Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect virus


  • Please log in to reply
6 replies to this topic

#1 lordofarda

lordofarda

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 17 June 2012 - 07:44 PM

So apparently I have a Google redirect virus on my computer. Every time I search using google in any web browser all the links have a green check mark on them and when I click on the links it redirects me to ad sites. The only way I can go to the page is to highlight the green URL underneath the link and doing a copy paste into the address bar.

Doing some searches I came up with this site so I thought I'd ask for some help as I am in that middle ground with only know enough about computers to be extremely dangerous with them.

The system I am running is a Toshiba Satellite A665-S5170 running 64-bit Windows 7 Home Premium Service Pack 1.

The antivirus's I have are Webroot, Adaware, and Spybot.

Any help would be greatly appreciated.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:12 AM

Posted 17 June 2012 - 08:24 PM

Welocome lordofarda,

Let's review a few logs and see if it improves.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode




Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.





Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 lordofarda

lordofarda
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 17 June 2012 - 09:25 PM

Here is the MiniToolbox log:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Owner (administrator) on 17-06-2012 at 18:59:53
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.autoconfig_url", "file:///C:/Users/Nancy/AppData/Local/RapidSolution/Videoraptor/WebRip/profile/rrproxy_ffox_496a936d.pac"
"network.proxy.no_proxies_on", ""
"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.or.comcast.net.

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250
Physical Address. . . . . . . . . : 64-D4-DA-22-CA-E0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-23-15-C8-4F-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-23-15-C8-4F-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.or.comcast.net.
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
Physical Address. . . . . . . . . : 00-23-15-C8-4F-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3b:2258:8927:6cd5%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, June 17, 2012 6:43:34 PM
Lease Expires . . . . . . . . . . : Monday, June 18, 2012 6:43:34 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 318776085
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-10-71-8F-1C-75-08-8D-88-04
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 1C-75-08-8D-88-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.or.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.or.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D77D31F2-C22B-454B-85D4-477441E50D3C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:20c4:1158:b83e:1902(Preferred)
Link-local IPv6 Address . . . . . : fe80::20c4:1158:b83e:1902%28(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{EE04E81C-C2CC-4B9D-AB63-42DF330670B6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9995D79C-EC26-48EA-A42F-1897BD79371E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DEE794FF-929A-44C4-9639-0E1C2FD30EBD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400a:801::100e
173.194.33.41
173.194.33.33
173.194.33.40
173.194.33.38
173.194.33.39
173.194.33.35
173.194.33.37
173.194.33.46
173.194.33.34
173.194.33.32
173.194.33.36


Pinging google.com [173.194.33.33] with 32 bytes of data:
Reply from 173.194.33.33: bytes=32 time=15ms TTL=55
Reply from 173.194.33.33: bytes=32 time=17ms TTL=55

Ping statistics for 173.194.33.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 17ms, Average = 16ms
Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=106ms TTL=46
Reply from 98.139.183.24: bytes=32 time=112ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 106ms, Maximum = 112ms, Average = 109ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...64 d4 da 22 ca e0 ......Intel® Centrino® WiMAX 6250
14...00 23 15 c8 4f 3d ......Microsoft Virtual WiFi Miniport Adapter #2
13...00 23 15 c8 4f 3d ......Microsoft Virtual WiFi Miniport Adapter
12...00 23 15 c8 4f 3c ......Intel® Centrino® Advanced-N 6250 AGN
10...1c 75 08 8d 88 04 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
28...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
28 58 ::/0 On-link
1 306 ::1/128 On-link
28 58 2001::/32 On-link
28 306 2001:0:4137:9e76:20c4:1158:b83e:1902/128
On-link
12 281 fe80::/64 On-link
28 306 fe80::/64 On-link
12 281 fe80::3b:2258:8927:6cd5/128
On-link
28 306 fe80::20c4:1158:b83e:1902/128
On-link
1 306 ff00::/8 On-link
28 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/16/2012 04:26:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1108

Error: (06/16/2012 04:26:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1108

Error: (06/16/2012 04:26:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2012 04:39:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (06/15/2012 04:39:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (06/15/2012 04:39:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2012 01:15:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7113

Error: (06/15/2012 01:15:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7113

Error: (06/15/2012 01:15:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2012 01:15:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6115


System errors:
=============
Error: (06/15/2012 06:37:34 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WRSVC service, but this action failed with the following error:
%%1056

Error: (06/15/2012 06:37:24 AM) (Source: Service Control Manager) (User: )
Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/12/2012 06:47:36 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.1.101 with the system
having network hardware address 00-22-15-9D-2A-26. Network operations on this system may
be disrupted as a result.

Error: (06/09/2012 06:10:59 AM) (Source: Service Control Manager) (User: )
Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/06/2012 06:19:56 AM) (Source: Service Control Manager) (User: )
Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/01/2012 07:40:31 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WRSVC service, but this action failed with the following error:
%%1056

Error: (06/01/2012 07:40:21 AM) (Source: Service Control Manager) (User: )
Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (05/28/2012 11:53:59 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/28/2012 11:51:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (05/28/2012 11:51:15 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.


Microsoft Office Sessions:
=========================
Error: (06/16/2012 04:26:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1108

Error: (06/16/2012 04:26:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1108

Error: (06/16/2012 04:26:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2012 04:39:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (06/15/2012 04:39:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (06/15/2012 04:39:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2012 01:15:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7113

Error: (06/15/2012 01:15:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7113

Error: (06/15/2012 01:15:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2012 01:15:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6115


=========================== Installed Programs ============================

µTorrent (Version: 1.8.2)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Ad-Aware Antivirus (Version: 10.1.211.3382)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe After Effects CS5 Third Party Content (Version: 10)
Adobe After Effects CS5 Third Party Royalty Content (Version: 10)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.52.14)
Adobe Flash Player 10 ActiveX (Version: 10.2.159.1)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Media Player (Version: 1.8)
Adobe Reader 9.5.1 (Version: 9.5.1)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Best Buy pc app (Version: 3.0.0.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
calibre (Version: 0.8.8)
Collectorz.com Book Collector
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DivX Setup (Version: 2.5.0.8)
DocProc (Version: 13.0.0.0)
Family Tree Maker 2009 (Version: 18.0.86)
Fax (Version: 130.0.418.000)
Google Chrome (Version: 19.0.1084.56)
GPBaseService2 (Version: 130.0.371.000)
Hoyle Card Games 2005 (Version: 1.2.0.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Intel PROSet Wireless
Intel WiMAX Tutorial (Version: 1.5.3.1)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2189)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.03.0000)
Intel® Rapid Storage Technology (Version: 9.5.7.1002)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.2000)
Intel® Wireless Display (Version: 1.2.20.0)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
JMicron Flash Media Controller Driver (Version: 1.0.44.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft WSE 3.0 (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PDF Settings CS5 (Version: 10.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
PowerISO (Version: 4.6)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.20.503.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Toolbars (Version: 5.5.7896)
Skype™ 5.3 (Version: 5.3.120)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toolbox (Version: 130.0.648.000)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
Toshiba Book Place (Version: 2.0.5271)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA DVD PLAYER (Version: 3.01.2.12-A)
TOSHIBA eco Utility (Version: 1.2.18.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.6C)
TOSHIBA Hardware Setup (Version: 1.63.0.26C)
TOSHIBA HDD Protection (Version: 2.2.0.4)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.8.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.5.11)
TOSHIBA PC Health Monitor (Version: 1.7.1.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.7.16.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Sleep Utility (Version: 1.4.1.2)
TOSHIBA Supervisor Password (Version: 1.63.0.9C)
TOSHIBA Value Added Package (Version: 1.3.19.64)
TOSHIBA Web Camera Application (Version: 1.1.1.16)
ToshibaRegistration (Version: 1.0.4)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Utility Common Driver (Version: 1.0.52.1C)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.1.9 (Version: 1.1.9)
WebReg (Version: 130.0.132.017)
Webroot SecureAnywhere (Version: 8.0.1.193)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
Yahoo! Messenger
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 3890.67 MB
Available physical RAM: 2720.12 MB
Total Pagefile: 7779.54 MB
Available Pagefile: 6219.9 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.38 MB

========================= Partitions: =====================================

1 Drive c: (TI106045W0C) (Fixed) (Total:582.67 GB) (Free:474.31 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner


**** End of log ****


Here's the Malware Bytes log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.17.07

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

6/17/2012 7:17:10 PM
mbam-log-2012-06-17 (19-17-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207146
Time elapsed: 2 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

And here is the TDSSKiller log:

19:22:50.0167 1232 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
19:22:50.0657 1232 ============================================================
19:22:50.0657 1232 Current date / time: 2012/06/17 19:22:50.0657
19:22:50.0657 1232 SystemInfo:
19:22:50.0657 1232
19:22:50.0657 1232 OS Version: 6.1.7601 ServicePack: 1.0
19:22:50.0657 1232 Product type: Workstation
19:22:50.0658 1232 ComputerName: OWNER-PC
19:22:50.0658 1232 UserName: Owner
19:22:50.0658 1232 Windows directory: C:\windows
19:22:50.0658 1232 System windows directory: C:\windows
19:22:50.0658 1232 Running under WOW64
19:22:50.0658 1232 Processor architecture: Intel x64
19:22:50.0658 1232 Number of processors: 4
19:22:50.0658 1232 Page size: 0x1000
19:22:50.0658 1232 Boot type: Safe boot with network
19:22:50.0658 1232 ============================================================
19:22:50.0939 1232 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:22:50.0942 1232 ============================================================
19:22:50.0942 1232 \Device\Harddisk0\DR0:
19:22:50.0942 1232 MBR partitions:
19:22:50.0942 1232 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48D59800
19:22:50.0942 1232 ============================================================
19:22:50.0969 1232 C: <-> \Device\Harddisk0\DR0\Partition0
19:22:50.0969 1232 ============================================================
19:22:50.0969 1232 Initialize success
19:22:50.0969 1232 ============================================================
19:23:00.0080 1820 ============================================================
19:23:00.0080 1820 Scan started
19:23:00.0080 1820 Mode: Manual;
19:23:00.0080 1820 ============================================================
19:23:00.0433 1820 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
19:23:00.0436 1820 1394ohci - ok
19:23:00.0497 1820 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
19:23:00.0500 1820 ACPI - ok
19:23:00.0552 1820 acpials (12c5274cd87449a2a37a607cdb321922) C:\windows\system32\DRIVERS\acpials.sys
19:23:00.0553 1820 acpials - ok
19:23:00.0587 1820 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
19:23:00.0588 1820 AcpiPmi - ok
19:23:00.0748 1820 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
19:23:00.0754 1820 Ad-Aware Service - ok
19:23:00.0828 1820 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
19:23:00.0833 1820 adp94xx - ok
19:23:00.0900 1820 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
19:23:00.0904 1820 adpahci - ok
19:23:00.0927 1820 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
19:23:00.0929 1820 adpu320 - ok
19:23:00.0966 1820 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
19:23:00.0981 1820 AeLookupSvc - ok
19:23:01.0025 1820 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
19:23:01.0030 1820 AFD - ok
19:23:01.0086 1820 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
19:23:01.0087 1820 agp440 - ok
19:23:01.0132 1820 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
19:23:01.0133 1820 ALG - ok
19:23:01.0195 1820 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
19:23:01.0196 1820 aliide - ok
19:23:01.0219 1820 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
19:23:01.0220 1820 amdide - ok
19:23:01.0261 1820 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
19:23:01.0262 1820 AmdK8 - ok
19:23:01.0275 1820 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
19:23:01.0277 1820 AmdPPM - ok
19:23:01.0324 1820 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
19:23:01.0326 1820 amdsata - ok
19:23:01.0366 1820 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
19:23:01.0369 1820 amdsbs - ok
19:23:01.0390 1820 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
19:23:01.0391 1820 amdxata - ok
19:23:01.0439 1820 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
19:23:01.0440 1820 AppID - ok
19:23:01.0476 1820 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
19:23:01.0477 1820 AppIDSvc - ok
19:23:01.0518 1820 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
19:23:01.0519 1820 Appinfo - ok
19:23:01.0611 1820 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:23:01.0612 1820 Apple Mobile Device - ok
19:23:01.0688 1820 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
19:23:01.0689 1820 arc - ok
19:23:01.0708 1820 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
19:23:01.0710 1820 arcsas - ok
19:23:01.0756 1820 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
19:23:01.0757 1820 AsyncMac - ok
19:23:01.0800 1820 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
19:23:01.0800 1820 atapi - ok
19:23:01.0853 1820 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
19:23:01.0860 1820 AudioEndpointBuilder - ok
19:23:01.0874 1820 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
19:23:01.0878 1820 AudioSrv - ok
19:23:01.0933 1820 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
19:23:01.0935 1820 AxInstSV - ok
19:23:01.0980 1820 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
19:23:01.0985 1820 b06bdrv - ok
19:23:02.0036 1820 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
19:23:02.0040 1820 b57nd60a - ok
19:23:02.0073 1820 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
19:23:02.0074 1820 BDESVC - ok
19:23:02.0103 1820 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
19:23:02.0104 1820 Beep - ok
19:23:02.0174 1820 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
19:23:02.0181 1820 BFE - ok
19:23:02.0235 1820 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
19:23:02.0325 1820 BITS - ok
19:23:02.0375 1820 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
19:23:02.0376 1820 blbdrive - ok
19:23:02.0450 1820 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:23:02.0453 1820 Bonjour Service - ok
19:23:02.0490 1820 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
19:23:02.0491 1820 bowser - ok
19:23:02.0531 1820 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\windows\system32\DRIVERS\bpenum.sys
19:23:02.0533 1820 bpenum - ok
19:23:02.0576 1820 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\windows\system32\DRIVERS\bpmp.sys
19:23:02.0579 1820 bpmp - ok
19:23:02.0605 1820 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\windows\system32\Drivers\bpusb.sys
19:23:02.0607 1820 bpusb - ok
19:23:02.0651 1820 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
19:23:02.0652 1820 BrFiltLo - ok
19:23:02.0666 1820 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
19:23:02.0667 1820 BrFiltUp - ok
19:23:02.0702 1820 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
19:23:02.0704 1820 Browser - ok
19:23:02.0756 1820 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
19:23:02.0760 1820 Brserid - ok
19:23:02.0783 1820 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
19:23:02.0784 1820 BrSerWdm - ok
19:23:02.0817 1820 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
19:23:02.0818 1820 BrUsbMdm - ok
19:23:02.0845 1820 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
19:23:02.0846 1820 BrUsbSer - ok
19:23:02.0893 1820 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
19:23:02.0894 1820 BTHMODEM - ok
19:23:02.0942 1820 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
19:23:02.0944 1820 bthserv - ok
19:23:02.0976 1820 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
19:23:02.0978 1820 cdfs - ok
19:23:03.0015 1820 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
19:23:03.0017 1820 cdrom - ok
19:23:03.0053 1820 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
19:23:03.0054 1820 CertPropSvc - ok
19:23:03.0092 1820 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
19:23:03.0094 1820 circlass - ok
19:23:03.0146 1820 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
19:23:03.0150 1820 CLFS - ok
19:23:03.0204 1820 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:23:03.0205 1820 clr_optimization_v2.0.50727_32 - ok
19:23:03.0254 1820 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:23:03.0256 1820 clr_optimization_v2.0.50727_64 - ok
19:23:03.0327 1820 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:23:03.0328 1820 clr_optimization_v4.0.30319_32 - ok
19:23:03.0375 1820 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:23:03.0377 1820 clr_optimization_v4.0.30319_64 - ok
19:23:03.0409 1820 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
19:23:03.0410 1820 CmBatt - ok
19:23:03.0443 1820 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
19:23:03.0444 1820 cmdide - ok
19:23:03.0488 1820 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
19:23:03.0492 1820 CNG - ok
19:23:03.0560 1820 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
19:23:03.0561 1820 Compbatt - ok
19:23:03.0594 1820 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
19:23:03.0595 1820 CompositeBus - ok
19:23:03.0611 1820 COMSysApp - ok
19:23:03.0649 1820 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
19:23:03.0650 1820 crcdisk - ok
19:23:03.0690 1820 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
19:23:03.0692 1820 CryptSvc - ok
19:23:03.0759 1820 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
19:23:03.0765 1820 DcomLaunch - ok
19:23:03.0803 1820 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
19:23:03.0806 1820 defragsvc - ok
19:23:03.0842 1820 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
19:23:03.0844 1820 DfsC - ok
19:23:03.0879 1820 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
19:23:03.0882 1820 Dhcp - ok
19:23:03.0912 1820 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
19:23:03.0913 1820 discache - ok
19:23:03.0953 1820 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
19:23:03.0955 1820 Disk - ok
19:23:04.0048 1820 DMAgent (c4aebbeb530706b45b7916161a1f525d) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
19:23:04.0050 1820 DMAgent - ok
19:23:04.0111 1820 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
19:23:04.0114 1820 Dnscache - ok
19:23:04.0147 1820 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
19:23:04.0150 1820 dot3svc - ok
19:23:04.0202 1820 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
19:23:04.0204 1820 Dot4 - ok
19:23:04.0217 1820 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
19:23:04.0218 1820 Dot4Print - ok
19:23:04.0234 1820 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
19:23:04.0249 1820 dot4usb - ok
19:23:04.0288 1820 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
19:23:04.0290 1820 DPS - ok
19:23:04.0325 1820 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
19:23:04.0326 1820 drmkaud - ok
19:23:04.0396 1820 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
19:23:04.0404 1820 DXGKrnl - ok
19:23:04.0453 1820 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
19:23:04.0455 1820 EapHost - ok
19:23:04.0579 1820 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
19:23:04.0651 1820 ebdrv - ok
19:23:04.0753 1820 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
19:23:04.0754 1820 EFS - ok
19:23:04.0821 1820 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
19:23:04.0825 1820 ehRecvr - ok
19:23:04.0851 1820 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
19:23:04.0852 1820 ehSched - ok
19:23:04.0911 1820 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
19:23:04.0916 1820 elxstor - ok
19:23:04.0951 1820 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
19:23:04.0952 1820 ErrDev - ok
19:23:05.0031 1820 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
19:23:05.0035 1820 EventSystem - ok
19:23:05.0158 1820 EvtEng (bdfcb7e8c108d042b213957d2b044e7e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:23:05.0165 1820 EvtEng - ok
19:23:05.0294 1820 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
19:23:05.0296 1820 exfat - ok
19:23:05.0330 1820 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
19:23:05.0332 1820 fastfat - ok
19:23:05.0401 1820 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
19:23:05.0408 1820 Fax - ok
19:23:05.0454 1820 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
19:23:05.0455 1820 fdc - ok
19:23:05.0490 1820 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
19:23:05.0491 1820 fdPHost - ok
19:23:05.0515 1820 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
19:23:05.0517 1820 FDResPub - ok
19:23:05.0540 1820 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
19:23:05.0542 1820 FileInfo - ok
19:23:05.0564 1820 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
19:23:05.0564 1820 Filetrace - ok
19:23:05.0603 1820 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
19:23:05.0604 1820 flpydisk - ok
19:23:05.0654 1820 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
19:23:05.0657 1820 FltMgr - ok
19:23:05.0707 1820 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
19:23:05.0718 1820 FontCache - ok
19:23:05.0784 1820 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:23:05.0785 1820 FontCache3.0.0.0 - ok
19:23:05.0816 1820 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
19:23:05.0817 1820 FsDepends - ok
19:23:05.0859 1820 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
19:23:05.0860 1820 Fs_Rec - ok
19:23:05.0906 1820 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
19:23:05.0909 1820 fvevol - ok
19:23:05.0940 1820 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
19:23:05.0941 1820 gagp30kx - ok
19:23:05.0993 1820 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:23:05.0994 1820 GEARAspiWDM - ok
19:23:06.0038 1820 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
19:23:06.0045 1820 gpsvc - ok
19:23:06.0084 1820 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
19:23:06.0085 1820 hcw85cir - ok
19:23:06.0143 1820 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
19:23:06.0146 1820 HdAudAddService - ok
19:23:06.0172 1820 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
19:23:06.0173 1820 HDAudBus - ok
19:23:06.0225 1820 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
19:23:06.0226 1820 HECIx64 - ok
19:23:06.0247 1820 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
19:23:06.0248 1820 HidBatt - ok
19:23:06.0263 1820 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
19:23:06.0264 1820 HidBth - ok
19:23:06.0295 1820 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
19:23:06.0305 1820 HidIr - ok
19:23:06.0323 1820 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
19:23:06.0324 1820 hidserv - ok
19:23:06.0367 1820 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
19:23:06.0368 1820 HidUsb - ok
19:23:06.0385 1820 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
19:23:06.0387 1820 hkmsvc - ok
19:23:06.0414 1820 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
19:23:06.0417 1820 HomeGroupListener - ok
19:23:06.0441 1820 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
19:23:06.0444 1820 HomeGroupProvider - ok
19:23:06.0541 1820 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:23:06.0543 1820 hpqcxs08 - ok
19:23:06.0564 1820 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:23:06.0565 1820 hpqddsvc - ok
19:23:06.0594 1820 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
19:23:06.0596 1820 HpSAMD - ok
19:23:06.0648 1820 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:23:06.0653 1820 HPSLPSVC - ok
19:23:06.0700 1820 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
19:23:06.0707 1820 HTTP - ok
19:23:06.0726 1820 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
19:23:06.0727 1820 hwpolicy - ok
19:23:06.0764 1820 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
19:23:06.0765 1820 i8042prt - ok
19:23:06.0808 1820 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
19:23:06.0811 1820 iaStor - ok
19:23:06.0852 1820 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
19:23:06.0856 1820 iaStorV - ok
19:23:06.0936 1820 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:23:06.0940 1820 idsvc - ok
19:23:07.0254 1820 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys
19:23:07.0467 1820 igfx - ok
19:23:07.0570 1820 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
19:23:07.0572 1820 iirsp - ok
19:23:07.0627 1820 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
19:23:07.0635 1820 IKEEXT - ok
19:23:07.0657 1820 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
19:23:07.0658 1820 Impcd - ok
19:23:07.0776 1820 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
19:23:07.0798 1820 IntcAzAudAddService - ok
19:23:07.0899 1820 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys
19:23:07.0902 1820 IntcDAud - ok
19:23:07.0939 1820 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
19:23:07.0940 1820 intelide - ok
19:23:07.0975 1820 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
19:23:07.0977 1820 intelppm - ok
19:23:07.0992 1820 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
19:23:07.0994 1820 IPBusEnum - ok
19:23:08.0031 1820 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
19:23:08.0032 1820 IpFilterDriver - ok
19:23:08.0066 1820 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
19:23:08.0071 1820 iphlpsvc - ok
19:23:08.0108 1820 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
19:23:08.0109 1820 IPMIDRV - ok
19:23:08.0142 1820 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
19:23:08.0143 1820 IPNAT - ok
19:23:08.0217 1820 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
19:23:08.0222 1820 iPod Service - ok
19:23:08.0263 1820 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
19:23:08.0264 1820 IRENUM - ok
19:23:08.0294 1820 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
19:23:08.0295 1820 isapnp - ok
19:23:08.0323 1820 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
19:23:08.0326 1820 iScsiPrt - ok
19:23:08.0371 1820 JMCR (19496fe93696c929392f1595ed1f8bb3) C:\windows\system32\DRIVERS\jmcr.sys
19:23:08.0373 1820 JMCR - ok
19:23:08.0409 1820 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
19:23:08.0410 1820 kbdclass - ok
19:23:08.0444 1820 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
19:23:08.0445 1820 kbdhid - ok
19:23:08.0475 1820 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:23:08.0476 1820 KeyIso - ok
19:23:08.0485 1820 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
19:23:08.0487 1820 KSecDD - ok
19:23:08.0499 1820 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
19:23:08.0501 1820 KSecPkg - ok
19:23:08.0534 1820 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
19:23:08.0535 1820 ksthunk - ok
19:23:08.0564 1820 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
19:23:08.0569 1820 KtmRm - ok
19:23:08.0617 1820 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
19:23:08.0620 1820 LanmanServer - ok
19:23:08.0655 1820 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
19:23:08.0657 1820 LanmanWorkstation - ok
19:23:08.0691 1820 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
19:23:08.0692 1820 lltdio - ok
19:23:08.0722 1820 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
19:23:08.0725 1820 lltdsvc - ok
19:23:08.0745 1820 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
19:23:08.0746 1820 lmhosts - ok
19:23:08.0840 1820 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:23:08.0841 1820 LMS - ok
19:23:08.0890 1820 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
19:23:08.0891 1820 LPCFilter - ok
19:23:08.0933 1820 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
19:23:08.0935 1820 LSI_FC - ok
19:23:08.0953 1820 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
19:23:08.0954 1820 LSI_SAS - ok
19:23:08.0993 1820 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
19:23:08.0995 1820 LSI_SAS2 - ok
19:23:09.0003 1820 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
19:23:09.0005 1820 LSI_SCSI - ok
19:23:09.0025 1820 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
19:23:09.0027 1820 luafv - ok
19:23:09.0063 1820 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
19:23:09.0065 1820 Mcx2Svc - ok
19:23:09.0100 1820 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
19:23:09.0101 1820 megasas - ok
19:23:09.0120 1820 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
19:23:09.0123 1820 MegaSR - ok
19:23:09.0157 1820 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
19:23:09.0158 1820 MMCSS - ok
19:23:09.0198 1820 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
19:23:09.0200 1820 Modem - ok
19:23:09.0217 1820 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
19:23:09.0218 1820 monitor - ok
19:23:09.0250 1820 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
19:23:09.0251 1820 mouclass - ok
19:23:09.0283 1820 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
19:23:09.0284 1820 mouhid - ok
19:23:09.0306 1820 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
19:23:09.0307 1820 mountmgr - ok
19:23:09.0433 1820 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:23:09.0434 1820 MozillaMaintenance - ok
19:23:09.0467 1820 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
19:23:09.0469 1820 mpio - ok
19:23:09.0498 1820 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
19:23:09.0499 1820 mpsdrv - ok
19:23:09.0538 1820 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
19:23:09.0545 1820 MpsSvc - ok
19:23:09.0568 1820 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
19:23:09.0570 1820 MRxDAV - ok
19:23:09.0596 1820 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
19:23:09.0598 1820 mrxsmb - ok
19:23:09.0621 1820 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
19:23:09.0624 1820 mrxsmb10 - ok
19:23:09.0629 1820 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
19:23:09.0631 1820 mrxsmb20 - ok
19:23:09.0655 1820 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
19:23:09.0657 1820 msahci - ok
19:23:09.0683 1820 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
19:23:09.0685 1820 msdsm - ok
19:23:09.0721 1820 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
19:23:09.0724 1820 MSDTC - ok
19:23:09.0759 1820 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
19:23:09.0760 1820 Msfs - ok
19:23:09.0781 1820 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
19:23:09.0782 1820 mshidkmdf - ok
19:23:09.0792 1820 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
19:23:09.0793 1820 msisadrv - ok
19:23:09.0821 1820 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
19:23:09.0824 1820 MSiSCSI - ok
19:23:09.0826 1820 msiserver - ok
19:23:09.0868 1820 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
19:23:09.0869 1820 MSKSSRV - ok
19:23:09.0878 1820 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
19:23:09.0879 1820 MSPCLOCK - ok
19:23:09.0888 1820 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
19:23:09.0888 1820 MSPQM - ok
19:23:09.0917 1820 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
19:23:09.0921 1820 MsRPC - ok
19:23:09.0947 1820 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
19:23:09.0948 1820 mssmbios - ok
19:23:10.0008 1820 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
19:23:10.0009 1820 MSTEE - ok
19:23:10.0022 1820 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
19:23:10.0022 1820 MTConfig - ok
19:23:10.0076 1820 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
19:23:10.0077 1820 Mup - ok
19:23:10.0171 1820 MyWiFiDHCPDNS (93cd1c4ecb8658a35e5e6eba02d43e4f) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:23:10.0173 1820 MyWiFiDHCPDNS - ok
19:23:10.0224 1820 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
19:23:10.0229 1820 napagent - ok
19:23:10.0291 1820 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
19:23:10.0295 1820 NativeWifiP - ok
19:23:10.0354 1820 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
19:23:10.0363 1820 NDIS - ok
19:23:10.0420 1820 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
19:23:10.0421 1820 NdisCap - ok
19:23:10.0437 1820 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
19:23:10.0438 1820 NdisTapi - ok
19:23:10.0466 1820 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
19:23:10.0467 1820 Ndisuio - ok
19:23:10.0478 1820 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
19:23:10.0480 1820 NdisWan - ok
19:23:10.0503 1820 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
19:23:10.0504 1820 NDProxy - ok
19:23:10.0556 1820 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
19:23:10.0557 1820 Net Driver HPZ12 - ok
19:23:10.0600 1820 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
19:23:10.0601 1820 NetBIOS - ok
19:23:10.0633 1820 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
19:23:10.0636 1820 NetBT - ok
19:23:10.0665 1820 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:23:10.0666 1820 Netlogon - ok
19:23:10.0703 1820 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
19:23:10.0707 1820 Netman - ok
19:23:10.0722 1820 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
19:23:10.0727 1820 netprofm - ok
19:23:10.0780 1820 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:23:10.0781 1820 NetTcpPortSharing - ok
19:23:11.0043 1820 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\windows\system32\DRIVERS\NETwNs64.sys
19:23:11.0180 1820 NETwNs64 - ok
19:23:11.0335 1820 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
19:23:11.0336 1820 nfrd960 - ok
19:23:11.0391 1820 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
19:23:11.0395 1820 NlaSvc - ok
19:23:11.0424 1820 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
19:23:11.0425 1820 Npfs - ok
19:23:11.0485 1820 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
19:23:11.0487 1820 nsi - ok
19:23:11.0499 1820 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
19:23:11.0499 1820 nsiproxy - ok
19:23:11.0571 1820 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
19:23:11.0585 1820 Ntfs - ok
19:23:11.0686 1820 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
19:23:11.0687 1820 Null - ok
19:23:11.0723 1820 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
19:23:11.0726 1820 nvraid - ok
19:23:11.0741 1820 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
19:23:11.0743 1820 nvstor - ok
19:23:11.0767 1820 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
19:23:11.0769 1820 nv_agp - ok
19:23:11.0799 1820 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
19:23:11.0800 1820 ohci1394 - ok
19:23:11.0841 1820 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
19:23:11.0845 1820 p2pimsvc - ok
19:23:11.0873 1820 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
19:23:11.0878 1820 p2psvc - ok
19:23:11.0896 1820 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
19:23:11.0897 1820 Parport - ok
19:23:11.0926 1820 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
19:23:11.0928 1820 partmgr - ok
19:23:11.0953 1820 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
19:23:11.0956 1820 PcaSvc - ok
19:23:11.0990 1820 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
19:23:11.0992 1820 pci - ok
19:23:12.0008 1820 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
19:23:12.0008 1820 pciide - ok
19:23:12.0037 1820 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
19:23:12.0039 1820 pcmcia - ok
19:23:12.0050 1820 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
19:23:12.0051 1820 pcw - ok
19:23:12.0082 1820 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
19:23:12.0088 1820 PEAUTH - ok
19:23:12.0139 1820 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
19:23:12.0140 1820 PerfHost - ok
19:23:12.0176 1820 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
19:23:12.0177 1820 PGEffect - ok
19:23:12.0235 1820 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
19:23:12.0248 1820 pla - ok
19:23:12.0294 1820 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
19:23:12.0311 1820 PlugPlay - ok
19:23:12.0341 1820 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
19:23:12.0343 1820 Pml Driver HPZ12 - ok
19:23:12.0358 1820 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
19:23:12.0360 1820 PNRPAutoReg - ok
19:23:12.0386 1820 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
19:23:12.0388 1820 PNRPsvc - ok
19:23:12.0421 1820 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
19:23:12.0426 1820 PolicyAgent - ok
19:23:12.0449 1820 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
19:23:12.0451 1820 Power - ok
19:23:12.0500 1820 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
19:23:12.0502 1820 PptpMiniport - ok
19:23:12.0529 1820 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
19:23:12.0531 1820 Processor - ok
19:23:12.0578 1820 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
19:23:12.0581 1820 ProfSvc - ok
19:23:12.0609 1820 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:23:12.0610 1820 ProtectedStorage - ok
19:23:12.0658 1820 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
19:23:12.0660 1820 Psched - ok
19:23:12.0701 1820 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys
19:23:12.0702 1820 PxHlpa64 - ok
19:23:12.0783 1820 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
19:23:12.0797 1820 ql2300 - ok
19:23:12.0904 1820 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
19:23:12.0906 1820 ql40xx - ok
19:23:12.0939 1820 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
19:23:12.0943 1820 QWAVE - ok
19:23:12.0952 1820 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
19:23:12.0954 1820 QWAVEdrv - ok
19:23:12.0974 1820 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
19:23:12.0975 1820 RasAcd - ok
19:23:12.0999 1820 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
19:23:13.0000 1820 RasAgileVpn - ok
19:23:13.0026 1820 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
19:23:13.0028 1820 RasAuto - ok
19:23:13.0054 1820 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
19:23:13.0056 1820 Rasl2tp - ok
19:23:13.0072 1820 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
19:23:13.0076 1820 RasMan - ok
19:23:13.0107 1820 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
19:23:13.0109 1820 RasPppoe - ok
19:23:13.0123 1820 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
19:23:13.0125 1820 RasSstp - ok
19:23:13.0152 1820 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
19:23:13.0155 1820 rdbss - ok
19:23:13.0174 1820 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
19:23:13.0175 1820 rdpbus - ok
19:23:13.0207 1820 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
19:23:13.0208 1820 RDPCDD - ok
19:23:13.0234 1820 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
19:23:13.0234 1820 RDPENCDD - ok
19:23:13.0249 1820 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
19:23:13.0250 1820 RDPREFMP - ok
19:23:13.0276 1820 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
19:23:13.0278 1820 RDPWD - ok
19:23:13.0331 1820 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
19:23:13.0333 1820 rdyboost - ok
19:23:13.0443 1820 RegSrvc (a6baea839cc888d4961ab5fe16bb8c4a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:23:13.0447 1820 RegSrvc - ok
19:23:13.0473 1820 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
19:23:13.0475 1820 RemoteAccess - ok
19:23:13.0494 1820 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
19:23:13.0496 1820 RemoteRegistry - ok
19:23:13.0519 1820 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
19:23:13.0521 1820 RpcEptMapper - ok
19:23:13.0549 1820 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
19:23:13.0551 1820 RpcLocator - ok
19:23:13.0594 1820 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
19:23:13.0597 1820 RpcSs - ok
19:23:13.0647 1820 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
19:23:13.0648 1820 rspndr - ok
19:23:13.0691 1820 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\windows\system32\DRIVERS\Rt64win7.sys
19:23:13.0692 1820 RTL8167 - ok
19:23:13.0720 1820 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:23:13.0721 1820 SamSs - ok
19:23:13.0883 1820 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
19:23:13.0899 1820 SBAMSvc - ok
19:23:14.0015 1820 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\windows\system32\DRIVERS\sbapifs.sys
19:23:14.0016 1820 sbapifs - ok
19:23:14.0071 1820 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\windows\system32\drivers\SbFw.sys
19:23:14.0073 1820 SbFw - ok
19:23:14.0098 1820 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\sbfwim.sys
19:23:14.0099 1820 SBFWIMCL - ok
19:23:14.0132 1820 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\SBFWIM.sys
19:23:14.0133 1820 SBFWIMCLMP - ok
19:23:14.0166 1820 sbhips (b671eef468d13016b9286f5835a06ae1) C:\windows\system32\drivers\sbhips.sys
19:23:14.0168 1820 sbhips - ok
19:23:14.0193 1820 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
19:23:14.0195 1820 sbp2port - ok
19:23:14.0240 1820 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\windows\system32\drivers\SBREdrv.sys
19:23:14.0240 1820 SBRE - ok
19:23:14.0281 1820 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\windows\system32\DRIVERS\sbwtis.sys
19:23:14.0283 1820 sbwtis - ok
19:23:14.0312 1820 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
19:23:14.0315 1820 SCardSvr - ok
19:23:14.0357 1820 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\windows\system32\drivers\SCDEmu.sys
19:23:14.0358 1820 SCDEmu - ok
19:23:14.0375 1820 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
19:23:14.0376 1820 scfilter - ok
19:23:14.0436 1820 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
19:23:14.0447 1820 Schedule - ok
19:23:14.0475 1820 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
19:23:14.0476 1820 SCPolicySvc - ok
19:23:14.0518 1820 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
19:23:14.0520 1820 sdbus - ok
19:23:14.0550 1820 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
19:23:14.0553 1820 SDRSVC - ok
19:23:14.0586 1820 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
19:23:14.0587 1820 secdrv - ok
19:23:14.0597 1820 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
19:23:14.0599 1820 seclogon - ok
19:23:14.0625 1820 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
19:23:14.0627 1820 SENS - ok
19:23:14.0644 1820 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
19:23:14.0646 1820 SensrSvc - ok
19:23:14.0673 1820 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
19:23:14.0674 1820 Serenum - ok
19:23:14.0700 1820 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
19:23:14.0702 1820 Serial - ok
19:23:14.0733 1820 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
19:23:14.0734 1820 sermouse - ok
19:23:14.0769 1820 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
19:23:14.0772 1820 SessionEnv - ok
19:23:14.0793 1820 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
19:23:14.0794 1820 sffdisk - ok
19:23:14.0820 1820 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
19:23:14.0821 1820 sffp_mmc - ok
19:23:14.0834 1820 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
19:23:14.0842 1820 sffp_sd - ok
19:23:14.0859 1820 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
19:23:14.0860 1820 sfloppy - ok
19:23:14.0898 1820 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
19:23:14.0902 1820 SharedAccess - ok
19:23:14.0930 1820 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
19:23:14.0935 1820 ShellHWDetection - ok
19:23:14.0960 1820 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
19:23:14.0961 1820 SiSRaid2 - ok
19:23:14.0976 1820 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
19:23:14.0977 1820 SiSRaid4 - ok
19:23:15.0008 1820 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
19:23:15.0019 1820 Smb - ok
19:23:15.0055 1820 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
19:23:15.0057 1820 SNMPTRAP - ok
19:23:15.0065 1820 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
19:23:15.0066 1820 spldr - ok
19:23:15.0104 1820 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
19:23:15.0111 1820 Spooler - ok
19:23:15.0242 1820 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
19:23:15.0299 1820 sppsvc - ok
19:23:15.0395 1820 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
19:23:15.0397 1820 sppuinotify - ok
19:23:15.0439 1820 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
19:23:15.0444 1820 srv - ok
19:23:15.0468 1820 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
19:23:15.0472 1820 srv2 - ok
19:23:15.0493 1820 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
19:23:15.0495 1820 srvnet - ok
19:23:15.0535 1820 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
19:23:15.0538 1820 SSDPSRV - ok
19:23:15.0573 1820 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
19:23:15.0575 1820 SstpSvc - ok
19:23:15.0603 1820 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
19:23:15.0604 1820 stexstor - ok
19:23:15.0655 1820 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
19:23:15.0661 1820 stisvc - ok
19:23:15.0684 1820 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
19:23:15.0685 1820 swenum - ok
19:23:15.0817 1820 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:23:15.0819 1820 SwitchBoard - ok
19:23:15.0880 1820 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
19:23:15.0886 1820 swprv - ok
19:23:15.0936 1820 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
19:23:15.0938 1820 SynTP - ok
19:23:16.0022 1820 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
19:23:16.0038 1820 SysMain - ok
19:23:16.0126 1820 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
19:23:16.0128 1820 TabletInputService - ok
19:23:16.0153 1820 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
19:23:16.0157 1820 TapiSrv - ok
19:23:16.0182 1820 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
19:23:16.0184 1820 TBS - ok
19:23:16.0301 1820 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
19:23:16.0318 1820 Tcpip - ok
19:23:16.0490 1820 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
19:23:16.0499 1820 TCPIP6 - ok
19:23:16.0595 1820 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
19:23:16.0597 1820 tcpipreg - ok
19:23:16.0635 1820 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
19:23:16.0635 1820 tdcmdpst - ok
19:23:16.0668 1820 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
19:23:16.0669 1820 TDPIPE - ok
19:23:16.0702 1820 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
19:23:16.0703 1820 TDTCP - ok
19:23:16.0740 1820 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
19:23:16.0741 1820 tdx - ok
19:23:16.0767 1820 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
19:23:16.0767 1820 TermDD - ok
19:23:16.0812 1820 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
19:23:16.0819 1820 TermService - ok
19:23:16.0848 1820 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
19:23:16.0850 1820 Themes - ok
19:23:16.0887 1820 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
19:23:16.0889 1820 Thpdrv - ok
19:23:16.0903 1820 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
19:23:16.0904 1820 Thpevm - ok
19:23:16.0937 1820 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\windows\system32\ThpSrv.exe
19:23:16.0943 1820 Thpsrv - ok
19:23:16.0969 1820 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
19:23:16.0970 1820 THREADORDER - ok
19:23:17.0038 1820 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:23:17.0039 1820 TMachInfo - ok
19:23:17.0063 1820 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
19:23:17.0065 1820 TODDSrv - ok
19:23:17.0145 1820 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:23:17.0147 1820 TosCoSrv - ok
19:23:17.0218 1820 TOSHIBA eco Utility Service (152da63a2843e7e63eca8ae90d853763) C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:23:17.0220 1820 TOSHIBA eco Utility Service - ok
19:23:17.0294 1820 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:23:17.0295 1820 TOSHIBA HDD SSD Alert Service - ok
19:23:17.0352 1820 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
19:23:17.0357 1820 tos_sps64 - ok
19:23:17.0407 1820 TPCHSrv (6f9e17819bfa53cff67cb1e16669500f) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:23:17.0411 1820 TPCHSrv - ok
19:23:17.0504 1820 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
19:23:17.0506 1820 TrkWks - ok
19:23:17.0537 1820 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
19:23:17.0538 1820 TrustedInstaller - ok
19:23:17.0571 1820 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
19:23:17.0572 1820 tssecsrv - ok
19:23:17.0604 1820 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
19:23:17.0605 1820 TsUsbFlt - ok
19:23:17.0654 1820 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
19:23:17.0656 1820 tunnel - ok
19:23:17.0690 1820 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:23:17.0691 1820 TVALZ - ok
19:23:17.0732 1820 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
19:23:17.0733 1820 TVALZFL - ok
19:23:17.0760 1820 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
19:23:17.0762 1820 uagp35 - ok
19:23:17.0790 1820 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
19:23:17.0793 1820 udfs - ok
19:23:17.0830 1820 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
19:23:17.0832 1820 UI0Detect - ok
19:23:17.0854 1820 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
19:23:17.0855 1820 uliagpkx - ok
19:23:17.0881 1820 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
19:23:17.0882 1820 umbus - ok
19:23:17.0912 1820 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
19:23:17.0913 1820 UmPass - ok
19:23:18.0063 1820 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:23:18.0074 1820 UNS - ok
19:23:18.0173 1820 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
19:23:18.0178 1820 upnphost - ok
19:23:18.0218 1820 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
19:23:18.0219 1820 USBAAPL64 - ok
19:23:18.0243 1820 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
19:23:18.0244 1820 usbccgp - ok
19:23:18.0279 1820 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
19:23:18.0280 1820 usbcir - ok
19:23:18.0297 1820 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
19:23:18.0298 1820 usbehci - ok
19:23:18.0335 1820 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
19:23:18.0339 1820 usbhub - ok
19:23:18.0357 1820 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
19:23:18.0358 1820 usbohci - ok
19:23:18.0400 1820 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
19:23:18.0401 1820 usbprint - ok
19:23:18.0447 1820 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
19:23:18.0448 1820 usbscan - ok
19:23:18.0478 1820 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
19:23:18.0480 1820 USBSTOR - ok
19:23:18.0502 1820 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
19:23:18.0503 1820 usbuhci - ok
19:23:18.0543 1820 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
19:23:18.0546 1820 usbvideo - ok
19:23:18.0572 1820 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
19:23:18.0574 1820 UxSms - ok
19:23:18.0609 1820 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:23:18.0610 1820 VaultSvc - ok
19:23:18.0648 1820 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
19:23:18.0649 1820 vdrvroot - ok
19:23:18.0688 1820 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
19:23:18.0694 1820 vds - ok
19:23:18.0717 1820 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
19:23:18.0718 1820 vga - ok
19:23:18.0731 1820 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
19:23:18.0732 1820 VgaSave - ok
19:23:18.0764 1820 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
19:23:18.0767 1820 vhdmp - ok
19:23:18.0791 1820 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
19:23:18.0792 1820 viaide - ok
19:23:18.0818 1820 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
19:23:18.0819 1820 volmgr - ok
19:23:18.0854 1820 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
19:23:18.0858 1820 volmgrx - ok
19:23:18.0893 1820 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
19:23:18.0896 1820 volsnap - ok
19:23:18.0940 1820 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
19:23:18.0942 1820 vsmraid - ok
19:23:19.0018 1820 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
19:23:19.0033 1820 VSS - ok
19:23:19.0127 1820 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
19:23:19.0128 1820 vwifibus - ok
19:23:19.0144 1820 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
19:23:19.0145 1820 vwififlt - ok
19:23:19.0178 1820 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
19:23:19.0179 1820 vwifimp - ok
19:23:19.0213 1820 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
19:23:19.0217 1820 W32Time - ok
19:23:19.0265 1820 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
19:23:19.0267 1820 WacomPen - ok
19:23:19.0303 1820 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
19:23:19.0304 1820 WANARP - ok
19:23:19.0306 1820 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
19:23:19.0307 1820 Wanarpv6 - ok
19:23:19.0392 1820 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
19:23:19.0404 1820 WatAdminSvc - ok
19:23:19.0472 1820 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
19:23:19.0486 1820 wbengine - ok
19:23:19.0572 1820 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
19:23:19.0575 1820 WbioSrvc - ok
19:23:19.0613 1820 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
19:23:19.0617 1820 wcncsvc - ok
19:23:19.0639 1820 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
19:23:19.0640 1820 WcsPlugInService - ok
19:23:19.0676 1820 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
19:23:19.0677 1820 Wd - ok
19:23:19.0714 1820 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
19:23:19.0720 1820 Wdf01000 - ok
19:23:19.0733 1820 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
19:23:19.0735 1820 WdiServiceHost - ok
19:23:19.0737 1820 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
19:23:19.0739 1820 WdiSystemHost - ok
19:23:19.0768 1820 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\windows\system32\DRIVERS\WDKMD.sys
19:23:19.0769 1820 wdkmd - ok
19:23:19.0799 1820 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
19:23:19.0803 1820 WebClient - ok
19:23:19.0834 1820 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
19:23:19.0838 1820 Wecsvc - ok
19:23:19.0855 1820 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
19:23:19.0857 1820 wercplsupport - ok
19:23:19.0899 1820 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
19:23:19.0901 1820 WerSvc - ok
19:23:19.0928 1820 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
19:23:19.0929 1820 WfpLwf - ok
19:23:20.0026 1820 WiMAXAppSrv (f3c522691316a24328a7b58b0a86028d) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
19:23:20.0030 1820 WiMAXAppSrv - ok
19:23:20.0042 1820 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
19:23:20.0043 1820 WIMMount - ok
19:23:20.0070 1820 WinDefend - ok
19:23:20.0073 1820 WinHttpAutoProxySvc - ok
19:23:20.0119 1820 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
19:23:20.0122 1820 Winmgmt - ok
19:23:20.0207 1820 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
19:23:20.0226 1820 WinRM - ok
19:23:20.0356 1820 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
19:23:20.0357 1820 WinUsb - ok
19:23:20.0406 1820 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
19:23:20.0415 1820 Wlansvc - ok
19:23:20.0480 1820 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:23:20.0481 1820 wlcrasvc - ok
19:23:20.0593 1820 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:23:20.0604 1820 wlidsvc - ok
19:23:20.0697 1820 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
19:23:20.0698 1820 WmiAcpi - ok
19:23:20.0741 1820 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
19:23:20.0743 1820 wmiApSrv - ok
19:23:20.0806 1820 WMPNetworkSvc - ok
19:23:20.0830 1820 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
19:23:20.0831 1820 WPCSvc - ok
19:23:20.0868 1820 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
19:23:20.0871 1820 WPDBusEnum - ok
19:23:20.0931 1820 WRkrn (517d7ec4178a49162e6576b143608bd0) C:\windows\system32\drivers\WRkrn.sys
19:23:20.0932 1820 WRkrn - ok
19:23:21.0039 1820 WRSVC (87e02e094ea37680c9dbc394db0de1d7) C:\Program Files\Webroot\WRSA.exe
19:23:21.0043 1820 WRSVC - ok
19:23:21.0065 1820 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
19:23:21.0066 1820 ws2ifsl - ok
19:23:21.0087 1820 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
19:23:21.0089 1820 wscsvc - ok
19:23:21.0091 1820 WSearch - ok
19:23:21.0182 1820 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
19:23:21.0233 1820 wuauserv - ok
19:23:21.0382 1820 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
19:23:21.0384 1820 WudfPf - ok
19:23:21.0401 1820 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
19:23:21.0404 1820 WUDFRd - ok
19:23:21.0420 1820 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
19:23:21.0422 1820 wudfsvc - ok
19:23:21.0442 1820 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
19:23:21.0445 1820 WwanSvc - ok
19:23:21.0538 1820 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:23:21.0541 1820 YahooAUService - ok
19:23:21.0574 1820 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
19:23:21.0718 1820 \Device\Harddisk0\DR0 - ok
19:23:21.0733 1820 Boot (0x1200) (7435fd853944c7870b9c51121f2d5bbd) \Device\Harddisk0\DR0\Partition0
19:23:21.0733 1820 \Device\Harddisk0\DR0\Partition0 - ok
19:23:21.0734 1820 ============================================================
19:23:21.0734 1820 Scan finished
19:23:21.0734 1820 ============================================================
19:23:21.0740 1472 Detected object count: 0
19:23:21.0740 1472 Actual detected object count: 0

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:12 AM

Posted 17 June 2012 - 09:53 PM

Hello, I take it you still redirect.

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?


Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).




Run Tdss agin like this.

  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 lordofarda

lordofarda
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 17 June 2012 - 10:06 PM

Yes we have a router but only this computer redirects and only in firefox now.

Here's the Goored log:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:59 on 17/06/2012 (Owner)
Firefox version 13.0.1 (en-US)

========== GooredScan ==========

Deleting "C:\Users\Owner\Application Data\Mozilla\Firefox\Profiles\aqkznvej.default\extensions\{58bdfbc9-67ac-454e-809f-aca65681f756}" -> Success!
Deleting "C:\Users\Owner\Application Data\Mozilla\Firefox\Profiles\aqkznvej.default\extensions\{7a418d63-9d07-437a-a8d3-8aadb1118d5e}" -> Success!

========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [07:13 22/07/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [00:22 09/05/2011]

C:\Users\Owner\Application Data\Mozilla\Firefox\Profiles\aqkznvej.default\extensions\
{5ddba7d6-b07e-473b-94ba-f2e017045896} [14:00 24/05/2012]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"="C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" [21:24 13/05/2011]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22:24 13/05/2011]

-=E.O.F=-

And here's the TDSSKiller log:


20:01:54.0752 6080 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
20:01:55.0133 6080 ============================================================
20:01:55.0133 6080 Current date / time: 2012/06/17 20:01:55.0133
20:01:55.0133 6080 SystemInfo:
20:01:55.0133 6080
20:01:55.0134 6080 OS Version: 6.1.7601 ServicePack: 1.0
20:01:55.0134 6080 Product type: Workstation
20:01:55.0134 6080 ComputerName: OWNER-PC
20:01:55.0134 6080 UserName: Owner
20:01:55.0134 6080 Windows directory: C:\windows
20:01:55.0134 6080 System windows directory: C:\windows
20:01:55.0134 6080 Running under WOW64
20:01:55.0134 6080 Processor architecture: Intel x64
20:01:55.0134 6080 Number of processors: 4
20:01:55.0134 6080 Page size: 0x1000
20:01:55.0134 6080 Boot type: Normal boot
20:01:55.0134 6080 ============================================================
20:01:55.0730 6080 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:01:55.0742 6080 ============================================================
20:01:55.0743 6080 \Device\Harddisk0\DR0:
20:01:55.0743 6080 MBR partitions:
20:01:55.0743 6080 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48D59800
20:01:55.0743 6080 ============================================================
20:01:55.0782 6080 C: <-> \Device\Harddisk0\DR0\Partition0
20:01:55.0782 6080 ============================================================
20:01:55.0782 6080 Initialize success
20:01:55.0782 6080 ============================================================
20:02:41.0015 3412 ============================================================
20:02:41.0015 3412 Scan started
20:02:41.0015 3412 Mode: Manual; TDLFS;
20:02:41.0015 3412 ============================================================
20:02:41.0848 3412 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
20:02:41.0852 3412 1394ohci - ok
20:02:41.0916 3412 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
20:02:41.0922 3412 ACPI - ok
20:02:41.0967 3412 acpials (12c5274cd87449a2a37a607cdb321922) C:\windows\system32\DRIVERS\acpials.sys
20:02:41.0968 3412 acpials - ok
20:02:42.0003 3412 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
20:02:42.0004 3412 AcpiPmi - ok
20:02:42.0224 3412 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
20:02:42.0244 3412 Ad-Aware Service - ok
20:02:42.0328 3412 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:02:42.0336 3412 adp94xx - ok
20:02:42.0463 3412 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:02:42.0469 3412 adpahci - ok
20:02:42.0520 3412 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:02:42.0524 3412 adpu320 - ok
20:02:42.0584 3412 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
20:02:42.0587 3412 AeLookupSvc - ok
20:02:42.0656 3412 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
20:02:42.0663 3412 AFD - ok
20:02:42.0714 3412 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
20:02:42.0716 3412 agp440 - ok
20:02:42.0761 3412 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
20:02:42.0763 3412 ALG - ok
20:02:42.0810 3412 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
20:02:42.0811 3412 aliide - ok
20:02:42.0846 3412 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
20:02:42.0847 3412 amdide - ok
20:02:42.0879 3412 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:02:42.0881 3412 AmdK8 - ok
20:02:42.0892 3412 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:02:42.0894 3412 AmdPPM - ok
20:02:42.0964 3412 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
20:02:42.0967 3412 amdsata - ok
20:02:43.0009 3412 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:02:43.0012 3412 amdsbs - ok
20:02:43.0039 3412 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
20:02:43.0040 3412 amdxata - ok
20:02:43.0089 3412 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
20:02:43.0090 3412 AppID - ok
20:02:43.0125 3412 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
20:02:43.0127 3412 AppIDSvc - ok
20:02:43.0168 3412 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
20:02:43.0170 3412 Appinfo - ok
20:02:43.0260 3412 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:02:43.0263 3412 Apple Mobile Device - ok
20:02:43.0328 3412 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:02:43.0330 3412 arc - ok
20:02:43.0348 3412 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:02:43.0350 3412 arcsas - ok
20:02:43.0383 3412 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:02:43.0384 3412 AsyncMac - ok
20:02:43.0449 3412 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
20:02:43.0450 3412 atapi - ok
20:02:43.0552 3412 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:02:43.0573 3412 AudioEndpointBuilder - ok
20:02:43.0585 3412 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:02:43.0592 3412 AudioSrv - ok
20:02:43.0652 3412 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
20:02:43.0655 3412 AxInstSV - ok
20:02:43.0764 3412 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:02:43.0772 3412 b06bdrv - ok
20:02:43.0815 3412 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
20:02:43.0819 3412 b57nd60a - ok
20:02:43.0858 3412 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
20:02:43.0861 3412 BDESVC - ok
20:02:43.0885 3412 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:02:43.0886 3412 Beep - ok
20:02:43.0974 3412 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
20:02:43.0985 3412 BFE - ok
20:02:44.0064 3412 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
20:02:44.0079 3412 BITS - ok
20:02:44.0136 3412 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:02:44.0137 3412 blbdrive - ok
20:02:44.0211 3412 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:02:44.0216 3412 Bonjour Service - ok
20:02:44.0251 3412 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
20:02:44.0253 3412 bowser - ok
20:02:44.0293 3412 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\windows\system32\DRIVERS\bpenum.sys
20:02:44.0294 3412 bpenum - ok
20:02:44.0329 3412 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\windows\system32\DRIVERS\bpmp.sys
20:02:44.0332 3412 bpmp - ok
20:02:44.0345 3412 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\windows\system32\Drivers\bpusb.sys
20:02:44.0347 3412 bpusb - ok
20:02:44.0389 3412 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:02:44.0390 3412 BrFiltLo - ok
20:02:44.0404 3412 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:02:44.0405 3412 BrFiltUp - ok
20:02:44.0451 3412 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
20:02:44.0455 3412 Browser - ok
20:02:44.0497 3412 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:02:44.0502 3412 Brserid - ok
20:02:44.0532 3412 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:02:44.0534 3412 BrSerWdm - ok
20:02:44.0544 3412 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:02:44.0545 3412 BrUsbMdm - ok
20:02:44.0565 3412 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:02:44.0566 3412 BrUsbSer - ok
20:02:44.0598 3412 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:02:44.0600 3412 BTHMODEM - ok
20:02:44.0637 3412 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
20:02:44.0639 3412 bthserv - ok
20:02:44.0670 3412 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:02:44.0672 3412 cdfs - ok
20:02:44.0722 3412 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
20:02:44.0725 3412 cdrom - ok
20:02:44.0759 3412 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:02:44.0761 3412 CertPropSvc - ok
20:02:44.0787 3412 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:02:44.0788 3412 circlass - ok
20:02:44.0826 3412 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:02:44.0832 3412 CLFS - ok
20:02:44.0888 3412 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:02:44.0892 3412 clr_optimization_v2.0.50727_32 - ok
20:02:44.0938 3412 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:02:44.0940 3412 clr_optimization_v2.0.50727_64 - ok
20:02:45.0022 3412 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:02:45.0043 3412 clr_optimization_v4.0.30319_32 - ok
20:02:45.0116 3412 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:02:45.0120 3412 clr_optimization_v4.0.30319_64 - ok
20:02:45.0157 3412 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:02:45.0158 3412 CmBatt - ok
20:02:45.0202 3412 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
20:02:45.0204 3412 cmdide - ok
20:02:45.0277 3412 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
20:02:45.0285 3412 CNG - ok
20:02:45.0342 3412 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:02:45.0343 3412 Compbatt - ok
20:02:45.0366 3412 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
20:02:45.0368 3412 CompositeBus - ok
20:02:45.0383 3412 COMSysApp - ok
20:02:45.0409 3412 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:02:45.0410 3412 crcdisk - ok
20:02:45.0464 3412 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
20:02:45.0468 3412 CryptSvc - ok
20:02:45.0546 3412 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:02:45.0554 3412 DcomLaunch - ok
20:02:45.0614 3412 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
20:02:45.0619 3412 defragsvc - ok
20:02:45.0660 3412 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
20:02:45.0662 3412 DfsC - ok
20:02:45.0702 3412 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
20:02:45.0707 3412 Dhcp - ok
20:02:45.0740 3412 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:02:45.0741 3412 discache - ok
20:02:45.0782 3412 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:02:45.0783 3412 Disk - ok
20:02:45.0863 3412 DMAgent (c4aebbeb530706b45b7916161a1f525d) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
20:02:45.0870 3412 DMAgent - ok
20:02:45.0909 3412 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
20:02:45.0913 3412 Dnscache - ok
20:02:45.0947 3412 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
20:02:45.0953 3412 dot3svc - ok
20:02:45.0999 3412 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
20:02:46.0002 3412 Dot4 - ok
20:02:46.0021 3412 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
20:02:46.0022 3412 Dot4Print - ok
20:02:46.0040 3412 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
20:02:46.0042 3412 dot4usb - ok
20:02:46.0085 3412 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
20:02:46.0088 3412 DPS - ok
20:02:46.0129 3412 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:02:46.0130 3412 drmkaud - ok
20:02:46.0213 3412 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
20:02:46.0223 3412 DXGKrnl - ok
20:02:46.0260 3412 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
20:02:46.0263 3412 EapHost - ok
20:02:46.0466 3412 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:02:46.0554 3412 ebdrv - ok
20:02:46.0680 3412 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
20:02:46.0682 3412 EFS - ok
20:02:46.0765 3412 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
20:02:46.0776 3412 ehRecvr - ok
20:02:46.0814 3412 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
20:02:46.0817 3412 ehSched - ok
20:02:46.0907 3412 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:02:46.0916 3412 elxstor - ok
20:02:46.0944 3412 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
20:02:46.0945 3412 ErrDev - ok
20:02:47.0012 3412 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
20:02:47.0020 3412 EventSystem - ok
20:02:47.0174 3412 EvtEng (bdfcb7e8c108d042b213957d2b044e7e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:02:47.0198 3412 EvtEng - ok
20:02:47.0325 3412 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:02:47.0329 3412 exfat - ok
20:02:47.0361 3412 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:02:47.0364 3412 fastfat - ok
20:02:47.0433 3412 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
20:02:47.0445 3412 Fax - ok
20:02:47.0491 3412 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:02:47.0493 3412 fdc - ok
20:02:47.0527 3412 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
20:02:47.0529 3412 fdPHost - ok
20:02:47.0542 3412 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
20:02:47.0544 3412 FDResPub - ok
20:02:47.0569 3412 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:02:47.0570 3412 FileInfo - ok
20:02:47.0602 3412 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:02:47.0603 3412 Filetrace - ok
20:02:47.0630 3412 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:02:47.0631 3412 flpydisk - ok
20:02:47.0667 3412 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
20:02:47.0671 3412 FltMgr - ok
20:02:47.0762 3412 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
20:02:47.0781 3412 FontCache - ok
20:02:47.0845 3412 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:02:47.0847 3412 FontCache3.0.0.0 - ok
20:02:47.0889 3412 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:02:47.0890 3412 FsDepends - ok
20:02:47.0931 3412 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
20:02:47.0932 3412 Fs_Rec - ok
20:02:47.0985 3412 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
20:02:47.0988 3412 fvevol - ok
20:02:48.0024 3412 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:02:48.0026 3412 gagp30kx - ok
20:02:48.0065 3412 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:02:48.0065 3412 GEARAspiWDM - ok
20:02:48.0128 3412 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
20:02:48.0141 3412 gpsvc - ok
20:02:48.0189 3412 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:02:48.0191 3412 hcw85cir - ok
20:02:48.0256 3412 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
20:02:48.0262 3412 HdAudAddService - ok
20:02:48.0312 3412 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
20:02:48.0314 3412 HDAudBus - ok
20:02:48.0353 3412 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
20:02:48.0354 3412 HECIx64 - ok
20:02:48.0374 3412 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:02:48.0375 3412 HidBatt - ok
20:02:48.0392 3412 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:02:48.0394 3412 HidBth - ok
20:02:48.0433 3412 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:02:48.0435 3412 HidIr - ok
20:02:48.0472 3412 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
20:02:48.0474 3412 hidserv - ok
20:02:48.0517 3412 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
20:02:48.0518 3412 HidUsb - ok
20:02:48.0546 3412 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
20:02:48.0549 3412 hkmsvc - ok
20:02:48.0591 3412 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
20:02:48.0597 3412 HomeGroupListener - ok
20:02:48.0628 3412 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
20:02:48.0633 3412 HomeGroupProvider - ok
20:02:48.0752 3412 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:02:48.0756 3412 hpqcxs08 - ok
20:02:48.0794 3412 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:02:48.0807 3412 hpqddsvc - ok
20:02:48.0845 3412 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
20:02:48.0847 3412 HpSAMD - ok
20:02:48.0922 3412 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:02:48.0938 3412 HPSLPSVC - ok
20:02:49.0024 3412 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
20:02:49.0037 3412 HTTP - ok
20:02:49.0053 3412 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
20:02:49.0053 3412 hwpolicy - ok
20:02:49.0093 3412 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
20:02:49.0095 3412 i8042prt - ok
20:02:49.0158 3412 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
20:02:49.0162 3412 iaStor - ok
20:02:49.0220 3412 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
20:02:49.0227 3412 iaStorV - ok
20:02:49.0326 3412 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:02:49.0340 3412 idsvc - ok
20:02:49.0943 3412 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys
20:02:50.0176 3412 igfx - ok
20:02:50.0298 3412 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:02:50.0300 3412 iirsp - ok
20:02:50.0373 3412 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
20:02:50.0387 3412 IKEEXT - ok
20:02:50.0431 3412 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
20:02:50.0434 3412 Impcd - ok
20:02:50.0601 3412 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
20:02:50.0624 3412 IntcAzAudAddService - ok
20:02:50.0777 3412 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys
20:02:50.0783 3412 IntcDAud - ok
20:02:50.0832 3412 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
20:02:50.0834 3412 intelide - ok
20:02:50.0870 3412 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:02:50.0871 3412 intelppm - ok
20:02:50.0910 3412 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
20:02:50.0913 3412 IPBusEnum - ok
20:02:50.0950 3412 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:02:50.0952 3412 IpFilterDriver - ok
20:02:51.0007 3412 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
20:02:51.0015 3412 iphlpsvc - ok
20:02:51.0047 3412 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
20:02:51.0049 3412 IPMIDRV - ok
20:02:51.0081 3412 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:02:51.0083 3412 IPNAT - ok
20:02:51.0177 3412 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
20:02:51.0189 3412 iPod Service - ok
20:02:51.0223 3412 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:02:51.0224 3412 IRENUM - ok
20:02:51.0254 3412 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
20:02:51.0255 3412 isapnp - ok
20:02:51.0290 3412 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
20:02:51.0295 3412 iScsiPrt - ok
20:02:51.0347 3412 JMCR (19496fe93696c929392f1595ed1f8bb3) C:\windows\system32\DRIVERS\jmcr.sys
20:02:51.0348 3412 JMCR - ok
20:02:51.0393 3412 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
20:02:51.0394 3412 kbdclass - ok
20:02:51.0428 3412 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
20:02:51.0429 3412 kbdhid - ok
20:02:51.0469 3412 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:02:51.0471 3412 KeyIso - ok
20:02:51.0493 3412 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
20:02:51.0495 3412 KSecDD - ok
20:02:51.0519 3412 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
20:02:51.0521 3412 KSecPkg - ok
20:02:51.0551 3412 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:02:51.0552 3412 ksthunk - ok
20:02:51.0611 3412 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
20:02:51.0619 3412 KtmRm - ok
20:02:51.0673 3412 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
20:02:51.0678 3412 LanmanServer - ok
20:02:51.0707 3412 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
20:02:51.0711 3412 LanmanWorkstation - ok
20:02:51.0753 3412 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:02:51.0755 3412 lltdio - ok
20:02:51.0799 3412 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
20:02:51.0805 3412 lltdsvc - ok
20:02:51.0828 3412 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
20:02:51.0830 3412 lmhosts - ok
20:02:51.0930 3412 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:02:51.0933 3412 LMS - ok
20:02:51.0975 3412 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
20:02:51.0976 3412 LPCFilter - ok
20:02:52.0019 3412 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:02:52.0021 3412 LSI_FC - ok
20:02:52.0038 3412 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:02:52.0040 3412 LSI_SAS - ok
20:02:52.0077 3412 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:02:52.0079 3412 LSI_SAS2 - ok
20:02:52.0101 3412 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:02:52.0103 3412 LSI_SCSI - ok
20:02:52.0122 3412 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:02:52.0125 3412 luafv - ok
20:02:52.0160 3412 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
20:02:52.0162 3412 Mcx2Svc - ok
20:02:52.0195 3412 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:02:52.0197 3412 megasas - ok
20:02:52.0222 3412 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:02:52.0226 3412 MegaSR - ok
20:02:52.0253 3412 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:02:52.0255 3412 MMCSS - ok
20:02:52.0282 3412 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:02:52.0283 3412 Modem - ok
20:02:52.0312 3412 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:02:52.0313 3412 monitor - ok
20:02:52.0345 3412 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
20:02:52.0347 3412 mouclass - ok
20:02:52.0389 3412 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:02:52.0391 3412 mouhid - ok
20:02:52.0435 3412 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
20:02:52.0436 3412 mountmgr - ok
20:02:52.0552 3412 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:02:52.0555 3412 MozillaMaintenance - ok
20:02:52.0586 3412 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
20:02:52.0590 3412 mpio - ok
20:02:52.0627 3412 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:02:52.0629 3412 mpsdrv - ok
20:02:52.0697 3412 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
20:02:52.0713 3412 MpsSvc - ok
20:02:52.0732 3412 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
20:02:52.0735 3412 MRxDAV - ok
20:02:52.0772 3412 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
20:02:52.0774 3412 mrxsmb - ok
20:02:52.0811 3412 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:02:52.0815 3412 mrxsmb10 - ok
20:02:52.0826 3412 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:02:52.0828 3412 mrxsmb20 - ok
20:02:52.0850 3412 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
20:02:52.0851 3412 msahci - ok
20:02:52.0891 3412 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
20:02:52.0894 3412 msdsm - ok
20:02:52.0929 3412 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
20:02:52.0933 3412 MSDTC - ok
20:02:52.0975 3412 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:02:52.0977 3412 Msfs - ok
20:02:52.0986 3412 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:02:52.0987 3412 mshidkmdf - ok
20:02:52.0997 3412 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
20:02:52.0998 3412 msisadrv - ok
20:02:53.0041 3412 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
20:02:53.0044 3412 MSiSCSI - ok
20:02:53.0048 3412 msiserver - ok
20:02:53.0072 3412 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:02:53.0074 3412 MSKSSRV - ok
20:02:53.0083 3412 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:02:53.0084 3412 MSPCLOCK - ok
20:02:53.0092 3412 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:02:53.0094 3412 MSPQM - ok
20:02:53.0142 3412 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
20:02:53.0147 3412 MsRPC - ok
20:02:53.0175 3412 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
20:02:53.0176 3412 mssmbios - ok
20:02:53.0202 3412 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:02:53.0203 3412 MSTEE - ok
20:02:53.0214 3412 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:02:53.0216 3412 MTConfig - ok
20:02:53.0238 3412 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:02:53.0239 3412 Mup - ok
20:02:53.0340 3412 MyWiFiDHCPDNS (93cd1c4ecb8658a35e5e6eba02d43e4f) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:02:53.0347 3412 MyWiFiDHCPDNS - ok
20:02:53.0407 3412 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
20:02:53.0417 3412 napagent - ok
20:02:53.0483 3412 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:02:53.0489 3412 NativeWifiP - ok
20:02:53.0577 3412 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
20:02:53.0592 3412 NDIS - ok
20:02:53.0636 3412 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:02:53.0637 3412 NdisCap - ok
20:02:53.0652 3412 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:02:53.0653 3412 NdisTapi - ok
20:02:53.0692 3412 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
20:02:53.0694 3412 Ndisuio - ok
20:02:53.0719 3412 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
20:02:53.0721 3412 NdisWan - ok
20:02:53.0764 3412 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
20:02:53.0765 3412 NDProxy - ok
20:02:53.0817 3412 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
20:02:53.0819 3412 Net Driver HPZ12 - ok
20:02:53.0860 3412 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:02:53.0861 3412 NetBIOS - ok
20:02:53.0898 3412 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
20:02:53.0902 3412 NetBT - ok
20:02:53.0947 3412 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:02:53.0949 3412 Netlogon - ok
20:02:53.0992 3412 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
20:02:53.0999 3412 Netman - ok
20:02:54.0026 3412 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
20:02:54.0034 3412 netprofm - ok
20:02:54.0086 3412 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:02:54.0090 3412 NetTcpPortSharing - ok
20:02:54.0576 3412 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\windows\system32\DRIVERS\NETwNs64.sys
20:02:54.0721 3412 NETwNs64 - ok
20:02:54.0851 3412 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:02:54.0853 3412 nfrd960 - ok
20:02:54.0911 3412 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
20:02:54.0917 3412 NlaSvc - ok
20:02:54.0951 3412 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:02:54.0953 3412 Npfs - ok
20:02:54.0979 3412 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
20:02:54.0981 3412 nsi - ok
20:02:54.0992 3412 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:02:54.0993 3412 nsiproxy - ok
20:02:55.0115 3412 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
20:02:55.0138 3412 Ntfs - ok
20:02:55.0245 3412 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:02:55.0247 3412 Null - ok
20:02:55.0288 3412 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
20:02:55.0291 3412 nvraid - ok
20:02:55.0326 3412 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
20:02:55.0329 3412 nvstor - ok
20:02:55.0363 3412 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
20:02:55.0366 3412 nv_agp - ok
20:02:55.0394 3412 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
20:02:55.0396 3412 ohci1394 - ok
20:02:55.0443 3412 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:02:55.0449 3412 p2pimsvc - ok
20:02:55.0487 3412 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
20:02:55.0496 3412 p2psvc - ok
20:02:55.0524 3412 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:02:55.0526 3412 Parport - ok
20:02:55.0566 3412 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
20:02:55.0568 3412 partmgr - ok
20:02:55.0649 3412 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
20:02:55.0669 3412 PcaSvc - ok
20:02:55.0710 3412 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
20:02:55.0713 3412 pci - ok
20:02:55.0734 3412 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
20:02:55.0735 3412 pciide - ok
20:02:55.0779 3412 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:02:55.0783 3412 pcmcia - ok
20:02:55.0799 3412 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:02:55.0800 3412 pcw - ok
20:02:55.0847 3412 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:02:55.0858 3412 PEAUTH - ok
20:02:55.0932 3412 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
20:02:55.0935 3412 PerfHost - ok
20:02:55.0981 3412 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
20:02:55.0983 3412 PGEffect - ok
20:02:56.0083 3412 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
20:02:56.0107 3412 pla - ok
20:02:56.0166 3412 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
20:02:56.0173 3412 PlugPlay - ok
20:02:56.0225 3412 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
20:02:56.0228 3412 Pml Driver HPZ12 - ok
20:02:56.0252 3412 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
20:02:56.0254 3412 PNRPAutoReg - ok
20:02:56.0288 3412 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:02:56.0292 3412 PNRPsvc - ok
20:02:56.0338 3412 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
20:02:56.0347 3412 PolicyAgent - ok
20:02:56.0379 3412 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
20:02:56.0383 3412 Power - ok
20:02:56.0441 3412 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
20:02:56.0444 3412 PptpMiniport - ok
20:02:56.0468 3412 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:02:56.0471 3412 Processor - ok
20:02:56.0509 3412 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
20:02:56.0514 3412 ProfSvc - ok
20:02:56.0547 3412 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:02:56.0549 3412 ProtectedStorage - ok
20:02:56.0598 3412 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
20:02:56.0601 3412 Psched - ok
20:02:56.0639 3412 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys
20:02:56.0640 3412 PxHlpa64 - ok
20:02:56.0750 3412 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:02:56.0775 3412 ql2300 - ok
20:02:56.0900 3412 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:02:56.0903 3412 ql40xx - ok
20:02:56.0949 3412 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
20:02:56.0955 3412 QWAVE - ok
20:02:56.0969 3412 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:02:56.0970 3412 QWAVEdrv - ok
20:02:57.0000 3412 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:02:57.0002 3412 RasAcd - ok
20:02:57.0038 3412 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:02:57.0040 3412 RasAgileVpn - ok
20:02:57.0077 3412 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
20:02:57.0080 3412 RasAuto - ok
20:02:57.0117 3412 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
20:02:57.0119 3412 Rasl2tp - ok
20:02:57.0150 3412 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
20:02:57.0156 3412 RasMan - ok
20:02:57.0181 3412 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:02:57.0183 3412 RasPppoe - ok
20:02:57.0196 3412 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:02:57.0198 3412 RasSstp - ok
20:02:57.0231 3412 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
20:02:57.0235 3412 rdbss - ok
20:02:57.0267 3412 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:02:57.0268 3412 rdpbus - ok
20:02:57.0300 3412 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:02:57.0301 3412 RDPCDD - ok
20:02:57.0315 3412 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:02:57.0316 3412 RDPENCDD - ok
20:02:57.0330 3412 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:02:57.0331 3412 RDPREFMP - ok
20:02:57.0374 3412 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
20:02:57.0378 3412 RDPWD - ok
20:02:57.0429 3412 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
20:02:57.0432 3412 rdyboost - ok
20:02:57.0553 3412 RegSrvc (a6baea839cc888d4961ab5fe16bb8c4a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:02:57.0562 3412 RegSrvc - ok
20:02:57.0600 3412 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
20:02:57.0602 3412 RemoteAccess - ok
20:02:57.0624 3412 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
20:02:57.0627 3412 RemoteRegistry - ok
20:02:57.0647 3412 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
20:02:57.0649 3412 RpcEptMapper - ok
20:02:57.0675 3412 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
20:02:57.0677 3412 RpcLocator - ok
20:02:57.0732 3412 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:02:57.0738 3412 RpcSs - ok
20:02:57.0797 3412 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:02:57.0799 3412 rspndr - ok
20:02:57.0859 3412 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\windows\system32\DRIVERS\Rt64win7.sys
20:02:57.0862 3412 RTL8167 - ok
20:02:57.0892 3412 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:02:57.0893 3412 SamSs - ok
20:02:58.0146 3412 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
20:02:58.0219 3412 SBAMSvc - ok
20:02:58.0355 3412 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\windows\system32\DRIVERS\sbapifs.sys
20:02:58.0357 3412 sbapifs - ok
20:02:58.0415 3412 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\windows\system32\drivers\SbFw.sys
20:02:58.0418 3412 SbFw - ok
20:02:58.0461 3412 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\sbfwim.sys
20:02:58.0462 3412 SBFWIMCL - ok
20:02:58.0496 3412 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\SBFWIM.sys
20:02:58.0497 3412 SBFWIMCLMP - ok
20:02:58.0538 3412 sbhips (b671eef468d13016b9286f5835a06ae1) C:\windows\system32\drivers\sbhips.sys
20:02:58.0539 3412 sbhips - ok
20:02:58.0566 3412 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
20:02:58.0568 3412 sbp2port - ok
20:02:58.0611 3412 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\windows\system32\drivers\SBREdrv.sys
20:02:58.0613 3412 SBRE - ok
20:02:58.0666 3412 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\windows\system32\DRIVERS\sbwtis.sys
20:02:58.0667 3412 sbwtis - ok
20:02:58.0699 3412 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
20:02:58.0705 3412 SCardSvr - ok
20:02:58.0752 3412 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\windows\system32\drivers\SCDEmu.sys
20:02:58.0753 3412 SCDEmu - ok
20:02:58.0779 3412 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
20:02:58.0781 3412 scfilter - ok
20:02:58.0868 3412 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
20:02:58.0889 3412 Schedule - ok
20:02:58.0915 3412 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:02:58.0916 3412 SCPolicySvc - ok
20:02:58.0959 3412 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
20:02:58.0961 3412 sdbus - ok
20:02:58.0992 3412 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
20:02:58.0996 3412 SDRSVC - ok
20:02:59.0035 3412 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:02:59.0037 3412 secdrv - ok
20:02:59.0046 3412 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
20:02:59.0049 3412 seclogon - ok
20:02:59.0075 3412 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
20:02:59.0078 3412 SENS - ok
20:02:59.0094 3412 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
20:02:59.0097 3412 SensrSvc - ok
20:02:59.0133 3412 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:02:59.0134 3412 Serenum - ok
20:02:59.0162 3412 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:02:59.0164 3412 Serial - ok
20:02:59.0205 3412 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:02:59.0206 3412 sermouse - ok
20:02:59.0254 3412 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
20:02:59.0257 3412 SessionEnv - ok
20:02:59.0275 3412 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
20:02:59.0277 3412 sffdisk - ok
20:02:59.0302 3412 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
20:02:59.0304 3412 sffp_mmc - ok
20:02:59.0317 3412 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
20:02:59.0318 3412 sffp_sd - ok
20:02:59.0341 3412 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:02:59.0343 3412 sfloppy - ok
20:02:59.0400 3412 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
20:02:59.0409 3412 SharedAccess - ok
20:02:59.0454 3412 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
20:02:59.0462 3412 ShellHWDetection - ok
20:02:59.0498 3412 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:02:59.0500 3412 SiSRaid2 - ok
20:02:59.0514 3412 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:02:59.0516 3412 SiSRaid4 - ok
20:02:59.0547 3412 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:02:59.0549 3412 Smb - ok
20:02:59.0582 3412 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
20:02:59.0584 3412 SNMPTRAP - ok
20:02:59.0603 3412 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:02:59.0603 3412 spldr - ok
20:02:59.0667 3412 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
20:02:59.0678 3412 Spooler - ok
20:02:59.0889 3412 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
20:02:59.0966 3412 sppsvc - ok
20:03:00.0078 3412 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
20:03:00.0082 3412 sppuinotify - ok
20:03:00.0155 3412 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
20:03:00.0162 3412 srv - ok
20:03:00.0204 3412 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
20:03:00.0211 3412 srv2 - ok
20:03:00.0234 3412 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
20:03:00.0236 3412 srvnet - ok
20:03:00.0276 3412 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
20:03:00.0281 3412 SSDPSRV - ok
20:03:00.0334 3412 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
20:03:00.0337 3412 SstpSvc - ok
20:03:00.0374 3412 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:03:00.0376 3412 stexstor - ok
20:03:00.0450 3412 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
20:03:00.0461 3412 stisvc - ok
20:03:00.0488 3412 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
20:03:00.0489 3412 swenum - ok
20:03:00.0629 3412 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:03:00.0638 3412 SwitchBoard - ok
20:03:00.0691 3412 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
20:03:00.0701 3412 swprv - ok
20:03:00.0756 3412 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
20:03:00.0759 3412 SynTP - ok
20:03:00.0881 3412 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
20:03:00.0910 3412 SysMain - ok
20:03:01.0021 3412 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
20:03:01.0026 3412 TabletInputService - ok
20:03:01.0066 3412 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
20:03:01.0074 3412 TapiSrv - ok
20:03:01.0099 3412 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
20:03:01.0101 3412 TBS - ok
20:03:01.0263 3412 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
20:03:01.0287 3412 Tcpip - ok
20:03:01.0513 3412 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
20:03:01.0523 3412 TCPIP6 - ok
20:03:01.0656 3412 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
20:03:01.0657 3412 tcpipreg - ok
20:03:01.0706 3412 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
20:03:01.0707 3412 tdcmdpst - ok
20:03:01.0739 3412 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:03:01.0740 3412 TDPIPE - ok
20:03:01.0774 3412 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
20:03:01.0775 3412 TDTCP - ok
20:03:01.0813 3412 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
20:03:01.0815 3412 tdx - ok
20:03:01.0850 3412 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
20:03:01.0851 3412 TermDD - ok
20:03:01.0910 3412 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
20:03:01.0922 3412 TermService - ok
20:03:01.0953 3412 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
20:03:01.0956 3412 Themes - ok
20:03:01.0981 3412 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
20:03:01.0982 3412 Thpdrv - ok
20:03:02.0018 3412 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
20:03:02.0019 3412 Thpevm - ok
20:03:02.0077 3412 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\windows\system32\ThpSrv.exe
20:03:02.0085 3412 Thpsrv - ok
20:03:02.0108 3412 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:03:02.0110 3412 THREADORDER - ok
20:03:02.0188 3412 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:03:02.0191 3412 TMachInfo - ok
20:03:02.0237 3412 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
20:03:02.0241 3412 TODDSrv - ok
20:03:02.0329 3412 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:03:02.0337 3412 TosCoSrv - ok
20:03:02.0415 3412 TOSHIBA eco Utility Service (152da63a2843e7e63eca8ae90d853763) C:\Program Files\TOSHIBA\TECO\TecoService.exe
20:03:02.0419 3412 TOSHIBA eco Utility Service - ok
20:03:02.0479 3412 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:03:02.0483 3412 TOSHIBA HDD SSD Alert Service - ok
20:03:02.0556 3412 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
20:03:02.0563 3412 tos_sps64 - ok
20:03:02.0643 3412 TPCHSrv (6f9e17819bfa53cff67cb1e16669500f) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
20:03:02.0658 3412 TPCHSrv - ok
20:03:02.0766 3412 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
20:03:02.0771 3412 TrkWks - ok
20:03:02.0823 3412 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
20:03:02.0827 3412 TrustedInstaller - ok
20:03:02.0876 3412 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
20:03:02.0878 3412 tssecsrv - ok
20:03:02.0909 3412 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
20:03:02.0911 3412 TsUsbFlt - ok
20:03:02.0962 3412 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
20:03:02.0964 3412 tunnel - ok
20:03:02.0994 3412 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:03:02.0995 3412 TVALZ - ok
20:03:03.0036 3412 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
20:03:03.0037 3412 TVALZFL - ok
20:03:03.0076 3412 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:03:03.0078 3412 uagp35 - ok
20:03:03.0121 3412 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
20:03:03.0126 3412 udfs - ok
20:03:03.0168 3412 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
20:03:03.0171 3412 UI0Detect - ok
20:03:03.0204 3412 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
20:03:03.0206 3412 uliagpkx - ok
20:03:03.0242 3412 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
20:03:03.0244 3412 umbus - ok
20:03:03.0271 3412 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:03:03.0273 3412 UmPass - ok
20:03:03.0492 3412 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:03:03.0519 3412 UNS - ok
20:03:03.0675 3412 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
20:03:03.0684 3412 upnphost - ok
20:03:03.0746 3412 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
20:03:03.0748 3412 USBAAPL64 - ok
20:03:03.0783 3412 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
20:03:03.0785 3412 usbccgp - ok
20:03:03.0819 3412 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
20:03:03.0821 3412 usbcir - ok
20:03:03.0847 3412 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
20:03:03.0848 3412 usbehci - ok
20:03:03.0892 3412 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
20:03:03.0898 3412 usbhub - ok
20:03:03.0917 3412 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
20:03:03.0919 3412 usbohci - ok
20:03:03.0960 3412 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:03:03.0961 3412 usbprint - ok
20:03:04.0007 3412 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
20:03:04.0009 3412 usbscan - ok
20:03:04.0040 3412 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:03:04.0042 3412 USBSTOR - ok
20:03:04.0062 3412 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
20:03:04.0066 3412 usbuhci - ok
20:03:04.0107 3412 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
20:03:04.0110 3412 usbvideo - ok
20:03:04.0132 3412 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
20:03:04.0135 3412 UxSms - ok
20:03:04.0169 3412 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:03:04.0171 3412 VaultSvc - ok
20:03:04.0209 3412 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
20:03:04.0210 3412 vdrvroot - ok
20:03:04.0260 3412 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
20:03:04.0269 3412 vds - ok
20:03:04.0300 3412 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:03:04.0301 3412 vga - ok
20:03:04.0325 3412 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:03:04.0326 3412 VgaSave - ok
20:03:04.0365 3412 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
20:03:04.0369 3412 vhdmp - ok
20:03:04.0395 3412 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
20:03:04.0397 3412 viaide - ok
20:03:04.0423 3412 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
20:03:04.0425 3412 volmgr - ok
20:03:04.0467 3412 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
20:03:04.0472 3412 volmgrx - ok
20:03:04.0516 3412 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
20:03:04.0520 3412 volsnap - ok
20:03:04.0572 3412 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:03:04.0575 3412 vsmraid - ok
20:03:04.0695 3412 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
20:03:04.0723 3412 VSS - ok
20:03:04.0831 3412 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
20:03:04.0833 3412 vwifibus - ok
20:03:04.0849 3412 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
20:03:04.0851 3412 vwififlt - ok
20:03:04.0882 3412 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
20:03:04.0884 3412 vwifimp - ok
20:03:04.0935 3412 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
20:03:04.0943 3412 W32Time - ok
20:03:04.0970 3412 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:03:04.0971 3412 WacomPen - ok
20:03:05.0009 3412 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:03:05.0011 3412 WANARP - ok
20:03:05.0016 3412 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:03:05.0017 3412 Wanarpv6 - ok
20:03:05.0128 3412 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
20:03:05.0146 3412 WatAdminSvc - ok
20:03:05.0250 3412 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
20:03:05.0272 3412 wbengine - ok
20:03:05.0382 3412 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
20:03:05.0389 3412 WbioSrvc - ok
20:03:05.0437 3412 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
20:03:05.0446 3412 wcncsvc - ok
20:03:05.0466 3412 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
20:03:05.0471 3412 WcsPlugInService - ok
20:03:05.0524 3412 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:03:05.0526 3412 Wd - ok
20:03:05.0581 3412 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:03:05.0591 3412 Wdf01000 - ok
20:03:05.0617 3412 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:03:05.0622 3412 WdiServiceHost - ok
20:03:05.0627 3412 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:03:05.0631 3412 WdiSystemHost - ok
20:03:05.0662 3412 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\windows\system32\DRIVERS\WDKMD.sys
20:03:05.0662 3412 wdkmd - ok
20:03:05.0698 3412 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
20:03:05.0703 3412 WebClient - ok
20:03:05.0755 3412 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
20:03:05.0760 3412 Wecsvc - ok
20:03:05.0772 3412 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
20:03:05.0774 3412 wercplsupport - ok
20:03:05.0816 3412 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
20:03:05.0819 3412 WerSvc - ok
20:03:05.0843 3412 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:03:05.0844 3412 WfpLwf - ok
20:03:05.0974 3412 WiMAXAppSrv (f3c522691316a24328a7b58b0a86028d) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
20:03:05.0989 3412 WiMAXAppSrv - ok
20:03:06.0013 3412 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:03:06.0015 3412 WIMMount - ok
20:03:06.0041 3412 WinDefend - ok
20:03:06.0050 3412 WinHttpAutoProxySvc - ok
20:03:06.0118 3412 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
20:03:06.0122 3412 Winmgmt - ok
20:03:06.0262 3412 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
20:03:06.0290 3412 WinRM - ok
20:03:06.0428 3412 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
20:03:06.0430 3412 WinUsb - ok
20:03:06.0500 3412 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
20:03:06.0515 3412 Wlansvc - ok
20:03:06.0586 3412 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:03:06.0588 3412 wlcrasvc - ok
20:03:06.0756 3412 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:03:06.0782 3412 wlidsvc - ok
20:03:06.0901 3412 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
20:03:06.0902 3412 WmiAcpi - ok
20:03:06.0972 3412 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
20:03:06.0976 3412 wmiApSrv - ok
20:03:07.0035 3412 WMPNetworkSvc - ok
20:03:07.0067 3412 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
20:03:07.0070 3412 WPCSvc - ok
20:03:07.0098 3412 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
20:03:07.0102 3412 WPDBusEnum - ok
20:03:07.0193 3412 WRkrn (517d7ec4178a49162e6576b143608bd0) C:\windows\system32\drivers\WRkrn.sys
20:03:07.0196 3412 WRkrn - ok
20:03:07.0347 3412 WRSVC (87e02e094ea37680c9dbc394db0de1d7) C:\Program Files\Webroot\WRSA.exe
20:03:07.0354 3412 WRSVC - ok
20:03:07.0380 3412 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:03:07.0382 3412 ws2ifsl - ok
20:03:07.0414 3412 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
20:03:07.0417 3412 wscsvc - ok
20:03:07.0421 3412 WSearch - ok
20:03:07.0570 3412 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
20:03:07.0595 3412 wuauserv - ok
20:03:07.0723 3412 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
20:03:07.0725 3412 WudfPf - ok
20:03:07.0753 3412 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
20:03:07.0757 3412 WUDFRd - ok
20:03:07.0781 3412 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
20:03:07.0784 3412 wudfsvc - ok
20:03:07.0813 3412 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
20:03:07.0817 3412 WwanSvc - ok
20:03:07.0913 3412 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:03:07.0919 3412 YahooAUService - ok
20:03:07.0966 3412 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
20:03:09.0030 3412 \Device\Harddisk0\DR0 - ok
20:03:09.0059 3412 Boot (0x1200) (7435fd853944c7870b9c51121f2d5bbd) \Device\Harddisk0\DR0\Partition0
20:03:09.0061 3412 \Device\Harddisk0\DR0\Partition0 - ok
20:03:09.0062 3412 ============================================================
20:03:09.0062 3412 Scan finished
20:03:09.0062 3412 ============================================================
20:03:09.0080 5796 Detected object count: 0
20:03:09.0080 5796 Actual detected object count: 0

#6 lordofarda

lordofarda
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 17 June 2012 - 10:11 PM

Oh, after I posted those logs I'm not seeing it redirect anymore. It may be licked unless you see anything in the logs. If not, Thanks a bunch!!

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:12 AM

Posted 17 June 2012 - 10:22 PM

OK, this looks like it.

Deleting "C:\Users\Owner\Application Data\Mozilla\Firefox\Profiles\aqkznvej.default\extensions\{58bdfbc9-67ac-454e-809f-aca65681f756}" -> Success!
Deleting "C:\Users\Owner\Application Data\Mozilla\Firefox\Profiles\aqkznvej.default\extensions\{7a418d63-9d07-437a-a8d3-8aadb1118d5e}" -> Success


If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users