Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with Maleware removal.


  • This topic is locked This topic is locked
13 replies to this topic

#1 Nikodemos

Nikodemos

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 21 August 2012 - 05:33 AM

I'm having a problem with my laptop. Specifically anytime I do an internet search for microsoft.com or any related page I recieve a 404. This is also the case anytime I search for any reputable virus protection. Whatever has infested me, has entirely disabled my Windows Security Essentials and will not allow the install of AVG. In addition to browser related issues, I am experiencing what appear to be radio brodcasts or advertisements via audio, though no browser page or anything of the like is open. I've run kaspersky Tdsskiller and it discovered a Pilar rootkit but aside from the steps taken by the program I am not sure how to follow up on this. I do not believe it to be the extent of the problem anyhow. Finally, I attempted to check my Hosts file to see if it had been altered to block the above listed websites but when I opened notepad as an administrator it merely comes up blank. Might be more going on in the background aside from what I've mentioned but I'm no expert. Thus, my log file is displayed below. Thanks for making this service available, I'll be following this thread so feel free to request any additional information.





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:12:47 AM, on 8/21/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.conquestofthehorde.com/private.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://http://www.yahoo.com/?ilc=8.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://http://www.yahoo.com/?ilc=8.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Bill says MONEY
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Yfqysuaqg] C:\Users\Dylan\AppData\Roaming\Temiu\muivu.exe
O4 - HKUS\S-1-5-18\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52921110-BBC3-440D-A20A-B6FB75589B0C}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{52921110-BBC3-440D-A20A-B6FB75589B0C}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{52921110-BBC3-440D-A20A-B6FB75589B0C}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PTUML290 Connection Manager Service (ptumlcmsvc) - DEVGURU Co., LTD - C:\windows\system32\ptumlcmsvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 22 August 2012 - 10:38 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 25 August 2012 - 05:43 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 Nikodemos

Nikodemos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 27 August 2012 - 07:28 AM

Sorry I work like a dog and just got home. I'll inact your advice now and reply as soon as I am finished. Thank you for being patient with me.

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 27 August 2012 - 07:58 AM

OK no problem and I will check on you later


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 Nikodemos

Nikodemos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 27 August 2012 - 09:42 AM

Okay I have completed the above mentioned steps and have included the reports from security check and dds below. I was instructed in the dds prompt to attack the attach.txt as well, so I've done that as well.


Security Check log:

Results of screen317's Security Check version 0.99.46
Windows 7 x86 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
(On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
AVG PC Tuneup 2011 10.0.0.24
CCleaner
Java™ 6 Update 26
Java version out of Date!
Adobe Flash Player 11.3.300.271
Adobe Reader X 10.1.3 Adobe Reader out of Date!
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Stunna at 10:33:14 on 2012-08-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1984 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\ptumlcmsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.conquestofthehorde.com/private.php
uWindow Title = Bill says MONEY
uSearch Bar =
mDefault_Page_URL = hxxp://http://www.yahoo.com/?ilc=8.yahoo.com
mStart Page = hxxp://http://www.yahoo.com/?ilc=8.yahoo.com
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Yfqysuaqg] c:\users\dylan\appdata\roaming\temiu\muivu.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.123.254
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C} : DhcpNameServer = 192.168.123.254
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\038364850323034333635393 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\038364850323034333635393 : DhcpNameServer = 192.168.200.1 192.168.200.1
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\130364850333037333238353 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\130364850333037333238353 : DhcpNameServer = 192.168.200.1
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 74.128.17.114 74.128.19.102
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\35567616361647723702D456F677 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\A4F43584D20534F5E4564777F627B6 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{52921110-BBC3-440D-A20A-B6FB75589B0C}\A4F43584D20534F5E4564777F627B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FD3EE8F2-F62D-404D-ABC9-BE132BC0B557} : DhcpNameServer = 66.174.71.33 66.174.95.44
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
LSA: Authentication Packages = msv1_0 wvvvsq.dll
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
.
============= SERVICES / DRIVERS ===============
.
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys [2010-2-3 310320]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys [2010-2-3 482432]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100119.001\IDSvix86.sys [2010-1-19 343088]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-4-4 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-5-18 176128]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2011-11-9 291840]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2011-6-24 39424]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-5-18 106496]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-12-13 37944]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-12-7 7680]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys [2010-2-3 259632]
S1 SysTool;SysTool Overclocking Utility;c:\windows\system32\drivers\SysTool.sys [2006-11-10 24064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-17 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-22 250056]
S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2009-12-7 4994560]
S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-5-18 231936]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-17 136176]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 npggsvc;nProtect GameGuard Service; [x]
S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2011-7-25 59792]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2011-7-25 168208]
S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2011-7-25 168208]
S3 PTUMLNET61;PANTECH UML290 WWAN (NDIS6.1);c:\windows\system32\drivers\PTUMLNET61.sys [2011-7-25 91664]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2011-7-25 168848]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;c:\windows\system32\drivers\PTUMLRMNET.sys [2011-7-25 60432]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2011-7-25 168208]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-12-7 171520]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1008000.029\symndisv.sys [2010-2-3 48688]
S3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-12-7 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960]
S3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
.
=============== Created Last 30 ================
.
2012-08-27 14:27:20 -------- d--h--w- c:\windows\AxInstSV
2012-08-21 10:11:14 388096 ----a-r- c:\users\dylan\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-08-21 10:11:13 -------- d-----w- c:\program files\Trend Micro
2012-08-20 15:17:58 -------- d-----w- c:\users\dylan\appdata\roaming\SpeedyPC Software
2012-08-20 15:17:58 -------- d-----w- c:\users\dylan\appdata\roaming\DriverCure
2012-08-20 15:17:47 -------- d-----w- c:\programdata\SpeedyPC Software
2012-08-20 13:55:59 -------- d-sh--w- C:\found.000
2012-08-20 13:18:19 -------- d-----w- c:\users\dylan\appdata\roaming\Anvisoft
2012-08-20 13:18:13 -------- d-----w- c:\programdata\Anvisoft
2012-08-20 13:18:11 -------- d-----w- c:\program files\Anvisoft
2012-08-20 13:11:17 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-08-20 13:11:17 -------- d-----w- c:\program files\AVG Secure Search
2012-08-20 12:41:03 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-19 11:13:56 -------- d--h--w- c:\programdata\Common Files
2012-08-19 11:13:56 -------- d-----w- c:\programdata\MFAData
2012-08-10 04:30:05 103424 ----a-w- c:\programdata\hp0yVdu8.exe
2012-08-09 22:28:23 -------- d-----w- C:\Cache
2012-08-09 12:10:19 -------- d-----w- C:\visi
2012-08-09 12:10:18 -------- d-----w- C:\w
2012-08-09 12:10:18 -------- d-----w- C:\skins
2012-08-09 12:07:26 -------- d-----w- C:\e
2012-08-09 12:07:25 -------- d-----w- C:\Data
2012-08-09 10:52:21 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-08-09 10:43:34 -------- d-----w- c:\users\dylan\appdata\roaming\Otwo
2012-08-09 10:43:33 -------- d-----w- c:\users\dylan\appdata\roaming\Temiu
2012-08-09 10:43:33 -------- d-----w- c:\users\dylan\appdata\roaming\Dexyyg
2012-08-05 19:29:59 6891424 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{870c1da9-6c4a-45f3-90b0-b1a8660cffa9}\mpengine.dll
2012-08-05 16:45:58 -------- d-----w- c:\program files\Yahoo!
.
==================== Find3M ====================
.
2012-08-14 19:22:34 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-14 19:22:34 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-31 16:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 10:36:42.00 ===============

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 27 August 2012 - 02:03 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Nikodemos

Nikodemos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 27 August 2012 - 02:47 PM

I ran combofix as instructed. After the progress meter reached the end the program closed and I was not given a report or any further prompts. Upon attempting to run the program a second time a recieved an error at around 30% stating Error opening file for writing: C:\32788R22FWJFW\pev.3xe
I was forced to abort as the Retry function would not... function. A common error perhaps?

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 27 August 2012 - 03:18 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Nikodemos

Nikodemos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 27 August 2012 - 03:48 PM

I had run Tdskiller before seeking further assistance, suspecting a rootkit. Here is the original scan log. I ran it again before attempting to run aswMBR.exe. I have included this report as well. As for AswMBR, The program failed to continue while scanning the app data folder.


08:40:05.0337 1552 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
08:40:05.0687 1552 ============================================================
08:40:05.0697 1552 Current date / time: 2012/08/20 08:40:05.0687
08:40:05.0697 1552 SystemInfo:
08:40:05.0697 1552
08:40:05.0697 1552 OS Version: 6.1.7600 ServicePack: 0.0
08:40:05.0697 1552 Product type: Workstation
08:40:05.0697 1552 ComputerName: JOSH-PC
08:40:05.0697 1552 UserName: Stunna
08:40:05.0697 1552 Windows directory: C:\windows
08:40:05.0697 1552 System windows directory: C:\windows
08:40:05.0697 1552 Processor architecture: Intel x86
08:40:05.0697 1552 Number of processors: 2
08:40:05.0697 1552 Page size: 0x1000
08:40:05.0697 1552 Boot type: Normal boot
08:40:05.0697 1552 ============================================================
08:40:07.0486 1552 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:40:07.0566 1552 ============================================================
08:40:07.0566 1552 \Device\Harddisk0\DR0:
08:40:07.0566 1552 MBR partitions:
08:40:07.0566 1552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2416A000
08:40:07.0566 1552 ============================================================
08:40:07.0616 1552 C: <-> \Device\Harddisk0\DR0\Partition1
08:40:07.0666 1552 ============================================================
08:40:07.0666 1552 Initialize success
08:40:07.0666 1552 ============================================================
08:40:11.0377 5496 ============================================================
08:40:11.0377 5496 Scan started
08:40:11.0377 5496 Mode: Manual;
08:40:11.0377 5496 ============================================================
08:40:16.0989 5496 ================ Scan services =============================
08:40:17.0249 5496 [ 6d2aca41739bfe8cb86ee8e85f29697d ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
08:40:17.0249 5496 1394ohci - ok
08:40:17.0279 5496 [ f0e07d144c8685b8774bc32fc8da4df0 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
08:40:17.0289 5496 ACPI - ok
08:40:17.0309 5496 [ 98d81ca942d19f7d9153b095162ac013 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
08:40:17.0309 5496 AcpiPmi - ok
08:40:17.0369 5496 [ 4ae327c9c375d985ff2a2aab92765218 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
08:40:17.0379 5496 Adobe LM Service - ok
08:40:17.0469 5496 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:40:17.0469 5496 AdobeARMservice - ok
08:40:17.0569 5496 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:40:17.0569 5496 AdobeFlashPlayerUpdateSvc - ok
08:40:17.0609 5496 [ 21e785ebd7dc90a06391141aac7892fb ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
08:40:17.0619 5496 adp94xx - ok
08:40:17.0639 5496 [ 0c676bc278d5b59ff5abd57bbe9123f2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
08:40:17.0649 5496 adpahci - ok
08:40:17.0669 5496 [ 7c7b5ee4b7b822ec85321fe23a27db33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
08:40:17.0669 5496 adpu320 - ok
08:40:17.0729 5496 [ 8b5eefeec1e6d1a72a06c526628ad161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:40:17.0749 5496 AeLookupSvc - ok
08:40:17.0799 5496 [ 0db7a48388d54d154ebec120461a0fcd ] AFD C:\windows\system32\drivers\afd.sys
08:40:17.0799 5496 AFD - ok
08:40:17.0839 5496 [ 7e10e3bb9b258ad8a9300f91214d67b9 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
08:40:17.0879 5496 AgereSoftModem - ok
08:40:17.0889 5496 [ 507812c3054c21cef746b6ee3d04dd6e ] agp440 C:\windows\system32\DRIVERS\agp440.sys
08:40:17.0889 5496 agp440 - ok
08:40:17.0909 5496 [ 8b30250d573a8f6b4bd23195160d8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
08:40:17.0929 5496 aic78xx - ok
08:40:17.0959 5496 [ 18a54e132947cd98fea9accc57f98f13 ] ALG C:\windows\System32\alg.exe
08:40:17.0959 5496 ALG - ok
08:40:17.0979 5496 [ 0d40bcf52ea90fc7df2aeab6503dea44 ] aliide C:\windows\system32\DRIVERS\aliide.sys
08:40:17.0979 5496 aliide - ok
08:40:18.0029 5496 [ 0bc6704f6fb4c63cdcb85401e8263a1b ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
08:40:18.0029 5496 AMD External Events Utility - ok
08:40:18.0089 5496 AMD FUEL Service - ok
08:40:18.0119 5496 [ 3c6600a0696e90a463771c7422e23ab5 ] amdagp C:\windows\system32\DRIVERS\amdagp.sys
08:40:18.0119 5496 amdagp - ok
08:40:18.0129 5496 [ cd5914170297126b6266860198d1d4f0 ] amdide C:\windows\system32\DRIVERS\amdide.sys
08:40:18.0129 5496 amdide - ok
08:40:18.0159 5496 [ ff258424f0b2ef25eb98f04ee386e6e3 ] amdiox86 C:\windows\system32\DRIVERS\amdiox86.sys
08:40:18.0159 5496 amdiox86 - ok
08:40:18.0179 5496 [ 00dda200d71bac534bf56a9db5dfd666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
08:40:18.0179 5496 AmdK8 - ok
08:40:18.0329 5496 [ c97be8350fbcb1960b22fad2e6c2b514 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
08:40:18.0449 5496 amdkmdag - ok
08:40:18.0499 5496 [ c9b705ff53b15dd71f6a4d4f45396edd ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
08:40:18.0499 5496 amdkmdap - ok
08:40:18.0519 5496 [ 3cbf30f5370fda40dd3e87df38ea53b6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
08:40:18.0529 5496 AmdPPM - ok
08:40:18.0569 5496 [ 19ce906b4cdc11fc4fef5745f33a63b6 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:40:18.0569 5496 amdsata - ok
08:40:18.0599 5496 [ ea43af0c423ff267355f74e7a53bdaba ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
08:40:18.0599 5496 amdsbs - ok
08:40:18.0619 5496 [ 869e67d66be326a5a9159fba8746fa70 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:40:18.0619 5496 amdxata - ok
08:40:18.0659 5496 [ db0feb51dfa00543bf381d2014550fa3 ] androidusb C:\windows\system32\Drivers\androidusb.sys
08:40:18.0659 5496 androidusb - ok
08:40:18.0699 5496 [ 62b03afe5cc83bacf064848daa295d9c ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
08:40:18.0719 5496 AODDriver4.01 - ok
08:40:18.0739 5496 [ feb834c02ce1e84b6a38f953ca067706 ] AppID C:\windows\system32\drivers\appid.sys
08:40:18.0739 5496 AppID - ok
08:40:18.0759 5496 [ 62a9c86cb6085e20db4823e4e97826f5 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:40:18.0759 5496 AppIDSvc - ok
08:40:18.0779 5496 [ 7dead9e3f65dcb2794f2711003bbf650 ] Appinfo C:\windows\System32\appinfo.dll
08:40:18.0779 5496 Appinfo - ok
08:40:18.0879 5496 [ 20f6f19fe9e753f2780dc2fa083ad597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:40:18.0879 5496 Apple Mobile Device - ok
08:40:18.0909 5496 [ 2932004f49677bd84dbc72edb754ffb3 ] arc C:\windows\system32\DRIVERS\arc.sys
08:40:18.0919 5496 arc - ok
08:40:18.0929 5496 [ 5d6f36c46fd283ae1b57bd2e9feb0bc7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
08:40:18.0929 5496 arcsas - ok
08:40:19.0029 5496 [ 39cdcb109bf200cc8a05b9c7e6272d11 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:40:19.0039 5496 aspnet_state - ok
08:40:19.0059 5496 [ add2ade1c2b285ab8378d2daaf991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:40:19.0059 5496 AsyncMac - ok
08:40:19.0069 5496 [ 338c86357871c167a96ab976519bf59e ] atapi C:\windows\system32\DRIVERS\atapi.sys
08:40:19.0069 5496 atapi - ok
08:40:19.0129 5496 [ 76bab0c824e2d05b940c4dd40a9b08bf ] athr C:\windows\system32\DRIVERS\athr.sys
08:40:19.0169 5496 athr - ok
08:40:19.0289 5496 [ c97be8350fbcb1960b22fad2e6c2b514 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
08:40:19.0319 5496 atikmdag - ok
08:40:19.0359 5496 [ b73c832088dd54b55e04ff6f9646ad8c ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
08:40:19.0359 5496 AtiPcie - ok
08:40:19.0429 5496 [ 0e4bb35c5305099ac82053ac992e3e0e ] ATITool C:\windows\system32\DRIVERS\ATITool.sys
08:40:19.0429 5496 ATITool - ok
08:40:19.0459 5496 [ 510c873bfa135aa829f4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:40:19.0459 5496 AudioEndpointBuilder - ok
08:40:19.0489 5496 [ 510c873bfa135aa829f4180352772734 ] Audiosrv C:\windows\System32\Audiosrv.dll
08:40:19.0489 5496 Audiosrv - ok
08:40:19.0529 5496 [ dd6a431b43e34b91a767d1ce33728175 ] AxInstSV C:\windows\System32\AxInstSV.dll
08:40:19.0529 5496 AxInstSV - ok
08:40:19.0799 5496 [ 1a231abec60fd316ec54c66715543cec ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
08:40:19.0799 5496 b06bdrv - ok
08:40:20.0120 5496 [ bd8869eb9cde6bbe4508d869929869ee ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
08:40:20.0120 5496 b57nd60x - ok
08:40:20.0160 5496 [ ee1e9c3bb8228ae423dd38db69128e71 ] BDESVC C:\windows\System32\bdesvc.dll
08:40:20.0170 5496 BDESVC - ok
08:40:20.0180 5496 [ 505506526a9d467307b3c393dedaf858 ] Beep C:\windows\system32\drivers\Beep.sys
08:40:20.0180 5496 Beep - ok
08:40:20.0230 5496 [ 76154fa6a742c613b44bb636b1a7c057 ] BHDrvx86 C:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
08:40:20.0230 5496 BHDrvx86 - ok
08:40:20.0240 5496 [ 2287078ed48fcfc477b05b20cf38f36f ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
08:40:20.0250 5496 blbdrive - ok
08:40:20.0270 5496 [ 9a5c671b7fbae4865149bb11f59b91b2 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:40:20.0270 5496 bowser - ok
08:40:20.0300 5496 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
08:40:20.0300 5496 BrFiltLo - ok
08:40:20.0320 5496 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
08:40:20.0320 5496 BrFiltUp - ok
08:40:20.0340 5496 [ 598e1280e7ff3744f4b8329366cc5635 ] Browser C:\windows\System32\browser.dll
08:40:20.0340 5496 Browser - ok
08:40:20.0370 5496 [ 845b8ce732e67f3b4133164868c666ea ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:40:20.0380 5496 Brserid - ok
08:40:20.0400 5496 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:40:20.0410 5496 BrSerWdm - ok
08:40:20.0420 5496 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:40:20.0420 5496 BrUsbMdm - ok
08:40:20.0440 5496 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:40:20.0440 5496 BrUsbSer - ok
08:40:20.0450 5496 [ ed3df7c56ce0084eb2034432fc56565a ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
08:40:20.0460 5496 BTHMODEM - ok
08:40:20.0490 5496 [ 1df19c96eef6c29d1c3e1a8678e07190 ] bthserv C:\windows\system32\bthserv.dll
08:40:20.0490 5496 bthserv - ok
08:40:20.0530 5496 [ 8973ff34b83572d867b5b928905ad5ac ] ccHP C:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys
08:40:20.0550 5496 ccHP - ok
08:40:20.0580 5496 [ 77ea11b065e0a8ab902d78145ca51e10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:40:20.0580 5496 cdfs - ok
08:40:20.0610 5496 [ ba6e70aa0e6091bc39de29477d866a77 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
08:40:20.0610 5496 cdrom - ok
08:40:20.0650 5496 [ 628a9e30ec5e18dd5de6be4dbdc12198 ] CertPropSvc C:\windows\System32\certprop.dll
08:40:20.0650 5496 CertPropSvc - ok
08:40:20.0740 5496 [ 1f8a319d29394f9ce1b7ae020df2ebbf ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
08:40:20.0750 5496 cfWiMAXService - ok
08:40:20.0780 5496 [ 3fe3fe94a34df6fb06e6418d0f6a0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
08:40:20.0780 5496 circlass - ok
08:40:20.0790 5496 [ 635181e0e9bbf16871bf5380d71db02d ] CLFS C:\windows\system32\CLFS.sys
08:40:20.0800 5496 CLFS - ok
08:40:20.0830 5496 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:40:20.0850 5496 clr_optimization_v2.0.50727_32 - ok
08:40:20.0920 5496 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:40:21.0080 5496 clr_optimization_v4.0.30319_32 - ok
08:40:21.0120 5496 [ dea805815e587dad1dd2c502220b5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
08:40:21.0120 5496 CmBatt - ok
08:40:21.0150 5496 [ c537b1db64d495b9b4717b4d6d9edbf2 ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
08:40:21.0150 5496 cmdide - ok
08:40:21.0180 5496 [ 1b675691ed940766149c93e8f4488d68 ] CNG C:\windows\system32\Drivers\cng.sys
08:40:21.0190 5496 CNG - ok
08:40:21.0210 5496 [ a6023d3823c37043986713f118a89bee ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
08:40:21.0220 5496 Compbatt - ok
08:40:21.0250 5496 [ f1724ba27e97d627f808fb0ba77a28a6 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
08:40:21.0250 5496 CompositeBus - ok
08:40:21.0250 5496 COMSysApp - ok
08:40:21.0280 5496 [ cab0eeaf5295fc96ddd3e19dce27e131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
08:40:21.0280 5496 ConfigFree Service - ok
08:40:21.0300 5496 [ 2c4ebcfc84a9b44f209dff6c6e6c61d1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
08:40:21.0300 5496 crcdisk - ok
08:40:21.0350 5496 [ 9c231178ce4fb385f4b54b0a9080b8a4 ] CryptSvc C:\windows\system32\cryptsvc.dll
08:40:21.0350 5496 CryptSvc - ok
08:40:21.0390 5496 dbuyraem - ok
08:40:21.0430 5496 [ b82cd39e336973359d7c9bf911e8e84f ] DcomLaunch C:\windows\system32\rpcss.dll
08:40:21.0520 5496 DcomLaunch - ok
08:40:21.0560 5496 [ 8d6e10a2d9a5eed59562d9b82cf804e1 ] defragsvc C:\windows\System32\defragsvc.dll
08:40:21.0570 5496 defragsvc - ok
08:40:21.0610 5496 [ 83d1ecea8faae75604c0fa49ac7ad996 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:40:21.0610 5496 DfsC - ok
08:40:21.0620 5496 [ c56495fbd770712367cad35e5de72da6 ] Dhcp C:\windows\system32\dhcpcore.dll
08:40:21.0630 5496 Dhcp - ok
08:40:21.0660 5496 [ 1a050b0274bfb3890703d490f330c0da ] discache C:\windows\system32\drivers\discache.sys
08:40:21.0660 5496 discache - ok
08:40:21.0680 5496 [ 565003f326f99802e68ca78f2a68e9ff ] Disk C:\windows\system32\DRIVERS\disk.sys
08:40:21.0690 5496 Disk - ok
08:40:21.0710 5496 [ b15be77a2bacf9c3177d27518afe26a9 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:40:21.0720 5496 Dnscache - ok
08:40:21.0740 5496 [ 4408c85c21eea48eb0ce486baeef0502 ] dot3svc C:\windows\System32\dot3svc.dll
08:40:21.0750 5496 dot3svc - ok
08:40:21.0770 5496 [ 7fa81c6e11caa594adb52084da73a1e5 ] DPS C:\windows\system32\dps.dll
08:40:21.0770 5496 DPS - ok
08:40:21.0790 5496 [ b918e7c5f9bf77202f89e1a9539f2eb4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:40:21.0790 5496 drmkaud - ok
08:40:21.0830 5496 [ 1679a4669326cb1a67cc95658d273234 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:40:21.0850 5496 DXGKrnl - ok
08:40:21.0870 5496 [ 8600142fa91c1b96367d3300ad0f3f3a ] EapHost C:\windows\System32\eapsvc.dll
08:40:21.0870 5496 EapHost - ok
08:40:21.0950 5496 [ 024e1b5cac09731e4d868e64dbfb4ab0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
08:40:22.0030 5496 ebdrv - ok
08:40:22.0110 5496 [ f42309c4191c506b71db5d1126d26318 ] EFS C:\windows\System32\lsass.exe
08:40:22.0110 5496 EFS - ok
08:40:22.0150 5496 ehdvr - ok
08:40:22.0220 5496 [ 1697c39978cd69f6fbc15302edcece1f ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:40:22.0230 5496 ehRecvr - ok
08:40:22.0280 5496 [ d389bff34f80caede417bf9d1507996a ] ehSched C:\windows\ehome\ehsched.exe
08:40:22.0280 5496 ehSched - ok
08:40:22.0310 5496 [ 0ed67910c8c326796faa00b2bf6d9d3c ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
08:40:22.0320 5496 elxstor - ok
08:40:22.0350 5496 [ 8fc3208352dd3912c94367a206ab3f11 ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
08:40:22.0350 5496 ErrDev - ok
08:40:22.0420 5496 [ f6916efc29d9953d5d0df06882ae8e16 ] EventSystem C:\windows\system32\es.dll
08:40:22.0420 5496 EventSystem - ok
08:40:22.0450 5496 [ 2dc9108d74081149cc8b651d3a26207f ] exfat C:\windows\system32\drivers\exfat.sys
08:40:22.0450 5496 exfat - ok
08:40:22.0470 5496 [ 7e0ab74553476622fb6ae36f73d97d35 ] fastfat C:\windows\system32\drivers\fastfat.sys
08:40:22.0470 5496 fastfat - ok
08:40:22.0500 5496 [ f7ea23cc5e6bf2181f3f399d54f6efc1 ] Fax C:\windows\system32\fxssvc.exe
08:40:22.0510 5496 Fax - ok
08:40:22.0530 5496 [ e817a017f82df2a1f8cfdbda29388b29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
08:40:22.0540 5496 fdc - ok
08:40:22.0560 5496 [ f3222c893bd2f5821a0179e5c71e88fb ] fdPHost C:\windows\system32\fdPHost.dll
08:40:22.0560 5496 fdPHost - ok
08:40:22.0580 5496 [ 7dbe8cbfe79efbdeb98c9fb08d3a9a5b ] FDResPub C:\windows\system32\fdrespub.dll
08:40:22.0580 5496 FDResPub - ok
08:40:22.0600 5496 [ 6cf00369c97f3cf563be99be983d13d8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:40:22.0600 5496 FileInfo - ok
08:40:22.0610 5496 [ 42c51dc94c91da21cb9196eb64c45db9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:40:22.0620 5496 Filetrace - ok
08:40:22.0630 5496 [ 87907aa70cb3c56600f1c2fb8841579b ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
08:40:22.0640 5496 flpydisk - ok
08:40:22.0660 5496 [ 7520ec808e0c35e0ee6f841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:40:22.0660 5496 FltMgr - ok
08:40:22.0720 5496 [ 7fe4995528a7529a761875151ee3d512 ] FontCache C:\windows\system32\FntCache.dll
08:40:23.0020 5496 FontCache - ok
08:40:23.0290 5496 [ e56f39f6b7fda0ac77a79b0fd3de1a2f ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:40:23.0290 5496 FontCache3.0.0.0 - ok
08:40:23.0300 5496 [ 1a16b57943853e598cff37fe2b8cbf1d ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:40:23.0300 5496 FsDepends - ok
08:40:23.0300 5496 [ a574b4360e438977038aae4bf60d79a2 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:40:23.0310 5496 Fs_Rec - ok
08:40:23.0350 5496 [ dafbd9fe39197495aed6d51f3b85b5d2 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:40:23.0350 5496 fvevol - ok
08:40:23.0380 5496 [ 0f76e205bdc60364f08a5949082771ca ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
08:40:23.0380 5496 FwLnk - ok
08:40:23.0400 5496 [ 65ee0c7a58b65e74ae05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
08:40:23.0400 5496 gagp30kx - ok
08:40:23.0450 5496 [ 8ba3c04702bf8f927ab36ae8313ca4ee ] gpsvc C:\windows\System32\gpsvc.dll
08:40:23.0460 5496 gpsvc - ok
08:40:23.0530 5496 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
08:40:23.0530 5496 gupdate - ok
08:40:23.0570 5496 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:40:23.0570 5496 gupdatem - ok
08:40:23.0590 5496 [ c44e3c2bab6837db337ddee7544736db ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:40:23.0590 5496 hcw85cir - ok
08:40:23.0610 5496 [ 3530cad25deba7dc7de8bb51632cbc5f ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:40:23.0620 5496 HdAudAddService - ok
08:40:23.0640 5496 [ 717a2207fd6f13ad3e664c7d5a43c7bf ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
08:40:23.0640 5496 HDAudBus - ok
08:40:23.0660 5496 [ 1d58a7f3e11a9731d0eaaaa8405acc36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
08:40:23.0660 5496 HidBatt - ok
08:40:23.0680 5496 [ 89448f40e6df260c206a193a4683ba78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
08:40:23.0680 5496 HidBth - ok
08:40:23.0710 5496 [ cf50b4cf4a4f229b9f3c08351f99ca5e ] HidIr C:\windows\system32\DRIVERS\hidir.sys
08:40:23.0710 5496 HidIr - ok
08:40:23.0740 5496 [ 2bc6f6a1992b3a77f5f41432ca6b3b6b ] hidserv C:\windows\system32\hidserv.dll
08:40:23.0740 5496 hidserv - ok
08:40:23.0770 5496 [ 25072fb35ac90b25f9e4e3bacf774102 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
08:40:23.0770 5496 HidUsb - ok
08:40:23.0800 5496 [ 741c2a45ca8407e374aaba3e330b7872 ] hkmsvc C:\windows\system32\kmsvc.dll
08:40:23.0800 5496 hkmsvc - ok
08:40:23.0810 5496 [ a768ca158bb06782a2835b907f4873c3 ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:40:23.0810 5496 HomeGroupListener - ok
08:40:23.0840 5496 [ fb08dec5ef43d0c66d83b8e9694e7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:40:23.0850 5496 HomeGroupProvider - ok
08:40:23.0910 5496 [ 295fdc419039090eb8b49ffdbb374549 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
08:40:23.0910 5496 HpSAMD - ok
08:40:23.0940 5496 [ c531c7fd9e8b62021112787c4e2c5a5a ] HTTP C:\windows\system32\drivers\HTTP.sys
08:40:23.0950 5496 HTTP - ok
08:40:23.0960 5496 [ 8305f33cde89ad6c7a0763ed0b5a8d42 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:40:23.0970 5496 hwpolicy - ok
08:40:23.0990 5496 [ f151f0bdc47f4a28b1b20a0818ea36d6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
08:40:23.0990 5496 i8042prt - ok
08:40:24.0020 5496 [ 71f1a494fedf4b33c02c4a6a28d6d9e9 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:40:24.0030 5496 iaStorV - ok
08:40:24.0120 5496 [ 5af815eb5bc9802e5a064e2ba62bfc0c ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:40:24.0200 5496 idsvc - ok
08:40:24.0280 5496 [ 785b0ab77d977445d58b02ea63c11fb2 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100119.001\IDSvix86.sys
08:40:24.0300 5496 IDSVix86 - ok
08:40:24.0350 5496 [ 4173ff5708f3236cf25195fecd742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
08:40:24.0350 5496 iirsp - ok
08:40:24.0400 5496 [ fac0ee6562b121b1399d6e855583f7a5 ] IKEEXT C:\windows\System32\ikeext.dll
08:40:24.0420 5496 IKEEXT - ok
08:40:24.0540 5496 [ 516e2292f266c2f30089b5479c355858 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
08:40:24.0670 5496 IntcAzAudAddService - ok
08:40:24.0690 5496 [ a0f12f2c9ba6c72f3987ce780e77c130 ] intelide C:\windows\system32\DRIVERS\intelide.sys
08:40:24.0690 5496 intelide - ok
08:40:24.0710 5496 [ 3b514d27bfc4accb4037bc6685f766e0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:40:24.0710 5496 intelppm - ok
08:40:24.0780 5496 [ acb364b9075a45c0736e5c47be5cae19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:40:24.0780 5496 IPBusEnum - ok
08:40:24.0800 5496 [ 709d1761d3b19a932ff0238ea6d50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:40:24.0800 5496 IpFilterDriver - ok
08:40:24.0820 5496 [ e4454b6c37d7ffd5649611f6496308a7 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
08:40:24.0820 5496 IPMIDRV - ok
08:40:24.0830 5496 [ a5fa468d67abcdaa36264e463a7bb0cd ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:40:24.0830 5496 IPNAT - ok
08:40:24.0851 5496 [ 42996cff20a3084a56017b7902307e9f ] IRENUM C:\windows\system32\drivers\irenum.sys
08:40:24.0851 5496 IRENUM - ok
08:40:24.0871 5496 [ 1f32bb6b38f62f7df1a7ab7292638a35 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
08:40:24.0871 5496 isapnp - ok
08:40:24.0901 5496 [ ed46c223ae46c6866ab77cdc41c404b7 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
08:40:24.0901 5496 iScsiPrt - ok
08:40:24.0911 5496 [ adef52ca1aeae82b50df86b56413107e ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
08:40:24.0921 5496 kbdclass - ok
08:40:24.0931 5496 [ 3d9f0ebf350edcfd6498057301455964 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
08:40:24.0941 5496 kbdhid - ok
08:40:24.0951 5496 [ f42309c4191c506b71db5d1126d26318 ] KeyIso C:\windows\system32\lsass.exe
08:40:24.0951 5496 KeyIso - ok
08:40:24.0971 5496 [ e36a061ec11b373826905b21be10948f ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:40:24.0971 5496 KSecDD - ok
08:40:25.0001 5496 [ 365c6154bbbc5377173f1ca7bfb6cc59 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:40:25.0011 5496 KSecPkg - ok
08:40:25.0051 5496 [ 89a7b9cc98d0d80c6f31b91c0a310fcd ] KtmRm C:\windows\system32\msdtckrm.dll
08:40:25.0061 5496 KtmRm - ok
08:40:25.0101 5496 [ 8f6bf790d3168224c16f2af68a84438c ] LanmanServer C:\windows\system32\srvsvc.dll
08:40:25.0121 5496 LanmanServer - ok
08:40:25.0171 5496 [ b9891f885dcf1f0513a51cb58493cb1f ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:40:25.0171 5496 LanmanWorkstation - ok
08:40:25.0211 5496 [ f7611ec07349979da9b0ae1f18ccc7a6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:40:25.0211 5496 lltdio - ok
08:40:25.0241 5496 [ 5700673e13a2117fa3b9020c852c01e2 ] lltdsvc C:\windows\System32\lltdsvc.dll
08:40:25.0251 5496 lltdsvc - ok
08:40:25.0261 5496 [ 55ca01ba19d0006c8f2639b6c045e08b ] lmhosts C:\windows\System32\lmhsvc.dll
08:40:25.0271 5496 lmhosts - ok
08:40:25.0301 5496 [ eb119a53ccf2acc000ac71b065b78fef ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
08:40:25.0301 5496 LSI_FC - ok
08:40:25.0321 5496 [ 8ade1c877256a22e49b75d1cc9161f9c ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
08:40:25.0321 5496 LSI_SAS - ok
08:40:25.0351 5496 [ dc9dc3d3daa0e276fd2ec262e38b11e9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
08:40:25.0361 5496 LSI_SAS2 - ok
08:40:25.0381 5496 [ 0a036c7d7cab643a7f07135ac47e0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
08:40:25.0381 5496 LSI_SCSI - ok
08:40:25.0451 5496 [ 6703e366cc18d3b6e534f5cf7df39cee ] luafv C:\windows\system32\drivers\luafv.sys
08:40:25.0451 5496 luafv - ok
08:40:25.0541 5496 [ 22a7776c5d8eb5930edf9c8dd0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
08:40:25.0551 5496 McComponentHostService - ok
08:40:25.0581 5496 [ e2b0887816ed336685954e3d8fdaa51d ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:40:25.0581 5496 Mcx2Svc - ok
08:40:25.0611 5496 [ 0fff5b045293002ab38eb1fd1fc2fb74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
08:40:25.0621 5496 megasas - ok
08:40:25.0641 5496 [ dcbab2920c75f390caf1d29f675d03d6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
08:40:25.0641 5496 MegaSR - ok
08:40:25.0671 5496 mensutkq - ok
08:40:25.0701 5496 [ 146b6f43a673379a3c670e86d89be5ea ] MMCSS C:\windows\system32\mmcss.dll
08:40:25.0711 5496 MMCSS - ok
08:40:25.0721 5496 [ f001861e5700ee84e2d4e52c712f4964 ] Modem C:\windows\system32\drivers\modem.sys
08:40:25.0721 5496 Modem - ok
08:40:25.0731 5496 [ 79d10964de86b292320e9dfe02282a23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:40:25.0731 5496 monitor - ok
08:40:25.0741 5496 [ fb18cc1d4c2e716b6b903b0ac0cc0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
08:40:25.0751 5496 mouclass - ok
08:40:25.0781 5496 [ 2c388d2cd01c9042596cf3c8f3c7b24d ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:40:25.0781 5496 mouhid - ok
08:40:25.0801 5496 [ 921c18727c5920d6c0300736646931c2 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:40:25.0801 5496 mountmgr - ok
08:40:25.0872 5496 [ fee0baded54222e9f1dae9541212aab1 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
08:40:25.0872 5496 MpFilter - ok
08:40:25.0912 5496 [ 2af5997438c55fb79d33d015c30e1974 ] mpio C:\windows\system32\DRIVERS\mpio.sys
08:40:25.0912 5496 mpio - ok
08:40:25.0962 5496 [ 2c3489660d4a8d514c123c3f0d67df46 ] MpNWMon C:\windows\system32\DRIVERS\MpNWMon.sys
08:40:25.0962 5496 MpNWMon - ok
08:40:25.0982 5496 [ ad2723a7b53dd1aacae6ad8c0bfbf4d0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:40:25.0982 5496 mpsdrv - ok
08:40:26.0002 5496 [ b1be47008d20e43da3adc37c24cdb89d ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:40:26.0012 5496 MRxDAV - ok
08:40:26.0072 5496 [ ca7570e42522e24324a12161db14ec02 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:40:26.0072 5496 mrxsmb - ok
08:40:26.0102 5496 [ f965c3ab2b2ae5c378f4562486e35051 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:40:26.0112 5496 mrxsmb10 - ok
08:40:26.0152 5496 [ 25c38264a3c72594dd21d355d70d7a5d ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:40:26.0162 5496 mrxsmb20 - ok
08:40:26.0172 5496 [ 4326d168944123f38dd3b2d9c37a0b12 ] msahci C:\windows\system32\DRIVERS\msahci.sys
08:40:26.0172 5496 msahci - ok
08:40:26.0192 5496 [ 455029c7174a2dbb03dba8a0d8bddd9a ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
08:40:26.0192 5496 msdsm - ok
08:40:26.0212 5496 [ e1bce74a3bd9902b72599c0192a07e27 ] MSDTC C:\windows\System32\msdtc.exe
08:40:26.0222 5496 MSDTC - ok
08:40:26.0262 5496 [ daefb28e3af5a76abcc2c3078c07327f ] Msfs C:\windows\system32\drivers\Msfs.sys
08:40:26.0262 5496 Msfs - ok
08:40:26.0272 5496 [ 3e1e5767043c5af9367f0056295e9f84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:40:26.0272 5496 mshidkmdf - ok
08:40:26.0292 5496 [ 0a4e5757ae09fa9622e3158cc1aef114 ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
08:40:26.0292 5496 msisadrv - ok
08:40:26.0332 5496 [ 90f7d9e6b6f27e1a707d4a297f077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:40:26.0332 5496 MSiSCSI - ok
08:40:26.0342 5496 msiserver - ok
08:40:26.0362 5496 [ 8c0860d6366aaffb6c5bb9df9448e631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:40:26.0362 5496 MSKSSRV - ok
08:40:26.0372 5496 [ 3ea8b949f963562cedbb549eac0c11ce ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:40:26.0372 5496 MSPCLOCK - ok
08:40:26.0382 5496 [ f456e973590d663b1073e9c463b40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:40:26.0392 5496 MSPQM - ok
08:40:26.0412 5496 [ 0e008fc4819d238c51d7c93e7b41e560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:40:26.0412 5496 MsRPC - ok
08:40:26.0462 5496 [ fc6b9ff600cc585ea38b12589bd4e246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
08:40:26.0472 5496 mssmbios - ok
08:40:26.0482 5496 [ b42c6b921f61a6e55159b8be6cd54a36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:40:26.0482 5496 MSTEE - ok
08:40:26.0492 5496 [ 33599130f44e1f34631cea241de8ac84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
08:40:26.0492 5496 MTConfig - ok
08:40:26.0522 5496 [ 159fad02f64e6381758c990f753bcc80 ] Mup C:\windows\system32\Drivers\mup.sys
08:40:26.0522 5496 Mup - ok
08:40:26.0542 5496 [ 80284f1985c70c86f0b5f86da2dfe1df ] napagent C:\windows\system32\qagentRT.dll
08:40:26.0552 5496 napagent - ok
08:40:26.0582 5496 [ 26384429fcd85d83746f63e798ab1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:40:26.0582 5496 NativeWifiP - ok
08:40:26.0592 5496 NAVENG - ok
08:40:26.0602 5496 NAVEX15 - ok
08:40:26.0642 5496 [ 23759d175a0a9baaf04d05047bc135a8 ] NDIS C:\windows\system32\drivers\ndis.sys
08:40:26.0662 5496 NDIS - ok
08:40:26.0692 5496 [ 0e1787aa6c9191d3d319e8bafe86f80c ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:40:26.0692 5496 NdisCap - ok
08:40:26.0712 5496 [ e4a8aec125a2e43a9e32afeea7c9c888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:40:26.0712 5496 NdisTapi - ok
08:40:26.0752 5496 [ b30ae7f2b6d7e343b0df32e6c08fce75 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:40:26.0752 5496 Ndisuio - ok
08:40:26.0762 5496 [ 267c415eadcbe53c9ca873dee39cf3a4 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:40:26.0772 5496 NdisWan - ok
08:40:26.0782 5496 [ af7e7c63dcef3f8772726f86039d6eb4 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:40:26.0782 5496 NDProxy - ok
08:40:26.0802 5496 [ 80b275b1ce3b0e79909db7b39af74d51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:40:26.0802 5496 NetBIOS - ok
08:40:26.0812 5496 [ dd52a733bf4ca5af84562a5e2f963b91 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:40:26.0822 5496 NetBT - ok
08:40:26.0832 5496 [ f42309c4191c506b71db5d1126d26318 ] Netlogon C:\windows\system32\lsass.exe
08:40:26.0832 5496 Netlogon - ok
08:40:26.0872 5496 [ 7cccfca7510684768da22092d1fa4db2 ] Netman C:\windows\System32\netman.dll
08:40:26.0872 5496 Netman - ok
08:40:26.0922 5496 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:40:26.0952 5496 NetMsmqActivator - ok
08:40:26.0972 5496 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:40:26.0982 5496 NetPipeActivator - ok
08:40:27.0002 5496 [ 8c338238c16777a802d6a9211eb2ba50 ] netprofm C:\windows\System32\netprofm.dll
08:40:27.0012 5496 netprofm - ok
08:40:27.0012 5496 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:40:27.0022 5496 NetTcpActivator - ok
08:40:27.0022 5496 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:40:27.0022 5496 NetTcpPortSharing - ok
08:40:27.0072 5496 [ 1d85c4b390b0ee09c7a46b91efb2c097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
08:40:27.0082 5496 nfrd960 - ok
08:40:27.0172 5496 [ 7b01c6172cfd0b10116175e09200d4b4 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:40:27.0172 5496 NisDrv - ok
08:40:27.0242 5496 [ a5cb074f34bbd89948e34a630d459c0c ] NisSrv c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
08:40:27.0242 5496 NisSrv - ok
08:40:27.0272 5496 [ 2226496e34bd40734946a054b1cd657f ] NlaSvc C:\windows\System32\nlasvc.dll
08:40:27.0282 5496 NlaSvc - ok
08:40:27.0292 5496 [ 1db262a9f8c087e8153d89bef3d2235f ] Npfs C:\windows\system32\drivers\Npfs.sys
08:40:27.0292 5496 Npfs - ok
08:40:27.0312 5496 [ ba387e955e890c8a88306d9b8d06bf17 ] nsi C:\windows\system32\nsisvc.dll
08:40:27.0312 5496 nsi - ok
08:40:27.0352 5496 [ e9a0a4d07e53d8fea2bb8387a3293c58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:40:27.0362 5496 nsiproxy - ok
08:40:27.0432 5496 [ 187002ce05693c306f43c873f821381f ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:40:27.0472 5496 Ntfs - ok
08:40:27.0502 5496 [ f9756a98d69098dca8945d62858a812c ] Null C:\windows\system32\drivers\Null.sys
08:40:27.0512 5496 Null - ok
08:40:27.0552 5496 [ f1b0bed906f97e16f6d0c3629d2f21c6 ] nvraid C:\windows\system32\drivers\nvraid.sys
08:40:27.0562 5496 nvraid - ok
08:40:27.0582 5496 [ 4520b63899e867f354ee012d34e11536 ] nvstor C:\windows\system32\drivers\nvstor.sys
08:40:27.0582 5496 nvstor - ok
08:40:27.0602 5496 [ 5a0983915f02bae73267cc2a041f717d ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
08:40:27.0612 5496 nv_agp - ok
08:40:27.0722 5496 [ 84de1dd996b48b05ace31ad015fa108a ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:40:27.0742 5496 odserv - ok
08:40:27.0802 5496 [ 08a70a1f2cdde9bb49b885cb817a66eb ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
08:40:27.0802 5496 ohci1394 - ok
08:40:27.0852 5496 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:40:27.0863 5496 ose - ok
08:40:27.0893 5496 [ 82a8521ddc60710c3d3d3e7325209bec ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:40:27.0893 5496 p2pimsvc - ok
08:40:27.0943 5496 [ 59c3ddd501e39e006dac31bf55150d91 ] p2psvc C:\windows\system32\p2psvc.dll
08:40:27.0953 5496 p2psvc - ok
08:40:28.0003 5496 [ 2ea877ed5dd9713c5ac74e8ea7348d14 ] Parport C:\windows\system32\DRIVERS\parport.sys
08:40:28.0003 5496 Parport - ok
08:40:28.0023 5496 [ ff4218952b51de44fe910953a3e686b9 ] partmgr C:\windows\system32\drivers\partmgr.sys
08:40:28.0023 5496 partmgr - ok
08:40:28.0043 5496 [ eb0a59f29c19b86479d36b35983daadc ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
08:40:28.0043 5496 Parvdm - ok
08:40:28.0093 5496 [ 358ab7956d3160000726574083dfc8a6 ] PcaSvc C:\windows\System32\pcasvc.dll
08:40:28.0093 5496 PcaSvc - ok
08:40:28.0103 5496 [ c858cb77c577780ecc456a892e7e7d0f ] pci C:\windows\system32\DRIVERS\pci.sys
08:40:28.0103 5496 pci - ok
08:40:28.0123 5496 [ afe86f419014db4e5593f69ffe26ce0a ] pciide C:\windows\system32\DRIVERS\pciide.sys
08:40:28.0123 5496 pciide - ok
08:40:28.0153 5496 [ f396431b31693e71e8a80687ef523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
08:40:28.0153 5496 pcmcia - ok
08:40:28.0173 5496 [ 250f6b43d2b613172035c6747aeeb19f ] pcw C:\windows\system32\drivers\pcw.sys
08:40:28.0173 5496 pcw - ok
08:40:28.0203 5496 [ 9e0104ba49f4e6973749a02bf41344ed ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:40:28.0223 5496 PEAUTH - ok
08:40:28.0333 5496 [ 9c1bff7910c89a1d12e57343475840cb ] pla C:\windows\system32\pla.dll
08:40:28.0373 5496 pla - ok
08:40:28.0433 5496 [ 71def5ec79774c798342d0ea16e41780 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:40:28.0443 5496 PlugPlay - ok
08:40:28.0463 5496 [ 63ff8572611249931eb16bb8eed6afc8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:40:28.0463 5496 PNRPAutoReg - ok
08:40:28.0483 5496 [ 82a8521ddc60710c3d3d3e7325209bec ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:40:28.0483 5496 PNRPsvc - ok
08:40:28.0523 5496 [ 48e1b75c6dc0232fd92baae4bd344721 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:40:28.0523 5496 PolicyAgent - ok
08:40:28.0573 5496 [ dbff83f709a91049621c1d35dd45c92c ] Power C:\windows\system32\umpo.dll
08:40:28.0573 5496 Power - ok
08:40:28.0603 5496 [ 631e3e205ad6d86f2aed6a4a8e69f2db ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:40:28.0603 5496 PptpMiniport - ok
08:40:28.0623 5496 [ 85b1e3a0c7585bc4aae6899ec6fcf011 ] Processor C:\windows\system32\DRIVERS\processr.sys
08:40:28.0633 5496 Processor - ok
08:40:28.0653 5496 [ 630cf26f0227498b7d5a92b12548960f ] ProfSvc C:\windows\system32\profsvc.dll
08:40:28.0663 5496 ProfSvc - ok
08:40:28.0673 5496 [ f42309c4191c506b71db5d1126d26318 ] ProtectedStorage C:\windows\system32\lsass.exe
08:40:28.0673 5496 ProtectedStorage - ok
08:40:28.0693 5496 [ 6270ccae2a86de6d146529fe55b3246a ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:40:28.0693 5496 Psched - ok
08:40:28.0713 5496 [ 899cc1416505270d500a24d6d7337074 ] PTUMLBUS C:\windows\system32\DRIVERS\PTUMLBUS.sys
08:40:28.0713 5496 PTUMLBUS - ok
08:40:28.0773 5496 [ 8867c6df67acb070b28b5b674d535e17 ] ptumlcmsvc C:\windows\system32\ptumlcmsvc.exe
08:40:28.0773 5496 ptumlcmsvc - ok
08:40:28.0783 5496 [ da131bca8fa708f3d62635e36b1d1104 ] PTUMLCVsp C:\windows\system32\DRIVERS\PTUMLCVsp.sys
08:40:28.0793 5496 PTUMLCVsp - ok
08:40:28.0803 5496 [ 9c4c803303cf7925428f47f105eb3c7d ] PTUMLMdm C:\windows\system32\DRIVERS\PTUMLMdm.sys
08:40:28.0803 5496 PTUMLMdm - ok
08:40:28.0853 5496 [ 37a2edaae9ea541a4003c649228bda8e ] PTUMLNET61 C:\windows\system32\DRIVERS\PTUMLNET61.sys
08:40:28.0853 5496 PTUMLNET61 - ok
08:40:28.0873 5496 [ f73d363a9a0b133c341dd2846462f1e4 ] PTUMLNVsp C:\windows\system32\DRIVERS\PTUMLNVsp.sys
08:40:28.0883 5496 PTUMLNVsp - ok
08:40:28.0893 5496 [ c1bb630a463b82c8d7a2ef698b60da55 ] PTUMLRMNET C:\windows\system32\DRIVERS\PTUMLRMNET.sys
08:40:28.0893 5496 PTUMLRMNET - ok
08:40:28.0903 5496 [ 6937ca020b9e0183420c8ec4f183f749 ] PTUMLVsp C:\windows\system32\DRIVERS\PTUMLVsp.sys
08:40:28.0903 5496 PTUMLVsp - ok
08:40:28.0963 5496 [ ab95ecf1f6659a60ddc166d8315b0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
08:40:28.0993 5496 ql2300 - ok
08:40:29.0023 5496 [ b4dd51dd25182244b86737dc51af2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
08:40:29.0033 5496 ql40xx - ok
08:40:29.0053 5496 [ 31ac809e7707eb580b2bdb760390765a ] QWAVE C:\windows\system32\qwave.dll
08:40:29.0063 5496 QWAVE - ok
08:40:29.0093 5496 [ 584078ca1b95ca72df2a27c336f9719d ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:40:29.0103 5496 QWAVEdrv - ok
08:40:29.0113 5496 [ 30a81b53c766d0133bb86d234e5556ab ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:40:29.0113 5496 RasAcd - ok
08:40:29.0133 5496 [ 57ec4aef73660166074d8f7f31c0d4fd ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:40:29.0143 5496 RasAgileVpn - ok
08:40:29.0163 5496 [ a60f1839849c0c00739787fd5ec03f13 ] RasAuto C:\windows\System32\rasauto.dll
08:40:29.0163 5496 RasAuto - ok
08:40:29.0183 5496 [ d9f91eafec2815365cbe6d167e4e332a ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:40:29.0193 5496 Rasl2tp - ok
08:40:29.0213 5496 [ 0ce66ec736b7fc526d78f7624c7d2a94 ] RasMan C:\windows\System32\rasmans.dll
08:40:29.0223 5496 RasMan - ok
08:40:29.0253 5496 [ 0fe8b15916307a6ac12bfb6a63e45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:40:29.0253 5496 RasPppoe - ok
08:40:29.0273 5496 [ 44101f495a83ea6401d886e7fd70096b ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:40:29.0273 5496 RasSstp - ok
08:40:29.0293 5496 [ 835d7e81bf517a3b72384bdcc85e1ce6 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:40:29.0293 5496 rdbss - ok
08:40:29.0313 5496 [ 0d8f05481cb76e70e1da06ee9f0da9df ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
08:40:29.0313 5496 rdpbus - ok
08:40:29.0333 5496 [ 1e016846895b15a99f9a176a05029075 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:40:29.0333 5496 RDPCDD - ok
08:40:29.0373 5496 [ 5a53ca1598dd4156d44196d200c94b8a ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:40:29.0373 5496 RDPENCDD - ok
08:40:29.0413 5496 [ 44b0a53cd4f27d50ed461dae0c0b4e1f ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:40:29.0413 5496 RDPREFMP - ok
08:40:29.0443 5496 [ 801371ba9782282892d00aadb08ee367 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:40:29.0453 5496 RDPWD - ok
08:40:29.0473 5496 [ 4ea225bf1cf05e158853f30a99ca29a7 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:40:29.0473 5496 rdyboost - ok
08:40:29.0523 5496 [ 7b5e1419717fac363a31cc302895217a ] RemoteAccess C:\windows\System32\mprdim.dll
08:40:29.0523 5496 RemoteAccess - ok
08:40:29.0573 5496 [ cb9a8683f4ef2bf99e123d79950d7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:40:29.0573 5496 RemoteRegistry - ok
08:40:29.0613 5496 [ 78d072f35bc45d9e4e1b61895c152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:40:29.0613 5496 RpcEptMapper - ok
08:40:29.0673 5496 [ 94d36c0e44677dd26981d2bfeef2a29d ] RpcLocator C:\windows\system32\locator.exe
08:40:29.0983 5496 RpcLocator - ok
08:40:30.0043 5496 [ b82cd39e336973359d7c9bf911e8e84f ] RpcSs C:\windows\system32\rpcss.dll
08:40:30.0043 5496 RpcSs - ok
08:40:30.0073 5496 [ 032b0d36ad92b582d869879f5af5b928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:40:30.0073 5496 rspndr - ok
08:40:30.0513 5496 [ ef8b2afc3c0751c5e5a59983c8893260 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
08:40:30.0513 5496 RSUSBSTOR - ok
08:40:30.0563 5496 [ 5283b9a27ff230f2ff70d92451ff409a ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
08:40:30.0573 5496 RTL8167 - ok
08:40:30.0623 5496 [ 8318f8c273f0e5dd8fee394b7b9d910b ] RTL8187Se C:\windows\system32\DRIVERS\RTL8187Se.sys
08:40:30.0623 5496 RTL8187Se - ok
08:40:30.0633 5496 RtsUIR - ok
08:40:30.0653 5496 [ f42309c4191c506b71db5d1126d26318 ] SamSs C:\windows\system32\lsass.exe
08:40:30.0653 5496 SamSs - ok
08:40:30.0673 5496 [ 34ee0c44b724e3e4ce2eff29126de5b5 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
08:40:30.0683 5496 sbp2port - ok
08:40:30.0713 5496 [ 8fc518ffe9519c2631d37515a68009c4 ] SCardSvr C:\windows\System32\SCardSvr.dll
08:40:30.0723 5496 SCardSvr - ok
08:40:30.0723 5496 [ a95c54b2ac3cc9c73fcdf9e51a1d6b51 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:40:30.0733 5496 scfilter - ok
08:40:30.0783 5496 [ df1e5c82e4d09cf8105cc644980c4803 ] Schedule C:\windows\system32\schedsvc.dll
08:40:30.0803 5496 Schedule - ok
08:40:30.0833 5496 [ 628a9e30ec5e18dd5de6be4dbdc12198 ] SCPolicySvc C:\windows\System32\certprop.dll
08:40:30.0833 5496 SCPolicySvc - ok
08:40:30.0853 5496 [ 5fd90abdbfaee85986802622cbb03446 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:40:30.0863 5496 SDRSVC - ok
08:40:30.0873 5496 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:40:30.0873 5496 secdrv - ok
08:40:30.0883 5496 [ a59b3a4442c52060cc7a85293aa3546f ] seclogon C:\windows\system32\seclogon.dll
08:40:30.0883 5496 seclogon - ok
08:40:30.0913 5496 [ dcb7fcdcc97f87360f75d77425b81737 ] SENS C:\windows\System32\sens.dll
08:40:30.0923 5496 SENS - ok
08:40:30.0933 5496 [ 50087fe1ee447009c9cc2997b90de53f ] SensrSvc C:\windows\system32\sensrsvc.dll
08:40:30.0933 5496 SensrSvc - ok
08:40:30.0953 5496 [ 9ad8b8b515e3df6acd4212ef465de2d1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
08:40:30.0953 5496 Serenum - ok
08:40:30.0983 5496 [ 5fb7fcea0490d821f26f39cc5ea3d1e2 ] Serial C:\windows\system32\DRIVERS\serial.sys
08:40:30.0983 5496 Serial - ok
08:40:31.0003 5496 [ 79bffb520327ff916a582dfea17aa813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
08:40:31.0003 5496 sermouse - ok
08:40:31.0043 5496 [ 8f55ce568c543d5adf45c409d16718fc ] SessionEnv C:\windows\system32\sessenv.dll
08:40:31.0053 5496 SessionEnv - ok
08:40:31.0073 5496 [ 9f976e1eb233df46fce808d9dea3eb9c ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:40:31.0073 5496 sffdisk - ok
08:40:31.0113 5496 [ 932a68ee27833cfd57c1639d375f2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:40:31.0113 5496 sffp_mmc - ok
08:40:31.0123 5496 [ a0708bbd07d245c06ff9de549ca47185 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:40:31.0123 5496 sffp_sd - ok
08:40:31.0153 5496 [ db96666cc8312ebc45032f30b007a547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
08:40:31.0153 5496 sfloppy - ok
08:40:31.0203 5496 [ cd2e48fa5b29ee2b3b5858056d246ef2 ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:40:31.0213 5496 ShellHWDetection - ok
08:40:31.0223 5496 [ 2565cac0dc9fe0371bdce60832582b2e ] sisagp C:\windows\system32\DRIVERS\sisagp.sys
08:40:31.0233 5496 sisagp - ok
08:40:31.0253 5496 [ a9f0486851becb6dda1d89d381e71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
08:40:31.0253 5496 SiSRaid2 - ok
08:40:31.0273 5496 [ 3727097b55738e2f554972c3be5bc1aa ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
08:40:31.0273 5496 SiSRaid4 - ok
08:40:31.0303 5496 [ 3e21c083b8a01cb70ba1f09303010fce ] Smb C:\windows\system32\DRIVERS\smb.sys
08:40:31.0303 5496 Smb - ok
08:40:31.0333 5496 [ 6a984831644eca1a33ffeae4126f4f37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:40:31.0333 5496 SNMPTRAP - ok
08:40:31.0353 5496 [ 95cf1ae7527fb70f7816563cbc09d942 ] spldr C:\windows\system32\drivers\spldr.sys
08:40:31.0353 5496 spldr - ok
08:40:31.0383 5496 [ d1bb750eb51694de183e08b9c33be5b2 ] Spooler C:\windows\System32\spoolsv.exe
08:40:31.0383 5496 Spooler - ok
08:40:31.0473 5496 [ 4c287f9069fedbd791178876ee9de536 ] sppsvc C:\windows\system32\sppsvc.exe
08:40:31.0573 5496 sppsvc - ok
08:40:31.0593 5496 [ d8e3e19eebdab49dd4a8d3062ead4ec7 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:40:31.0593 5496 sppuinotify - ok
08:40:31.0653 5496 [ d15da1ba189770d93eea2d7e18f95af9 ] sptd C:\windows\system32\Drivers\sptd.sys
08:40:31.0653 5496 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
08:40:31.0673 5496 sptd ( LockedFile.Multi.Generic ) - warning
08:40:31.0673 5496 sptd - detected LockedFile.Multi.Generic (1)
08:40:31.0733 5496 [ e81f6caeab9ad5732e94c07c97866aa2 ] SRTSP C:\windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS
08:40:31.0743 5496 SRTSP - ok
08:40:31.0783 5496 [ e28de499d942b08058bffac69d4122b6 ] SRTSPX C:\windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS
08:40:31.0783 5496 SRTSPX - ok
08:40:31.0833 5496 [ c4a027b8c0bd3fc0699f41fa5e9e0c87 ] srv C:\windows\system32\DRIVERS\srv.sys
08:40:31.0833 5496 srv - ok
08:40:31.0853 5496 [ 414bb592cad8a79649d01f9d94318fb3 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:40:31.0863 5496 srv2 - ok
08:40:31.0914 5496 [ ff207d67700aa18242aaf985d3e7d8f4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:40:31.0914 5496 srvnet - ok
08:40:31.0944 5496 [ d5dffeaa1e15d4effabb9d9a3068ac5b ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
08:40:31.0954 5496 sscdbus - ok
08:40:31.0964 5496 [ 8a1be0c347814f482f493aea619d57f6 ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
08:40:31.0974 5496 sscdmdfl - ok
08:40:31.0994 5496 [ 5ab0b1987f682a59b15b78f84c6ad7d0 ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
08:40:32.0004 5496 sscdmdm - ok
08:40:32.0024 5496 [ 751e66eb32efa80633b80f5d7ff0a1d8 ] sscdserd C:\windows\system32\DRIVERS\sscdserd.sys
08:40:32.0024 5496 sscdserd - ok
08:40:32.0064 5496 [ d887c9fd02ac9fa880f6e5027a43e118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:40:32.0074 5496 SSDPSRV - ok
08:40:32.0094 5496 [ d318f23be45d5e3a107469eb64815b50 ] SstpSvc C:\windows\system32\sstpsvc.dll
08:40:32.0094 5496 SstpSvc - ok
08:40:32.0134 5496 [ db32d325c192b801df274bfd12a7e72b ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
08:40:32.0134 5496 stexstor - ok
08:40:32.0164 5496 [ a22825e7bb7018e8af3e229a5af17221 ] StiSvc C:\windows\System32\wiaservc.dll
08:40:32.0184 5496 StiSvc - ok
08:40:32.0204 5496 [ e58c78a848add9610a4db6d214af5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
08:40:32.0204 5496 swenum - ok
08:40:32.0234 5496 [ a28bd92df340e57b024ba433165d34d7 ] swprv C:\windows\System32\swprv.dll
08:40:32.0244 5496 swprv - ok
08:40:32.0264 5496 [ d0885f6e24259a6c65e68d6ad749910a ] SymEFA C:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS
08:40:32.0274 5496 SymEFA - ok
08:40:32.0294 5496 [ 1e825026436c4eac3e1a11d1e9c33f2c ] SYMFW C:\windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS
08:40:32.0304 5496 SYMFW - ok
08:40:32.0324 5496 [ 34f1c9d5dcc19df1e824d6b73767b8af ] SymIM C:\windows\system32\DRIVERS\SymIMv.sys
08:40:32.0324 5496 SymIM - ok
08:40:32.0344 5496 [ dcbf73da96cce94933c8cc6eded3c98b ] SYMNDISV C:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
08:40:32.0344 5496 SYMNDISV - ok
08:40:32.0364 5496 [ e4fa8bbb96e314e9508865de1a767538 ] SYMTDI C:\windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
08:40:32.0364 5496 SYMTDI - ok
08:40:32.0404 5496 [ 70534d1e4f9ac990536d5fb5b550b3de ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:40:32.0404 5496 SynTP - ok
08:40:32.0464 5496 [ 04105c8da62353589c29bdaeb8d88bd8 ] SysMain C:\windows\system32\sysmain.dll
08:40:32.0504 5496 SysMain - ok
08:40:32.0544 5496 [ 0e4bb35c5305099ac82053ac992e3e0e ] SysTool C:\windows\system32\DRIVERS\SysTool.sys
08:40:32.0544 5496 SysTool - ok
08:40:32.0564 5496 [ fcfb6c552fbc0da299799cbd50ad9fd4 ] TabletInputService C:\windows\System32\TabSvc.dll
08:40:32.0564 5496 TabletInputService - ok
08:40:32.0614 5496 [ 2f46b0c70a4adc8c90cf825da3b4feaf ] TapiSrv C:\windows\System32\tapisrv.dll
08:40:32.0614 5496 TapiSrv - ok
08:40:32.0624 5496 [ b799d9fdb26111737f58288d8dc172d9 ] TBS C:\windows\System32\tbssvc.dll
08:40:32.0634 5496 TBS - ok
08:40:32.0704 5496 [ c2daaeb48f3a47c410b041a0d2382ee1 ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:40:32.0734 5496 Tcpip - ok
08:40:32.0794 5496 [ c2daaeb48f3a47c410b041a0d2382ee1 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:40:32.0804 5496 TCPIP6 - ok
08:40:32.0854 5496 [ e64444523add154f86567c469bc0b17f ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:40:32.0854 5496 tcpipreg - ok
08:40:32.0914 5496 [ 4084ea00d50c858d6f9038f86ae2e2d0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:40:32.0914 5496 tdcmdpst - ok
08:40:32.0934 5496 [ 1875c1490d99e70e449e3afae9fcbadf ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:40:32.0934 5496 TDPIPE - ok
08:40:32.0954 5496 [ 7551e91ea999ee9a8e9c331d5a9c31f3 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:40:32.0954 5496 TDTCP - ok
08:40:32.0984 5496 [ cb39e896a2a83702d1737bfd402b3542 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:40:32.0984 5496 tdx - ok
08:40:33.0024 5496 [ c36f41ee20e6999dbf4b0425963268a5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
08:40:33.0024 5496 TermDD - ok
08:40:33.0054 5496 [ a01e50a04d7b1960b33e92b9080e6a94 ] TermService C:\windows\System32\termsrv.dll
08:40:33.0074 5496 TermService - ok
08:40:33.0104 5496 [ 42fb6afd6b79d9fe07381609172e7ca4 ] Themes C:\windows\system32\themeservice.dll
08:40:33.0114 5496 Themes - ok
08:40:33.0154 5496 [ 146b6f43a673379a3c670e86d89be5ea ] THREADORDER C:\windows\system32\mmcss.dll
08:40:33.0154 5496 THREADORDER - ok
08:40:33.0214 5496 [ f120967184a27e927052e8ddbb727851 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:40:33.0214 5496 TMachInfo - ok
08:40:33.0244 5496 [ fe65d33b7d4ff07dd1d29526a48df810 ] TODDSrv C:\Windows\system32\TODDSrv.exe
08:40:33.0254 5496 TODDSrv - ok
08:40:33.0294 5496 [ 66c35016e01746715f8f606a9f081bf9 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:40:33.0314 5496 TosCoSrv - ok
08:40:33.0344 5496 [ 0b5fa26e0c8a8e07a6df3df4e5711da8 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:40:33.0344 5496 TOSHIBA eco Utility Service - ok
08:40:33.0374 5496 [ 67c1da40d78c92622081a3e780c926b2 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:40:33.0384 5496 TOSHIBA HDD SSD Alert Service - ok
08:40:33.0414 5496 [ 969377943fe7284609babbab4e06b93c ] tos_sps32 C:\windows\system32\DRIVERS\tos_sps32.sys
08:40:33.0414 5496 tos_sps32 - ok
08:40:33.0454 5496 [ 31d2881b0647f2b09b118b9b50c02888 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:40:33.0474 5496 TPCHSrv - ok
08:40:33.0514 5496 [ 4792c0378db99a9bc2ae2de6cfff0c3a ] TrkWks C:\windows\System32\trkwks.dll
08:40:33.0524 5496 TrkWks - ok
08:40:33.0564 5496 [ 41a4c781d2286208d397d72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:40:33.0574 5496 TrustedInstaller - ok
08:40:33.0604 5496 [ 98ae6fa07d12cb4ec5cf4a9bfa5f4242 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:40:33.0604 5496 tssecsrv - ok
08:40:33.0634 5496 [ 3e461d890a97f9d4c168f5fda36e1d00 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:40:33.0634 5496 tunnel - ok
08:40:33.0674 5496 [ fc24015b4052600c324c43e3a79c0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:40:33.0674 5496 TVALZ - ok
08:40:33.0704 5496 [ 866462f5ae3f375ef83ef9dce436031c ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:40:33.0704 5496 TVALZFL - ok
08:40:33.0724 5496 [ 750fbcb269f4d7dd2e420c56b795db6d ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
08:40:33.0724 5496 uagp35 - ok
08:40:33.0754 5496 [ 09cc3e16f8e5ee7168e01cf8fcbe061a ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:40:33.0754 5496 udfs - ok
08:40:33.0804 5496 [ 8344fd4fce927880aa1aa7681d4927e5 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:40:33.0804 5496 UI0Detect - ok
08:40:33.0824 5496 [ 44e8048ace47befbfdc2e9be4cbc8880 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
08:40:33.0834 5496 uliagpkx - ok
08:40:33.0854 5496 [ 049b3a50b3d646baeeee9eec9b0668dc ] umbus C:\windows\system32\DRIVERS\umbus.sys
08:40:33.0854 5496 umbus - ok
08:40:33.0874 5496 [ 7550ad0c6998ba1cb4843e920ee0feac ] UmPass C:\windows\system32\DRIVERS\umpass.sys
08:40:33.0874 5496 UmPass - ok
08:40:33.0894 5496 [ 833fbb672460efce8011d262175fad33 ] upnphost C:\windows\System32\upnphost.dll
08:40:33.0904 5496 upnphost - ok
08:40:33.0934 5496 [ 5c2bdc152bbab34f36473deaf7713f22 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
08:40:33.0934 5496 USBAAPL - ok
08:40:33.0964 5496 [ 2436a42aab4ad48a9b714e5b0f344627 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
08:40:33.0964 5496 usbaudio - ok
08:40:34.0014 5496 [ c31ae588e403042632dc796cf09e30b0 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:40:34.0014 5496 usbccgp - ok
08:40:34.0014 5496 USBCCID - ok
08:40:34.0044 5496 [ 04ec7cec62ec3b6d9354eee93327fc82 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
08:40:34.0044 5496 usbcir - ok
08:40:34.0084 5496 [ e4c436d914768ce965d5e659ba7eebd8 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
08:40:34.0084 5496 usbehci - ok
08:40:34.0104 5496 [ bdcd7156ec37448f08633fd899823620 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:40:34.0114 5496 usbhub - ok
08:40:34.0124 5496 [ eb2d819a639015253c871cda09d91d58 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
08:40:34.0134 5496 usbohci - ok
08:40:34.0154 5496 [ 797d862fe0875e75c7cc4c1ad7b30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
08:40:34.0154 5496 usbprint - ok
08:40:34.0204 5496 [ 1c4287739a93594e57e2a9e6a3ed7353 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:40:34.0204 5496 USBSTOR - ok
08:40:34.0224 5496 [ 22480bf4e5a09192e5e30ba4dde79fa4 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:40:34.0224 5496 usbuhci - ok
08:40:34.0254 5496 [ b5f6a992d996282b7fae7048e50af83a ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
08:40:34.0254 5496 usbvideo - ok
08:40:34.0284 5496 [ 081e6e1c91aec36758902a9f727cd23c ] UxSms C:\windows\System32\uxsms.dll
08:40:34.0284 5496 UxSms - ok
08:40:34.0304 5496 [ f42309c4191c506b71db5d1126d26318 ] VaultSvc C:\windows\system32\lsass.exe
08:40:34.0304 5496 VaultSvc - ok
08:40:34.0314 5496 [ a059c4c3edb09e07d21a8e5c0aabd3cb ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
08:40:34.0314 5496 vdrvroot - ok
08:40:34.0354 5496 [ 8c4e7c49d3641bc9e299e466a7f8867d ] vds C:\windows\System32\vds.exe
08:40:34.0374 5496 vds - ok
08:40:34.0404 5496 [ 17c408214ea61696cec9c66e388b14f3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:40:34.0404 5496 vga - ok
08:40:34.0424 5496 [ 8e38096ad5c8570a6f1570a61e251561 ] VgaSave C:\windows\System32\drivers\vga.sys
08:40:34.0424 5496 VgaSave - ok
08:40:34.0454 5496 [ 3be6e1f3a4f1afec8cee0d7883f93583 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
08:40:34.0464 5496 vhdmp - ok
08:40:34.0484 5496 [ c829317a37b4bea8f39735d4b076e923 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys
08:40:34.0484 5496 viaagp - ok
08:40:34.0494 5496 [ e02f079a6aa107f06b16549c6e5c7b74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
08:40:34.0494 5496 ViaC7 - ok
08:40:34.0524 5496 [ e43574f6a56a0ee11809b48c09e4fd3c ] viaide C:\windows\system32\DRIVERS\viaide.sys
08:40:34.0524 5496 viaide - ok
08:40:34.0554 5496 [ 384e5a2aa49934295171e499f86ba6f3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
08:40:34.0564 5496 volmgr - ok
08:40:34.0584 5496 [ b5bb72067ddddbbfb04b2f89ff8c3c87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:40:34.0584 5496 volmgrx - ok
08:40:34.0624 5496 [ 58df9d2481a56edde167e51b334d44fd ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
08:40:34.0624 5496 volsnap - ok
08:40:34.0644 5496 [ 9dfa0cc2f8855a04816729651175b631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
08:40:34.0654 5496 vsmraid - ok
08:40:34.0704 5496 [ 7ea2bcd94d9cfaf4c556f5cc94532a6c ] VSS C:\windows\system32\vssvc.exe
08:40:34.0734 5496 VSS - ok
08:40:34.0764 5496 [ 90567b1e658001e79d7c8bbd3dde5aa6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:40:34.0764 5496 vwifibus - ok
08:40:34.0794 5496 [ 7090d3436eeb4e7da3373090a23448f7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:40:34.0794 5496 vwififlt - ok
08:40:34.0814 5496 [ a3f04cbea6c2a10e6cb01f8b47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:40:34.0814 5496 vwifimp - ok
08:40:34.0884 5496 [ d22c6b9c2f840d403fd387ad207a4b16 ] VX1000 C:\windows\system32\DRIVERS\VX1000.sys
08:40:34.0924 5496 VX1000 - ok
08:40:34.0974 5496 [ 55187fd710e27d5095d10a472c8baf1c ] W32Time C:\windows\system32\w32time.dll
08:40:34.0974 5496 W32Time - ok
08:40:35.0014 5496 [ de3721e89c653aa281428c8a69745d90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
08:40:35.0024 5496 WacomPen - ok
08:40:35.0034 5496 [ 692a712062146e96d28ba0b7d75de31b ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:40:35.0034 5496 WANARP - ok
08:40:35.0044 5496 [ 692a712062146e96d28ba0b7d75de31b ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:40:35.0044 5496 Wanarpv6 - ok
08:40:35.0104 5496 [ 7790b77fe1e5ee47dcc66247095bb4c9 ] wbengine C:\windows\system32\wbengine.exe
08:40:35.0134 5496 wbengine - ok
08:40:35.0184 5496 [ 9614b5d29dc76ac3c29f6d2d3aa70e67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:40:35.0184 5496 WbioSrvc - ok
08:40:35.0224 5496 [ 6d9b75275c3e3a5f51aef81affadb2b6 ] wcncsvc C:\windows\System32\wcncsvc.dll
08:40:35.0234 5496 wcncsvc - ok
08:40:35.0244 5496 [ 5d930b6357a6d2af4d7653bdabbf352f ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:40:35.0244 5496 WcsPlugInService - ok
08:40:35.0284 5496 [ 1112a9badacb47b7c0bb0392e3158dff ] Wd C:\windows\system32\DRIVERS\wd.sys
08:40:35.0284 5496 Wd - ok
08:40:35.0314 5496 [ 9950e3d0f08141c7e89e64456ae7dc73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:40:35.0324 5496 Wdf01000 - ok
08:40:35.0364 5496 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiServiceHost C:\windows\system32\wdi.dll
08:40:35.0364 5496 WdiServiceHost - ok
08:40:35.0374 5496 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiSystemHost C:\windows\system32\wdi.dll
08:40:35.0374 5496 WdiSystemHost - ok
08:40:35.0424 5496 [ bb5ec38f8d4600119b4720bc5d4211f1 ] WebClient C:\windows\System32\webclnt.dll
08:40:35.0434 5496 WebClient - ok
08:40:35.0454 5496 [ 760f0afe937a77cff27153206534f275 ] Wecsvc C:\windows\system32\wecsvc.dll
08:40:35.0464 5496 Wecsvc - ok
08:40:35.0524 5496 [ ac804569bb2364fb6017370258a4091b ] wercplsupport C:\windows\System32\wercplsupport.dll
08:40:35.0524 5496 wercplsupport - ok
08:40:35.0534 5496 [ 08e420d873e4fd85241ee2421b02c4a4 ] WerSvc C:\windows\System32\WerSvc.dll
08:40:35.0534 5496 WerSvc - ok
08:40:35.0575 5496 [ 8b9a943f3b53861f2bfaf6c186168f79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:40:35.0577 5496 WfpLwf - ok
08:40:35.0599 5496 [ 5cf95b35e59e2a38023836fff31be64c ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:40:35.0600 5496 WIMMount - ok
08:40:35.0616 5496 WinHttpAutoProxySvc - ok
08:40:35.0696 5496 [ f62e510b6ad4c21eb9fe8668ed251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:40:35.0696 5496 Winmgmt - ok
08:40:35.0756 5496 [ c4f5d3901d1b41d602ddc196e0b95b51 ] WinRM C:\windows\system32\WsmSvc.dll
08:40:35.0796 5496 WinRM - ok
08:40:35.0886 5496 [ 30fc6e5448d0cbaaa95280eeef7fedae ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
08:40:35.0886 5496 WinUsb - ok
08:40:35.0936 5496 [ 16935c98ff639d185086a3529b1f2067 ] Wlansvc C:\windows\System32\wlansvc.dll
08:40:35.0956 5496 Wlansvc - ok
08:40:36.0106 5496 [ 0a70f4022ec2e14c159efc4f69aa2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:40:36.0156 5496 wlidsvc - ok
08:40:36.0206 5496 [ 0217679b8fca58714c3bf2726d2ca84e ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
08:40:36.0206 5496 WmiAcpi - ok
08:40:36.0276 5496 [ 6eb6b66517b048d87dc1856ddf1f4c3f ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:40:36.0286 5496 wmiApSrv - ok
08:40:36.0456 5496 [ 77fbd400984cf72ba0fc4b3489d65f74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:40:36.0486 5496 WMPNetworkSvc - ok
08:40:36.0536 5496 [ a2f0ec770a92f2b3f9de6d518e11409c ] WPCSvc C:\windows\System32\wpcsvc.dll
08:40:36.0536 5496 WPCSvc - ok
08:40:36.0576 5496 [ b7f658a2ebc07129538ad9ab35212637 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:40:36.0576 5496 WPDBusEnum - ok
08:40:36.0616 5496 [ 6db3276587b853bf886b69528fdb048c ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:40:36.0616 5496 ws2ifsl - ok
08:40:36.0676 5496 [ 553f6ccd7c58eb98d4a8fbdaf283d7a9 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
08:40:36.0676 5496 WSDPrintDevice - ok
08:40:36.0686 5496 WSearch - ok
08:40:36.0716 5496 [ 6f9b6c0c93232cff47d0f72d6db1d21e ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:40:36.0726 5496 WudfPf - ok
08:40:36.0736 5496 [ f91ff1e51fca30b3c3981db7d5924252 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:40:36.0736 5496 WUDFRd - ok
08:40:36.0756 5496 [ ddee3682fe97037c45f4d7ab467cb8b6 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:40:36.0776 5496 wudfsvc - ok
08:40:36.0806 5496 [ ff2d745b560f7c71b31f30f4d49f73d2 ] WwanSvc C:\windows\System32\wwansvc.dll
08:40:36.0806 5496 WwanSvc - ok
08:40:36.0816 5496 XDva385 - ok
08:40:36.0826 5496 XDva386 - ok
08:40:36.0886 5496 XDva387 - ok
08:40:36.0916 5496 XDva388 - ok
08:40:36.0976 5496 ================ Scan global ===============================
08:40:37.0026 5496 (9a595df601070da78c40481120dd2c06) C:\windows\system32\basesrv.dll
08:40:37.0076 5496 (008f51ae989c3df1cbaf8b39dc423ccc) C:\windows\system32\winsrv.dll
08:40:37.0086 5496 (008f51ae989c3df1cbaf8b39dc423ccc) C:\windows\system32\winsrv.dll
08:40:37.0126 5496 (364455805e64882844ee9acb72522830) C:\windows\system32\sxssrv.dll
08:40:37.0156 5496 (5f1b6a9c35d3d5ca72d6d6fdef9747d6) C:\windows\system32\services.exe
08:40:37.0156 5496 [Global] - ok
08:40:37.0156 5496 ================ Scan MBR ==================================
08:40:37.0176 5496 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
08:40:37.0176 5496 Suspicious mbr (Forged): \Device\Harddisk0\DR0
08:40:37.0236 5496 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
08:40:37.0236 5496 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
08:40:37.0236 5496 ================ Scan VBR ==================================
08:40:37.0246 5496 Boot (0x1200) (5d23c7fb3ae2f4e4543dcf7c11664442) \Device\Harddisk0\DR0\Partition1
08:40:37.0256 5496 \Device\Harddisk0\DR0\Partition1 - ok
08:40:37.0256 5496 ============================================================
08:40:37.0256 5496 Scan finished
08:40:37.0256 5496 ============================================================
08:40:37.0266 4468 Detected object count: 2
08:40:37.0266 4468 Actual detected object count: 2
08:41:03.0084 4468 sptd ( LockedFile.Multi.Generic ) - skipped by user
08:41:03.0084 4468 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
08:41:04.0034 4468 \Device\Harddisk0\DR0\# - copied to quarantine
08:41:04.0034 4468 \Device\Harddisk0\DR0 - copied to quarantine
08:41:04.0084 4468 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:41:04.0084 4468 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:41:04.0104 4468 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:41:04.0114 4468 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:41:04.0114 4468 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
08:41:04.0124 4468 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
08:41:04.0144 4468 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:41:04.0164 4468 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:41:04.0164 4468 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:41:04.0164 4468 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:41:04.0164 4468 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:41:04.0174 4468 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:41:04.0174 4468 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:41:04.0174 4468 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:41:04.0204 4468 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
08:41:04.0214 4468 \Device\Harddisk0\DR0 - ok
08:41:04.0995 4468 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
08:41:10.0930 4136 Deinitialize success




16:23:08.0694 1540 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:23:09.0069 1540 ============================================================
16:23:09.0069 1540 Current date / time: 2012/08/27 16:23:09.0069
16:23:09.0069 1540 SystemInfo:
16:23:09.0069 1540
16:23:09.0069 1540 OS Version: 6.1.7600 ServicePack: 0.0
16:23:09.0069 1540 Product type: Workstation
16:23:09.0069 1540 ComputerName: JOSH-PC
16:23:09.0069 1540 UserName: Stunna
16:23:09.0069 1540 Windows directory: C:\windows
16:23:09.0069 1540 System windows directory: C:\windows
16:23:09.0069 1540 Processor architecture: Intel x86
16:23:09.0069 1540 Number of processors: 2
16:23:09.0069 1540 Page size: 0x1000
16:23:09.0069 1540 Boot type: Normal boot
16:23:09.0069 1540 ============================================================
16:23:10.0660 1540 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:23:10.0660 1540 ============================================================
16:23:10.0660 1540 \Device\Harddisk0\DR0:
16:23:10.0660 1540 MBR partitions:
16:23:10.0660 1540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2416A000
16:23:10.0660 1540 ============================================================
16:23:10.0707 1540 C: <-> \Device\Harddisk0\DR0\Partition1
16:23:10.0707 1540 ============================================================
16:23:10.0707 1540 Initialize success
16:23:10.0707 1540 ============================================================
16:23:12.0220 2416 ============================================================
16:23:12.0220 2416 Scan started
16:23:12.0220 2416 Mode: Manual;
16:23:12.0220 2416 ============================================================
16:23:14.0451 2416 ================ Scan system memory ========================
16:23:14.0451 2416 System memory - ok
16:23:14.0466 2416 ================ Scan services =============================
16:23:14.0685 2416 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
16:23:14.0685 2416 1394ohci - ok
16:23:14.0716 2416 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
16:23:14.0716 2416 ACPI - ok
16:23:14.0731 2416 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
16:23:14.0731 2416 AcpiPmi - ok
16:23:14.0809 2416 [ 4AE327C9C375D985FF2A2AAB92765218 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:23:14.0825 2416 Adobe LM Service - ok
16:23:14.0950 2416 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:23:14.0950 2416 AdobeARMservice - ok
16:23:15.0106 2416 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:23:15.0121 2416 AdobeFlashPlayerUpdateSvc - ok
16:23:15.0168 2416 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:23:15.0184 2416 adp94xx - ok
16:23:15.0215 2416 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:23:15.0231 2416 adpahci - ok
16:23:15.0246 2416 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:23:15.0262 2416 adpu320 - ok
16:23:15.0340 2416 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:23:15.0340 2416 AeLookupSvc - ok
16:23:15.0402 2416 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\windows\system32\drivers\afd.sys
16:23:15.0418 2416 AFD - ok
16:23:15.0465 2416 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
16:23:15.0496 2416 AgereSoftModem - ok
16:23:15.0511 2416 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\DRIVERS\agp440.sys
16:23:15.0527 2416 agp440 - ok
16:23:15.0543 2416 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:23:15.0543 2416 aic78xx - ok
16:23:15.0558 2416 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:23:15.0558 2416 ALG - ok
16:23:15.0574 2416 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\DRIVERS\aliide.sys
16:23:15.0574 2416 aliide - ok
16:23:15.0622 2416 [ 0BC6704F6FB4C63CDCB85401E8263A1B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:23:15.0622 2416 AMD External Events Utility - ok
16:23:15.0715 2416 AMD FUEL Service - ok
16:23:15.0746 2416 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\DRIVERS\amdagp.sys
16:23:15.0746 2416 amdagp - ok
16:23:15.0778 2416 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\DRIVERS\amdide.sys
16:23:15.0778 2416 amdide - ok
16:23:15.0840 2416 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\windows\system32\DRIVERS\amdiox86.sys
16:23:15.0840 2416 amdiox86 - ok
16:23:15.0856 2416 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:23:15.0856 2416 AmdK8 - ok
16:23:16.0043 2416 [ C97BE8350FBCB1960B22FAD2E6C2B514 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:23:16.0168 2416 amdkmdag - ok
16:23:16.0214 2416 [ C9B705FF53B15DD71F6A4D4F45396EDD ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
16:23:16.0214 2416 amdkmdap - ok
16:23:16.0246 2416 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:23:16.0246 2416 AmdPPM - ok
16:23:16.0292 2416 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:23:16.0292 2416 amdsata - ok
16:23:16.0324 2416 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:23:16.0324 2416 amdsbs - ok
16:23:16.0339 2416 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:23:16.0355 2416 amdxata - ok
16:23:16.0370 2416 [ DB0FEB51DFA00543BF381D2014550FA3 ] androidusb C:\windows\system32\Drivers\androidusb.sys
16:23:16.0386 2416 androidusb - ok
16:23:16.0433 2416 [ 62B03AFE5CC83BACF064848DAA295D9C ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
16:23:16.0448 2416 AODDriver4.01 - ok
16:23:16.0464 2416 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\windows\system32\drivers\appid.sys
16:23:16.0464 2416 AppID - ok
16:23:16.0480 2416 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:23:16.0480 2416 AppIDSvc - ok
16:23:16.0511 2416 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\windows\System32\appinfo.dll
16:23:16.0511 2416 Appinfo - ok
16:23:16.0573 2416 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:23:16.0573 2416 Apple Mobile Device - ok
16:23:16.0667 2416 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:23:16.0667 2416 arc - ok
16:23:16.0698 2416 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:23:16.0698 2416 arcsas - ok
16:23:16.0823 2416 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:23:16.0823 2416 aspnet_state - ok
16:23:16.0838 2416 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:23:16.0838 2416 AsyncMac - ok
16:23:16.0870 2416 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\DRIVERS\atapi.sys
16:23:16.0870 2416 atapi - ok
16:23:16.0963 2416 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\windows\system32\DRIVERS\athr.sys
16:23:17.0010 2416 athr - ok
16:23:17.0166 2416 [ C97BE8350FBCB1960B22FAD2E6C2B514 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:23:17.0197 2416 atikmdag - ok
16:23:17.0228 2416 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
16:23:17.0228 2416 AtiPcie - ok
16:23:17.0291 2416 [ 0E4BB35C5305099AC82053AC992E3E0E ] ATITool C:\windows\system32\DRIVERS\ATITool.sys
16:23:17.0291 2416 ATITool - ok
16:23:17.0338 2416 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:23:17.0369 2416 AudioEndpointBuilder - ok
16:23:17.0384 2416 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:23:17.0384 2416 Audiosrv - ok
16:23:17.0416 2416 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:23:17.0416 2416 AxInstSV - ok
16:23:17.0447 2416 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:23:17.0447 2416 b06bdrv - ok
16:23:17.0462 2416 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:23:17.0478 2416 b57nd60x - ok
16:23:17.0494 2416 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:23:17.0494 2416 BDESVC - ok
16:23:17.0509 2416 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:23:17.0509 2416 Beep - ok
16:23:17.0587 2416 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\windows\System32\bfe.dll
16:23:17.0603 2416 BFE - ok
16:23:17.0665 2416 [ 76154FA6A742C613B44BB636B1A7C057 ] BHDrvx86 C:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
16:23:17.0665 2416 BHDrvx86 - ok
16:23:17.0759 2416 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:23:17.0759 2416 blbdrive - ok
16:23:17.0806 2416 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:23:17.0806 2416 bowser - ok
16:23:17.0837 2416 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:23:17.0837 2416 BrFiltLo - ok
16:23:17.0852 2416 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:23:17.0852 2416 BrFiltUp - ok
16:23:17.0930 2416 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:23:17.0930 2416 BridgeMP - ok
16:23:17.0962 2416 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\windows\System32\browser.dll
16:23:17.0962 2416 Browser - ok
16:23:17.0993 2416 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:23:17.0993 2416 Brserid - ok
16:23:18.0024 2416 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:23:18.0024 2416 BrSerWdm - ok
16:23:18.0040 2416 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:23:18.0040 2416 BrUsbMdm - ok
16:23:18.0055 2416 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:23:18.0055 2416 BrUsbSer - ok
16:23:18.0071 2416 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:23:18.0071 2416 BTHMODEM - ok
16:23:18.0102 2416 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:23:18.0102 2416 bthserv - ok
16:23:18.0242 2416 catchme - ok
16:23:18.0289 2416 [ 8973FF34B83572D867B5B928905AD5AC ] ccHP C:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys
16:23:18.0305 2416 ccHP - ok
16:23:18.0320 2416 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:23:18.0320 2416 cdfs - ok
16:23:18.0367 2416 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:23:18.0367 2416 cdrom - ok
16:23:18.0398 2416 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\windows\System32\certprop.dll
16:23:18.0398 2416 CertPropSvc - ok
16:23:18.0492 2416 [ 1F8A319D29394F9CE1B7AE020DF2EBBF ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
16:23:18.0492 2416 cfWiMAXService - ok
16:23:18.0523 2416 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:23:18.0523 2416 circlass - ok
16:23:18.0554 2416 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:23:18.0554 2416 CLFS - ok
16:23:18.0586 2416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:23:18.0586 2416 clr_optimization_v2.0.50727_32 - ok
16:23:18.0648 2416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:23:18.0648 2416 clr_optimization_v4.0.30319_32 - ok
16:23:18.0679 2416 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:23:18.0679 2416 CmBatt - ok
16:23:18.0695 2416 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
16:23:18.0710 2416 cmdide - ok
16:23:18.0773 2416 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\windows\system32\Drivers\cng.sys
16:23:18.0773 2416 CNG - ok
16:23:18.0804 2416 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:23:18.0804 2416 Compbatt - ok
16:23:18.0804 2416 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
16:23:18.0804 2416 CompositeBus - ok
16:23:18.0820 2416 COMSysApp - ok
16:23:18.0851 2416 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
16:23:18.0851 2416 ConfigFree Service - ok
16:23:18.0866 2416 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:23:18.0866 2416 crcdisk - ok
16:23:18.0913 2416 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\windows\system32\cryptsvc.dll
16:23:18.0913 2416 CryptSvc - ok
16:23:18.0960 2416 dbuyraem - ok
16:23:19.0022 2416 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\windows\system32\rpcss.dll
16:23:19.0038 2416 DcomLaunch - ok
16:23:19.0069 2416 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:23:19.0069 2416 defragsvc - ok
16:23:19.0132 2416 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:23:19.0132 2416 DfsC - ok
16:23:19.0147 2416 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\windows\system32\dhcpcore.dll
16:23:19.0163 2416 Dhcp - ok
16:23:19.0178 2416 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:23:19.0194 2416 discache - ok
16:23:19.0210 2416 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:23:19.0210 2416 Disk - ok
16:23:19.0241 2416 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:23:19.0241 2416 Dnscache - ok
16:23:19.0288 2416 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\windows\System32\dot3svc.dll
16:23:19.0288 2416 dot3svc - ok
16:23:19.0319 2416 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\windows\system32\dps.dll
16:23:19.0319 2416 DPS - ok
16:23:19.0366 2416 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:23:19.0366 2416 drmkaud - ok
16:23:19.0412 2416 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:23:19.0428 2416 DXGKrnl - ok
16:23:19.0444 2416 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:23:19.0459 2416 EapHost - ok
16:23:19.0553 2416 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:23:19.0646 2416 ebdrv - ok
16:23:19.0693 2416 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\windows\System32\lsass.exe
16:23:19.0709 2416 EFS - ok
16:23:19.0771 2416 ehdvr - ok
16:23:19.0865 2416 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:23:19.0896 2416 ehRecvr - ok
16:23:19.0927 2416 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:23:19.0927 2416 ehSched - ok
16:23:19.0958 2416 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:23:19.0974 2416 elxstor - ok
16:23:19.0974 2416 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
16:23:19.0974 2416 ErrDev - ok
16:23:20.0068 2416 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:23:20.0083 2416 EventSystem - ok
16:23:20.0114 2416 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:23:20.0114 2416 exfat - ok
16:23:20.0130 2416 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:23:20.0130 2416 fastfat - ok
16:23:20.0161 2416 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\windows\system32\fxssvc.exe
16:23:20.0192 2416 Fax - ok
16:23:20.0208 2416 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:23:20.0208 2416 fdc - ok
16:23:20.0224 2416 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:23:20.0239 2416 fdPHost - ok
16:23:20.0255 2416 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:23:20.0255 2416 FDResPub - ok
16:23:20.0270 2416 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:23:20.0270 2416 FileInfo - ok
16:23:20.0286 2416 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:23:20.0286 2416 Filetrace - ok
16:23:20.0302 2416 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:23:20.0302 2416 flpydisk - ok
16:23:20.0333 2416 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:23:20.0333 2416 FltMgr - ok
16:23:20.0395 2416 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\windows\system32\FntCache.dll
16:23:20.0442 2416 FontCache - ok
16:23:20.0489 2416 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:23:20.0504 2416 FontCache3.0.0.0 - ok
16:23:20.0504 2416 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:23:20.0504 2416 FsDepends - ok
16:23:20.0520 2416 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:23:20.0520 2416 Fs_Rec - ok
16:23:20.0567 2416 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:23:20.0567 2416 fvevol - ok
16:23:20.0598 2416 [ 0F76E205BDC60364F08A5949082771CA ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
16:23:20.0598 2416 FwLnk - ok
16:23:20.0614 2416 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:23:20.0614 2416 gagp30kx - ok
16:23:20.0645 2416 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\windows\System32\gpsvc.dll
16:23:20.0660 2416 gpsvc - ok
16:23:20.0723 2416 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:23:20.0738 2416 gupdate - ok
16:23:20.0770 2416 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:23:20.0785 2416 gupdatem - ok
16:23:20.0816 2416 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:23:20.0816 2416 hcw85cir - ok
16:23:20.0848 2416 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:23:20.0863 2416 HdAudAddService - ok
16:23:20.0879 2416 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
16:23:20.0879 2416 HDAudBus - ok
16:23:20.0894 2416 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:23:20.0894 2416 HidBatt - ok
16:23:20.0926 2416 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:23:20.0926 2416 HidBth - ok
16:23:20.0941 2416 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:23:20.0941 2416 HidIr - ok
16:23:20.0972 2416 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
16:23:20.0972 2416 hidserv - ok
16:23:21.0004 2416 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:23:21.0004 2416 HidUsb - ok
16:23:21.0035 2416 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\windows\system32\kmsvc.dll
16:23:21.0035 2416 hkmsvc - ok
16:23:21.0050 2416 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:23:21.0050 2416 HomeGroupListener - ok
16:23:21.0082 2416 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:23:21.0097 2416 HomeGroupProvider - ok
16:23:21.0113 2416 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
16:23:21.0113 2416 HpSAMD - ok
16:23:21.0128 2416 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\windows\system32\drivers\HTTP.sys
16:23:21.0144 2416 HTTP - ok
16:23:21.0160 2416 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:23:21.0160 2416 hwpolicy - ok
16:23:21.0175 2416 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
16:23:21.0191 2416 i8042prt - ok
16:23:21.0253 2416 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:23:21.0269 2416 iaStorV - ok
16:23:21.0347 2416 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:23:21.0378 2416 idsvc - ok
16:23:21.0503 2416 [ 785B0AB77D977445D58B02EA63C11FB2 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100119.001\IDSvix86.sys
16:23:21.0503 2416 IDSVix86 - ok
16:23:21.0550 2416 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:23:21.0550 2416 iirsp - ok
16:23:21.0596 2416 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\windows\System32\ikeext.dll
16:23:21.0628 2416 IKEEXT - ok
16:23:21.0752 2416 [ 516E2292F266C2F30089B5479C355858 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
16:23:21.0768 2416 IntcAzAudAddService - ok
16:23:21.0784 2416 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\DRIVERS\intelide.sys
16:23:21.0784 2416 intelide - ok
16:23:21.0799 2416 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:23:21.0815 2416 intelppm - ok
16:23:21.0877 2416 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:23:21.0893 2416 IPBusEnum - ok
16:23:21.0908 2416 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:23:21.0908 2416 IpFilterDriver - ok
16:23:22.0002 2416 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:23:22.0018 2416 iphlpsvc - ok
16:23:22.0049 2416 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
16:23:22.0049 2416 IPMIDRV - ok
16:23:22.0080 2416 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:23:22.0080 2416 IPNAT - ok
16:23:22.0096 2416 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:23:22.0111 2416 IRENUM - ok
16:23:22.0127 2416 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
16:23:22.0127 2416 isapnp - ok
16:23:22.0158 2416 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
16:23:22.0158 2416 iScsiPrt - ok
16:23:22.0174 2416 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
16:23:22.0174 2416 kbdclass - ok
16:23:22.0189 2416 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
16:23:22.0205 2416 kbdhid - ok
16:23:22.0220 2416 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\windows\system32\lsass.exe
16:23:22.0220 2416 KeyIso - ok
16:23:22.0236 2416 [ E36A061EC11B373826905B21BE10948F ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:23:22.0236 2416 KSecDD - ok
16:23:22.0267 2416 [ 365C6154BBBC5377173F1CA7BFB6CC59 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:23:22.0267 2416 KSecPkg - ok
16:23:22.0423 2416 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:23:22.0501 2416 KtmRm - ok
16:23:22.0548 2416 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\windows\System32\srvsvc.dll
16:23:22.0564 2416 LanmanServer - ok
16:23:22.0595 2416 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:23:22.0595 2416 LanmanWorkstation - ok
16:23:22.0626 2416 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:23:22.0626 2416 lltdio - ok
16:23:22.0657 2416 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:23:22.0673 2416 lltdsvc - ok
16:23:22.0688 2416 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:23:22.0688 2416 lmhosts - ok
16:23:22.0704 2416 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:23:22.0704 2416 LSI_FC - ok
16:23:22.0720 2416 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:23:22.0720 2416 LSI_SAS - ok
16:23:22.0751 2416 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:23:22.0751 2416 LSI_SAS2 - ok
16:23:22.0766 2416 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:23:22.0766 2416 LSI_SCSI - ok
16:23:22.0782 2416 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:23:22.0782 2416 luafv - ok
16:23:22.0813 2416 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:23:22.0813 2416 Mcx2Svc - ok
16:23:22.0829 2416 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:23:22.0829 2416 megasas - ok
16:23:22.0860 2416 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:23:22.0860 2416 MegaSR - ok
16:23:22.0907 2416 mensutkq - ok
16:23:22.0954 2416 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:23:22.0954 2416 MMCSS - ok
16:23:22.0985 2416 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:23:22.0985 2416 Modem - ok
16:23:23.0000 2416 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:23:23.0000 2416 monitor - ok
16:23:23.0032 2416 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:23:23.0032 2416 mouclass - ok
16:23:23.0063 2416 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:23:23.0063 2416 mouhid - ok
16:23:23.0078 2416 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:23:23.0078 2416 mountmgr - ok
16:23:23.0172 2416 [ FEE0BADED54222E9F1DAE9541212AAB1 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
16:23:23.0172 2416 MpFilter - ok
16:23:23.0188 2416 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\windows\system32\DRIVERS\mpio.sys
16:23:23.0203 2416 mpio - ok
16:23:23.0297 2416 [ 2C3489660D4A8D514C123C3F0D67DF46 ] MpNWMon C:\windows\system32\DRIVERS\MpNWMon.sys
16:23:23.0297 2416 MpNWMon - ok
16:23:23.0312 2416 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:23:23.0328 2416 mpsdrv - ok
16:23:23.0422 2416 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\windows\system32\mpssvc.dll
16:23:23.0437 2416 MpsSvc - ok
16:23:23.0468 2416 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:23:23.0468 2416 MRxDAV - ok
16:23:23.0515 2416 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:23:23.0531 2416 mrxsmb - ok
16:23:23.0562 2416 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:23:23.0578 2416 mrxsmb10 - ok
16:23:23.0593 2416 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:23:23.0593 2416 mrxsmb20 - ok
16:23:23.0609 2416 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\windows\system32\DRIVERS\msahci.sys
16:23:23.0609 2416 msahci - ok
16:23:23.0640 2416 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
16:23:23.0640 2416 msdsm - ok
16:23:23.0656 2416 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:23:23.0656 2416 MSDTC - ok
16:23:23.0671 2416 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:23:23.0671 2416 Msfs - ok
16:23:23.0687 2416 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:23:23.0687 2416 mshidkmdf - ok
16:23:23.0718 2416 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
16:23:23.0718 2416 msisadrv - ok
16:23:23.0749 2416 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:23:23.0749 2416 MSiSCSI - ok
16:23:23.0765 2416 msiserver - ok
16:23:23.0780 2416 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:23:23.0780 2416 MSKSSRV - ok
16:23:23.0796 2416 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:23:23.0796 2416 MSPCLOCK - ok
16:23:23.0796 2416 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:23:23.0812 2416 MSPQM - ok
16:23:23.0827 2416 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:23:23.0827 2416 MsRPC - ok
16:23:23.0843 2416 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
16:23:23.0843 2416 mssmbios - ok
16:23:23.0858 2416 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:23:23.0858 2416 MSTEE - ok
16:23:23.0858 2416 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:23:23.0858 2416 MTConfig - ok
16:23:23.0874 2416 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:23:23.0874 2416 Mup - ok
16:23:23.0905 2416 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\windows\system32\qagentRT.dll
16:23:23.0921 2416 napagent - ok
16:23:23.0936 2416 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:23:23.0936 2416 NativeWifiP - ok
16:23:23.0936 2416 NAVENG - ok
16:23:23.0952 2416 NAVEX15 - ok
16:23:23.0983 2416 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\windows\system32\drivers\ndis.sys
16:23:24.0014 2416 NDIS - ok
16:23:24.0030 2416 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:23:24.0030 2416 NdisCap - ok
16:23:24.0046 2416 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:23:24.0046 2416 NdisTapi - ok
16:23:24.0061 2416 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:23:24.0061 2416 Ndisuio - ok
16:23:24.0077 2416 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:23:24.0092 2416 NdisWan - ok
16:23:24.0092 2416 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:23:24.0092 2416 NDProxy - ok
16:23:24.0108 2416 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:23:24.0124 2416 NetBIOS - ok
16:23:24.0139 2416 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:23:24.0155 2416 NetBT - ok
16:23:24.0155 2416 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\windows\system32\lsass.exe
16:23:24.0155 2416 Netlogon - ok
16:23:24.0202 2416 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:23:24.0202 2416 Netman - ok
16:23:24.0295 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:23:24.0295 2416 NetMsmqActivator - ok
16:23:24.0342 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:23:24.0342 2416 NetPipeActivator - ok
16:23:24.0389 2416 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:23:24.0404 2416 netprofm - ok
16:23:24.0451 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:23:24.0451 2416 NetTcpActivator - ok
16:23:24.0467 2416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:23:24.0467 2416 NetTcpPortSharing - ok
16:23:24.0514 2416 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:23:24.0514 2416 nfrd960 - ok
16:23:24.0607 2416 [ 7B01C6172CFD0B10116175E09200D4B4 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
16:23:24.0607 2416 NisDrv - ok
16:23:24.0685 2416 [ A5CB074F34BBD89948E34A630D459C0C ] NisSrv c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
16:23:24.0701 2416 NisSrv - ok
16:23:24.0732 2416 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\windows\System32\nlasvc.dll
16:23:24.0748 2416 NlaSvc - ok
16:23:24.0763 2416 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:23:24.0763 2416 Npfs - ok
16:23:24.0779 2416 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:23:24.0779 2416 nsi - ok
16:23:24.0857 2416 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:23:24.0857 2416 nsiproxy - ok
16:23:24.0935 2416 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:23:24.0982 2416 Ntfs - ok
16:23:24.0997 2416 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:23:24.0997 2416 Null - ok
16:23:25.0044 2416 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:23:25.0060 2416 nvraid - ok
16:23:25.0075 2416 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:23:25.0091 2416 nvstor - ok
16:23:25.0106 2416 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
16:23:25.0122 2416 nv_agp - ok
16:23:25.0262 2416 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:23:25.0278 2416 odserv - ok
16:23:25.0356 2416 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
16:23:25.0356 2416 ohci1394 - ok
16:23:25.0434 2416 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:23:25.0450 2416 ose - ok
16:23:25.0496 2416 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:23:25.0528 2416 p2pimsvc - ok
16:23:25.0574 2416 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:23:25.0606 2416 p2psvc - ok
16:23:25.0652 2416 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:23:25.0652 2416 Parport - ok
16:23:25.0668 2416 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\windows\system32\drivers\partmgr.sys
16:23:25.0684 2416 partmgr - ok
16:23:25.0699 2416 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:23:25.0699 2416 Parvdm - ok
16:23:25.0715 2416 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:23:25.0730 2416 PcaSvc - ok
16:23:25.0746 2416 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\windows\system32\DRIVERS\pci.sys
16:23:25.0746 2416 pci - ok
16:23:25.0762 2416 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\DRIVERS\pciide.sys
16:23:25.0762 2416 pciide - ok
16:23:25.0793 2416 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:23:25.0793 2416 pcmcia - ok
16:23:25.0808 2416 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:23:25.0808 2416 pcw - ok
16:23:25.0840 2416 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:23:25.0855 2416 PEAUTH - ok
16:23:25.0918 2416 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\windows\system32\pla.dll
16:23:25.0980 2416 pla - ok
16:23:26.0074 2416 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:23:26.0089 2416 PlugPlay - ok
16:23:26.0105 2416 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:23:26.0120 2416 PNRPAutoReg - ok
16:23:26.0136 2416 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:23:26.0136 2416 PNRPsvc - ok
16:23:26.0167 2416 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:23:26.0183 2416 PolicyAgent - ok
16:23:26.0214 2416 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\windows\system32\umpo.dll
16:23:26.0214 2416 Power - ok
16:23:26.0261 2416 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:23:26.0261 2416 PptpMiniport - ok
16:23:26.0276 2416 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:23:26.0276 2416 Processor - ok
16:23:26.0308 2416 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\windows\system32\profsvc.dll
16:23:26.0308 2416 ProfSvc - ok
16:23:26.0323 2416 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\windows\system32\lsass.exe
16:23:26.0323 2416 ProtectedStorage - ok
16:23:26.0339 2416 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:23:26.0339 2416 Psched - ok
16:23:26.0370 2416 [ 899CC1416505270D500A24D6D7337074 ] PTUMLBUS C:\windows\system32\DRIVERS\PTUMLBUS.sys
16:23:26.0370 2416 PTUMLBUS - ok
16:23:26.0417 2416 [ 8867C6DF67ACB070B28B5B674D535E17 ] ptumlcmsvc C:\windows\system32\ptumlcmsvc.exe
16:23:26.0432 2416 ptumlcmsvc - ok
16:23:26.0448 2416 [ DA131BCA8FA708F3D62635E36B1D1104 ] PTUMLCVsp C:\windows\system32\DRIVERS\PTUMLCVsp.sys
16:23:26.0448 2416 PTUMLCVsp - ok
16:23:26.0464 2416 [ 9C4C803303CF7925428F47F105EB3C7D ] PTUMLMdm C:\windows\system32\DRIVERS\PTUMLMdm.sys
16:23:26.0464 2416 PTUMLMdm - ok
16:23:26.0495 2416 [ 37A2EDAAE9EA541A4003C649228BDA8E ] PTUMLNET61 C:\windows\system32\DRIVERS\PTUMLNET61.sys
16:23:26.0495 2416 PTUMLNET61 - ok
16:23:26.0510 2416 [ F73D363A9A0B133C341DD2846462F1E4 ] PTUMLNVsp C:\windows\system32\DRIVERS\PTUMLNVsp.sys
16:23:26.0526 2416 PTUMLNVsp - ok
16:23:26.0526 2416 [ C1BB630A463B82C8D7A2EF698B60DA55 ] PTUMLRMNET C:\windows\system32\DRIVERS\PTUMLRMNET.sys
16:23:26.0526 2416 PTUMLRMNET - ok
16:23:26.0542 2416 [ 6937CA020B9E0183420C8EC4F183F749 ] PTUMLVsp C:\windows\system32\DRIVERS\PTUMLVsp.sys
16:23:26.0542 2416 PTUMLVsp - ok
16:23:26.0604 2416 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:23:26.0651 2416 ql2300 - ok
16:23:26.0666 2416 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:23:26.0666 2416 ql40xx - ok
16:23:26.0698 2416 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:23:26.0698 2416 QWAVE - ok
16:23:26.0713 2416 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:23:26.0713 2416 QWAVEdrv - ok
16:23:26.0729 2416 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:23:26.0729 2416 RasAcd - ok
16:23:26.0760 2416 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:23:26.0760 2416 RasAgileVpn - ok
16:23:26.0776 2416 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:23:26.0791 2416 RasAuto - ok
16:23:26.0807 2416 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:23:26.0807 2416 Rasl2tp - ok
16:23:26.0838 2416 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\windows\System32\rasmans.dll
16:23:26.0838 2416 RasMan - ok
16:23:26.0854 2416 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:23:26.0854 2416 RasPppoe - ok
16:23:26.0869 2416 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:23:26.0885 2416 RasSstp - ok
16:23:26.0900 2416 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:23:26.0900 2416 rdbss - ok
16:23:26.0916 2416 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:23:26.0916 2416 rdpbus - ok
16:23:26.0932 2416 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:23:26.0932 2416 RDPCDD - ok
16:23:26.0947 2416 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:23:26.0947 2416 RDPENCDD - ok
16:23:26.0978 2416 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:23:26.0978 2416 RDPREFMP - ok
16:23:26.0994 2416 [ 801371BA9782282892D00AADB08EE367 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:23:26.0994 2416 RDPWD - ok
16:23:27.0025 2416 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:23:27.0025 2416 rdyboost - ok
16:23:27.0103 2416 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:23:27.0103 2416 RemoteAccess - ok
16:23:27.0150 2416 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:23:27.0150 2416 RemoteRegistry - ok
16:23:27.0181 2416 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:23:27.0181 2416 RpcEptMapper - ok
16:23:27.0197 2416 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:23:27.0197 2416 RpcLocator - ok
16:23:27.0228 2416 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\windows\system32\rpcss.dll
16:23:27.0228 2416 RpcSs - ok
16:23:27.0244 2416 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:23:27.0244 2416 rspndr - ok
16:23:27.0275 2416 [ EF8B2AFC3C0751C5E5A59983C8893260 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
16:23:27.0275 2416 RSUSBSTOR - ok
16:23:27.0306 2416 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
16:23:27.0322 2416 RTL8167 - ok
16:23:27.0353 2416 [ 8318F8C273F0E5DD8FEE394B7B9D910B ] RTL8187Se C:\windows\system32\DRIVERS\RTL8187Se.sys
16:23:27.0353 2416 RTL8187Se - ok
16:23:27.0353 2416 RtsUIR - ok
16:23:27.0368 2416 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\windows\system32\lsass.exe
16:23:27.0368 2416 SamSs - ok
16:23:27.0400 2416 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
16:23:27.0400 2416 sbp2port - ok
16:23:27.0415 2416 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:23:27.0431 2416 SCardSvr - ok
16:23:27.0431 2416 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:23:27.0431 2416 scfilter - ok
16:23:27.0540 2416 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\windows\system32\schedsvc.dll
16:23:27.0571 2416 Schedule - ok
16:23:27.0602 2416 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\windows\System32\certprop.dll
16:23:27.0602 2416 SCPolicySvc - ok
16:23:27.0618 2416 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:23:27.0618 2416 SDRSVC - ok
16:23:27.0634 2416 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:23:27.0634 2416 secdrv - ok
16:23:27.0649 2416 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:23:27.0649 2416 seclogon - ok
16:23:27.0665 2416 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
16:23:27.0665 2416 SENS - ok
16:23:27.0680 2416 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:23:27.0680 2416 SensrSvc - ok
16:23:27.0696 2416 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:23:27.0696 2416 Serenum - ok
16:23:27.0727 2416 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:23:27.0727 2416 Serial - ok
16:23:27.0743 2416 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:23:27.0743 2416 sermouse - ok
16:23:27.0774 2416 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\windows\system32\sessenv.dll
16:23:27.0774 2416 SessionEnv - ok
16:23:27.0805 2416 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:23:27.0805 2416 sffdisk - ok
16:23:27.0821 2416 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:23:27.0821 2416 sffp_mmc - ok
16:23:27.0821 2416 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:23:27.0821 2416 sffp_sd - ok
16:23:27.0852 2416 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:23:27.0852 2416 sfloppy - ok
16:23:27.0946 2416 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:23:27.0961 2416 SharedAccess - ok
16:23:28.0039 2416 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:23:28.0070 2416 ShellHWDetection - ok
16:23:28.0086 2416 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\DRIVERS\sisagp.sys
16:23:28.0086 2416 sisagp - ok
16:23:28.0117 2416 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:23:28.0117 2416 SiSRaid2 - ok
16:23:28.0133 2416 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:23:28.0133 2416 SiSRaid4 - ok
16:23:28.0164 2416 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:23:28.0164 2416 Smb - ok
16:23:28.0195 2416 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:23:28.0195 2416 SNMPTRAP - ok
16:23:28.0211 2416 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:23:28.0211 2416 spldr - ok
16:23:28.0242 2416 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\windows\System32\spoolsv.exe
16:23:28.0242 2416 Spooler - ok
16:23:28.0351 2416 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\windows\system32\sppsvc.exe
16:23:28.0414 2416 sppsvc - ok
16:23:28.0445 2416 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:23:28.0445 2416 sppuinotify - ok
16:23:28.0538 2416 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\windows\System32\Drivers\sptd.sys
16:23:28.0570 2416 sptd - ok
16:23:28.0616 2416 [ E81F6CAEAB9AD5732E94C07C97866AA2 ] SRTSP C:\windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS
16:23:28.0648 2416 SRTSP - ok
16:23:28.0710 2416 [ E28DE499D942B08058BFFAC69D4122B6 ] SRTSPX C:\windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS
16:23:28.0710 2416 SRTSPX - ok
16:23:28.0772 2416 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\windows\system32\DRIVERS\srv.sys
16:23:28.0788 2416 srv - ok
16:23:28.0819 2416 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:23:28.0819 2416 srv2 - ok
16:23:28.0866 2416 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:23:28.0866 2416 srvnet - ok
16:23:28.0913 2416 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
16:23:28.0913 2416 sscdbus - ok
16:23:28.0944 2416 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
16:23:28.0944 2416 sscdmdfl - ok
16:23:28.0960 2416 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
16:23:28.0960 2416 sscdmdm - ok
16:23:28.0975 2416 [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd C:\windows\system32\DRIVERS\sscdserd.sys
16:23:28.0991 2416 sscdserd - ok
16:23:29.0069 2416 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:23:29.0084 2416 SSDPSRV - ok
16:23:29.0116 2416 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:23:29.0116 2416 SstpSvc - ok
16:23:29.0147 2416 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:23:29.0147 2416 stexstor - ok
16:23:29.0178 2416 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\windows\System32\wiaservc.dll
16:23:29.0194 2416 StiSvc - ok
16:23:29.0209 2416 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
16:23:29.0209 2416 swenum - ok
16:23:29.0225 2416 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:23:29.0240 2416 swprv - ok
16:23:29.0256 2416 [ D0885F6E24259A6C65E68D6AD749910A ] SymEFA C:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS
16:23:29.0272 2416 SymEFA - ok
16:23:29.0334 2416 [ 1E825026436C4EAC3E1A11D1E9C33F2C ] SYMFW C:\windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS
16:23:29.0334 2416 SYMFW - ok
16:23:29.0365 2416 [ 34F1C9D5DCC19DF1E824D6B73767B8AF ] SymIM C:\windows\system32\DRIVERS\SymIMv.sys
16:23:29.0365 2416 SymIM - ok
16:23:29.0396 2416 [ DCBF73DA96CCE94933C8CC6EDED3C98B ] SYMNDISV C:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
16:23:29.0396 2416 SYMNDISV - ok
16:23:29.0412 2416 [ E4FA8BBB96E314E9508865DE1A767538 ] SYMTDI C:\windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
16:23:29.0412 2416 SYMTDI - ok
16:23:29.0459 2416 [ 70534D1E4F9AC990536D5FB5B550B3DE ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:23:29.0459 2416 SynTP - ok
16:23:29.0521 2416 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\windows\system32\sysmain.dll
16:23:29.0552 2416 SysMain - ok
16:23:29.0646 2416 [ 0E4BB35C5305099AC82053AC992E3E0E ] SysTool C:\windows\system32\DRIVERS\SysTool.sys
16:23:29.0646 2416 SysTool - ok
16:23:29.0677 2416 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\windows\System32\TabSvc.dll
16:23:29.0677 2416 TabletInputService - ok
16:23:29.0708 2416 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\windows\System32\tapisrv.dll
16:23:29.0708 2416 TapiSrv - ok
16:23:29.0724 2416 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:23:29.0724 2416 TBS - ok
16:23:29.0802 2416 [ C2DAAEB48F3A47C410B041A0D2382EE1 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:23:29.0833 2416 Tcpip - ok
16:23:29.0880 2416 [ C2DAAEB48F3A47C410B041A0D2382EE1 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:23:29.0896 2416 TCPIP6 - ok
16:23:29.0927 2416 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:23:29.0927 2416 tcpipreg - ok
16:23:29.0958 2416 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
16:23:29.0958 2416 tdcmdpst - ok
16:23:29.0989 2416 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:23:29.0989 2416 TDPIPE - ok
16:23:30.0005 2416 [ 7551E91EA999EE9A8E9C331D5A9C31F3 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:23:30.0005 2416 TDTCP - ok
16:23:30.0036 2416 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:23:30.0036 2416 tdx - ok
16:23:30.0052 2416 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
16:23:30.0052 2416 TermDD - ok
16:23:30.0083 2416 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\windows\System32\termsrv.dll
16:23:30.0098 2416 TermService - ok
16:23:30.0130 2416 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:23:30.0130 2416 Themes - ok
16:23:30.0145 2416 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:23:30.0145 2416 THREADORDER - ok
16:23:30.0192 2416 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:23:30.0192 2416 TMachInfo - ok
16:23:30.0239 2416 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\Windows\system32\TODDSrv.exe
16:23:30.0239 2416 TODDSrv - ok
16:23:30.0286 2416 [ 66C35016E01746715F8F606A9F081BF9 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:23:30.0301 2416 TosCoSrv - ok
16:23:30.0332 2416 [ 0B5FA26E0C8A8E07A6DF3DF4E5711DA8 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:23:30.0348 2416 TOSHIBA eco Utility Service - ok
16:23:30.0364 2416 [ 67C1DA40D78C92622081A3E780C926B2 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:23:30.0379 2416 TOSHIBA HDD SSD Alert Service - ok
16:23:30.0410 2416 [ 969377943FE7284609BABBAB4E06B93C ] tos_sps32 C:\windows\system32\DRIVERS\tos_sps32.sys
16:23:30.0410 2416 tos_sps32 - ok
16:23:30.0457 2416 [ 31D2881B0647F2B09B118B9B50C02888 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:23:30.0473 2416 TPCHSrv - ok
16:23:30.0551 2416 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:23:30.0566 2416 TrkWks - ok
16:23:30.0613 2416 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:23:30.0613 2416 TrustedInstaller - ok
16:23:30.0644 2416 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:23:30.0644 2416 tssecsrv - ok
16:23:30.0676 2416 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:23:30.0676 2416 tunnel - ok
16:23:30.0707 2416 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:23:30.0707 2416 TVALZ - ok
16:23:30.0738 2416 [ 866462F5AE3F375EF83EF9DCE436031C ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
16:23:30.0738 2416 TVALZFL - ok
16:23:30.0754 2416 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:23:30.0754 2416 uagp35 - ok
16:23:30.0785 2416 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:23:30.0785 2416 udfs - ok
16:23:30.0832 2416 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:23:30.0832 2416 UI0Detect - ok
16:23:30.0863 2416 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
16:23:30.0863 2416 uliagpkx - ok
16:23:30.0878 2416 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\windows\system32\DRIVERS\umbus.sys
16:23:30.0878 2416 umbus - ok
16:23:30.0894 2416 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:23:30.0894 2416 UmPass - ok
16:23:30.0910 2416 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:23:30.0925 2416 upnphost - ok
16:23:30.0941 2416 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
16:23:30.0956 2416 USBAAPL - ok
16:23:30.0972 2416 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
16:23:30.0988 2416 usbaudio - ok
16:23:31.0019 2416 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:23:31.0034 2416 usbccgp - ok
16:23:31.0034 2416 USBCCID - ok
16:23:31.0066 2416 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
16:23:31.0066 2416 usbcir - ok
16:23:31.0097 2416 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:23:31.0097 2416 usbehci - ok
16:23:31.0128 2416 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:23:31.0144 2416 usbhub - ok
16:23:31.0159 2416 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:23:31.0159 2416 usbohci - ok
16:23:31.0175 2416 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:23:31.0175 2416 usbprint - ok
16:23:31.0222 2416 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:23:31.0222 2416 USBSTOR - ok
16:23:31.0237 2416 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:23:31.0237 2416 usbuhci - ok
16:23:31.0268 2416 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:23:31.0268 2416 usbvideo - ok
16:23:31.0284 2416 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:23:31.0300 2416 UxSms - ok
16:23:31.0315 2416 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\windows\system32\lsass.exe
16:23:31.0315 2416 VaultSvc - ok
16:23:31.0315 2416 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
16:23:31.0331 2416 vdrvroot - ok
16:23:31.0346 2416 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\windows\System32\vds.exe
16:23:31.0362 2416 vds - ok
16:23:31.0393 2416 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:23:31.0393 2416 vga - ok
16:23:31.0409 2416 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:23:31.0424 2416 VgaSave - ok
16:23:31.0440 2416 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
16:23:31.0440 2416 vhdmp - ok
16:23:31.0471 2416 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys
16:23:31.0471 2416 viaagp - ok
16:23:31.0471 2416 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:23:31.0471 2416 ViaC7 - ok
16:23:31.0502 2416 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\DRIVERS\viaide.sys
16:23:31.0502 2416 viaide - ok
16:23:31.0518 2416 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
16:23:31.0518 2416 volmgr - ok
16:23:31.0549 2416 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:23:31.0549 2416 volmgrx - ok
16:23:31.0580 2416 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
16:23:31.0596 2416 volsnap - ok
16:23:31.0627 2416 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:23:31.0627 2416 vsmraid - ok
16:23:31.0690 2416 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\windows\system32\vssvc.exe
16:23:31.0721 2416 VSS - ok
16:23:31.0736 2416 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:23:31.0736 2416 vwifibus - ok
16:23:31.0752 2416 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:23:31.0752 2416 vwififlt - ok
16:23:31.0768 2416 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:23:31.0783 2416 vwifimp - ok
16:23:31.0861 2416 [ D22C6B9C2F840D403FD387AD207A4B16 ] VX1000 C:\windows\system32\DRIVERS\VX1000.sys
16:23:31.0924 2416 VX1000 - ok
16:23:31.0939 2416 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:23:31.0955 2416 W32Time - ok
16:23:31.0970 2416 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:23:31.0970 2416 WacomPen - ok
16:23:31.0986 2416 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:23:31.0986 2416 WANARP - ok
16:23:31.0986 2416 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:23:32.0002 2416 Wanarpv6 - ok
16:23:32.0033 2416 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\windows\system32\wbengine.exe
16:23:32.0080 2416 wbengine - ok
16:23:32.0111 2416 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:23:32.0111 2416 WbioSrvc - ok
16:23:32.0158 2416 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\windows\System32\wcncsvc.dll
16:23:32.0173 2416 wcncsvc - ok
16:23:32.0204 2416 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:23:32.0204 2416 WcsPlugInService - ok
16:23:32.0236 2416 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:23:32.0236 2416 Wd - ok
16:23:32.0267 2416 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:23:32.0267 2416 Wdf01000 - ok
16:23:32.0298 2416 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:23:32.0298 2416 WdiServiceHost - ok
16:23:32.0298 2416 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:23:32.0298 2416 WdiSystemHost - ok
16:23:32.0345 2416 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\windows\System32\webclnt.dll
16:23:32.0345 2416 WebClient - ok
16:23:32.0360 2416 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:23:32.0360 2416 Wecsvc - ok
16:23:32.0407 2416 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:23:32.0423 2416 wercplsupport - ok
16:23:32.0423 2416 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:23:32.0423 2416 WerSvc - ok
16:23:32.0438 2416 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:23:32.0470 2416 WfpLwf - ok
16:23:32.0548 2416 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:23:32.0548 2416 WIMMount - ok
16:23:32.0672 2416 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:23:32.0704 2416 WinDefend - ok
16:23:32.0735 2416 WinHttpAutoProxySvc - ok
16:23:32.0797 2416 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:23:32.0813 2416 Winmgmt - ok
16:23:32.0892 2416 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\windows\system32\WsmSvc.dll
16:23:32.0923 2416 WinRM - ok
16:23:33.0001 2416 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:23:33.0001 2416 WinUsb - ok
16:23:33.0048 2416 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:23:33.0095 2416 Wlansvc - ok
16:23:33.0219 2416 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:23:33.0266 2416 wlidsvc - ok
16:23:33.0313 2416 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
16:23:33.0313 2416 WmiAcpi - ok
16:23:33.0344 2416 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:23:33.0344 2416 wmiApSrv - ok
16:23:33.0438 2416 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:23:33.0485 2416 WMPNetworkSvc - ok
16:23:33.0516 2416 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:23:33.0531 2416 WPCSvc - ok
16:23:33.0547 2416 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:23:33.0547 2416 WPDBusEnum - ok
16:23:33.0578 2416 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:23:33.0578 2416 ws2ifsl - ok
16:23:33.0656 2416 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\windows\system32\wscsvc.dll
16:23:33.0656 2416 wscsvc - ok
16:23:33.0719 2416 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
16:23:33.0719 2416 WSDPrintDevice - ok
16:23:33.0734 2416 WSearch - ok
16:23:33.0875 2416 [ A33408CC036F9C08142B11BE5E93F0A1 ] wuauserv C:\windows\system32\wuaueng.dll
16:23:33.0953 2416 wuauserv - ok
16:23:33.0968 2416 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:23:33.0968 2416 WudfPf - ok
16:23:33.0984 2416 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:23:33.0984 2416 WUDFRd - ok
16:23:33.0999 2416 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:23:33.0999 2416 wudfsvc - ok
16:23:34.0031 2416 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:23:34.0031 2416 WwanSvc - ok
16:23:34.0046 2416 XDva385 - ok
16:23:34.0062 2416 XDva386 - ok
16:23:34.0109 2416 XDva387 - ok
16:23:34.0124 2416 XDva388 - ok
16:23:34.0171 2416 ================ Scan global ===============================
16:23:34.0233 2416 [ 9A595DF601070DA78C40481120DD2C06 ] C:\windows\system32\basesrv.dll
16:23:34.0280 2416 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll
16:23:34.0311 2416 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll
16:23:34.0327 2416 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:23:34.0358 2416 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:23:34.0374 2416 [Global] - ok
16:23:34.0374 2416 ================ Scan MBR ==================================
16:23:34.0389 2416 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
16:23:34.0779 2416 \Device\Harddisk0\DR0 - ok
16:23:34.0779 2416 ================ Scan VBR ==================================
16:23:34.0795 2416 [ 5D23C7FB3AE2F4E4543DCF7C11664442 ] \Device\Harddisk0\DR0\Partition1
16:23:34.0795 2416 \Device\Harddisk0\DR0\Partition1 - ok
16:23:34.0811 2416 ============================================================
16:23:34.0811 2416 Scan finished
16:23:34.0811 2416 ============================================================
16:23:34.0811 0628 Detected object count: 0
16:23:34.0811 0628 Actual detected object count: 0
16:23:45.0668 1320 Deinitialize success

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 27 August 2012 - 04:03 PM

Hello

download Farbar Recovery Scan Tool and save it to a flash drive.


Plug the flash drive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.

[*]First Press the Scan button.
[*]It will make a log (FRST.txt)

[*]Second Type the following in the edit box after "Search:". services.exe
[*]Click the Search button
[*]It will make a log (Search.txt)
[/list]
I want you to poste Both the FRST.txt report and the Search.txt into your reply to me

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 29 August 2012 - 11:17 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 01 September 2012 - 11:24 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 04 September 2012 - 11:09 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users