0 scanning C:\Windows\system32\drivers
18:30:28.465 Service scanning
18:30:54.221 Modules scanning
18:31:03.549 Disk 0 trace - called modules:
18:31:03.612 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
18:31:03.627 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x878b1030]
18:31:03.627 3 CLASSPNP.SYS[8c16e8b3] -> nt!IofCallDriver -> [0x87876860]
18:31:03.643 5 acpi.sys[806166bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x87862b98]
18:31:03.659 Scan finished successfully
18:31:28.411 Disk 0 MBR has been saved successfully to "D:\Win32\Week2\MBR.dat"
18:31:28.442 The log file has been saved successfully to "D:\Win32\Week2\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   599bytes   0 downloads

Edited by sb07, 28 May 2012 - 05:51 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:24 AM

Posted 29 May 2012 - 09:55 AM

Please run Farbar Service Scanner. (you used that tool in your previous topic.)
Type the following in the edit box after "Search:".

ipsec.sys

Click Search Files button and post the log (FSS.txt) it makes to your reply.

Edited by nasdaq, 29 May 2012 - 09:56 AM.


#7 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 29 May 2012 - 11:58 AM

Farbar Service Scanner Version: 17-05-2012
Ran by admin (administrator) on 29-05-2012 at 12:40:45
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)

************************************************
======== Search: "ipsec.sys" =========

====== End Of Search ======

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:24 AM

Posted 30 May 2012 - 08:00 AM

The file is missing.

Run this File checker tool.

How to use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista or on Windows 7
http://support.microsoft.com/kb/929833

If the file is not replaced then you will need to have access to an other Vista computer.

Please run Farbar Service Scanner on that computer.
Type the following in the edit box after "Search:".

ipsec.sys

Click Search Files button and post the log (FSS.txt) it makes to your reply.

#9 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 30 May 2012 - 08:19 PM

Thanks so much for your help. I didn't know that I was missing any files. Getting access to another Vista machine is going to be problematic. I only know of one other person who runs Vista and that person is out of the country right now. If I need to get a copy of ipsec.sys from him, I probably can have him send it to me, but I'm going to have to explain to him how to find the file. I will send a copy of FSS to him today and have him do the search.

#10 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 31 May 2012 - 12:59 PM

Ok, I managed to get my friend to run FSS, and apparently he doesn't have the file either. Yet his computer is running fine and can connect to the internet. Here is the result of his scan:



Farbar Service Scanner Version: 17-05-2012
Ran by Îêñàíà (administrator) on 31-05-2012 at 20:16:12
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)

************************************************
======== Search: "ipsec.sys" =========

====== End Of Search ======

#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:24 AM

Posted 31 May 2012 - 01:36 PM

So we are good?

#12 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 01 June 2012 - 11:10 AM

So we are good?


I don't understand. My computer is still not working. My friend's Vista computer does work fine without the ipsec.sys file so I'm wondering how important this file really is. From what I read on the internet without this file you can get the "blue screen of death," but I have not had this happen to me. If this is a necessary file, is it possible to get it somewhere like from Microsoft?

Nothing changed after the sfc /scannow

#13 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 01 June 2012 - 12:08 PM

Just for fun, I ran FSS on my Windows 7 machine, and it also did not find the file ipsec.sys:

Farbar Service Scanner Version: 17-05-2012
Ran by jeo (administrator) on 01-06-2012 at 12:27:13
Microsoft Windows 7 Home Premium Service Pack 1 (X64)

************************************************
======== Search: "ipsec.sys" =========

====== End Of Search ======

#14 sb07

sb07
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 03 June 2012 - 03:08 PM

Attached are the results of the sfc scan.

Attached Files



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:24 AM

Posted 04 June 2012 - 07:48 AM

Lets reset these registry keys.

Please download Vista.zip file from here: http://www.smartestc...y-network-keys/
Unzip the file to a temporary folder your desktop.

These files will be extracted:
afd.reg
bit.reg
bfe.reg
mpssvc.reg
nsiproxy.reg
sdrsvc.reg
tdx.reg
wscsvc.reg
windefend.reg
wuauserv.reg

legacy_afd.reg
legacy_bfe.reg
Legacy_bit.reg
legacy_mpssvc.reg
legacy_nsiproxy.reg
legacy_sdrsvc.reg
legacy_tdx.reg
Legacy_windefend.reg
legacy_wscsvc.reg
legacy_wuauserv.reg

start_services.bat


Double-click each one of the 15 .reg files in turn and click Yes to add it to the Registry
Allow registry merge.
When the 15 file have been executed.

Restart computer.

Click Start and in "Search Box" type in:
regedit
Press Enter.

Registry editor will open.
Navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
Right click on BFE key, click "Permissions"
Click on Add button, type Everyone and click OK.
Now click once on Everyone
Below, in "Permissions" pane checkmark "Allow" in "Full control" row.
Click "Apply" then "OK".

Close regedit and go back to your Desktop find start_services.bat Right click on it, click "Run As Administrator" to run the fix. Agree any alerts, then re-boot.

Note: Ignore this error:
"Cannot import C:\...\Desktop\Legacy_xxx.reg:
Not all data was successfully written to the registry. Some keys are open by the system or other processes."
Just continue executing the remaining .reg files.

How is it now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users