Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Network Traffic and HDD access by svchost.exe


  • Please log in to reply
11 replies to this topic

#1 cart0181

cart0181

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 26 August 2012 - 03:41 AM

Hello! Awesome helpful people. :bowdown:

I have a Windows Vista Home Premium SP2 32-bit computer that had some infections previously, but I believe they are fully resolved at this point. I scan clean with MBAM, Norton Antivirus Online, and Eset's online scanner. The crazy thing is, I still have loads of HDD access. I ran netstat and I see there are tons of connections being made by svchost.exe to high numbered ports in the 65000's range. I ran Process Explorer and it seems like taskeng.exe is responsible, but I'm not savvy enough in this area to know quite what to do about this problem. I'm just using the Windows Firewall. I tried resetting it to defaults, but that doesn't seem to stop all these connections that are being made. It seems like someone is running a P2P server on this machine or something!

Also note:
When I run the Task Scheduler I get the message, "The task image is corrupt or has been tampered with.mcupdate" I'm not sure if this is related or not.

Please help!

Edited by hamluis, 26 August 2012 - 07:45 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 26 August 2012 - 07:33 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 cart0181

cart0181
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 27 August 2012 - 12:06 PM

Thanks for your help. I guess I did have a rootkit after all. TDSS killer had me reboot once. Here are the logs. I did not include the ESET log since it already came up clean yesterday. Did you want me to re-run it now?

11:08:12.0544 6540 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:08:13.0225 6540 ============================================================
11:08:13.0225 6540 Current date / time: 2012/08/27 11:08:13.0225
11:08:13.0225 6540 SystemInfo:
11:08:13.0225 6540
11:08:13.0225 6540 OS Version: 6.0.6002 ServicePack: 2.0
11:08:13.0225 6540 Product type: Workstation
11:08:13.0225 6540 ComputerName: ANITA-PC
11:08:13.0225 6540 UserName: Anita
11:08:13.0225 6540 Windows directory: C:\Windows
11:08:13.0225 6540 System windows directory: C:\Windows
11:08:13.0225 6540 Processor architecture: Intel x86
11:08:13.0225 6540 Number of processors: 2
11:08:13.0225 6540 Page size: 0x1000
11:08:13.0225 6540 Boot type: Normal boot
11:08:13.0225 6540 ============================================================
11:08:17.0498 6540 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:08:17.0501 6540 ============================================================
11:08:17.0501 6540 \Device\Harddisk0\DR0:
11:08:17.0501 6540 MBR partitions:
11:08:17.0501 6540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2430F800
11:08:17.0501 6540 ============================================================
11:08:17.0543 6540 C: <-> \Device\Harddisk0\DR0\Partition1
11:08:17.0544 6540 ============================================================
11:08:17.0544 6540 Initialize success
11:08:17.0544 6540 ============================================================
11:08:44.0007 7160 ============================================================
11:08:44.0007 7160 Scan started
11:08:44.0007 7160 Mode: Manual; TDLFS;
11:08:44.0007 7160 ============================================================
11:08:46.0647 7160 ================ Scan system memory ========================
11:08:46.0647 7160 System memory - ok
11:08:46.0648 7160 ================ Scan services =============================
11:08:46.0888 7160 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:08:46.0894 7160 ACPI - ok
11:08:47.0096 7160 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:08:47.0099 7160 AdobeARMservice - ok
11:08:47.0203 7160 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:08:47.0209 7160 AdobeFlashPlayerUpdateSvc - ok
11:08:47.0277 7160 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:08:47.0288 7160 adp94xx - ok
11:08:47.0393 7160 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:08:47.0402 7160 adpahci - ok
11:08:47.0513 7160 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:08:47.0518 7160 adpu160m - ok
11:08:47.0541 7160 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:08:47.0545 7160 adpu320 - ok
11:08:47.0590 7160 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:08:47.0592 7160 AeLookupSvc - ok
11:08:47.0689 7160 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:08:47.0696 7160 AFD - ok
11:08:47.0736 7160 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
11:08:47.0737 7160 AgereModemAudio - ok
11:08:47.0811 7160 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
11:08:47.0834 7160 AgereSoftModem - ok
11:08:47.0895 7160 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:08:47.0897 7160 agp440 - ok
11:08:48.0007 7160 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:08:48.0141 7160 aic78xx - ok
11:08:48.0163 7160 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:08:48.0165 7160 ALG - ok
11:08:48.0193 7160 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
11:08:48.0195 7160 aliide - ok
11:08:48.0232 7160 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:08:48.0234 7160 amdagp - ok
11:08:48.0243 7160 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
11:08:48.0245 7160 amdide - ok
11:08:48.0259 7160 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:08:48.0261 7160 AmdK7 - ok
11:08:48.0271 7160 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:08:48.0290 7160 AmdK8 - ok
11:08:48.0487 7160 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:08:48.0488 7160 Appinfo - ok
11:08:48.0580 7160 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:08:48.0582 7160 arc - ok
11:08:48.0627 7160 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:08:48.0631 7160 arcsas - ok
11:08:48.0741 7160 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:08:48.0793 7160 aspnet_state - ok
11:08:48.0899 7160 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:08:48.0901 7160 AsyncMac - ok
11:08:48.0972 7160 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
11:08:48.0973 7160 atapi - ok
11:08:49.0023 7160 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:08:49.0031 7160 AudioEndpointBuilder - ok
11:08:49.0041 7160 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:08:49.0044 7160 Audiosrv - ok
11:08:49.0142 7160 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
11:08:49.0146 7160 BBSvc - ok
11:08:49.0195 7160 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:08:49.0196 7160 Beep - ok
11:08:49.0264 7160 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
11:08:49.0272 7160 BFE - ok
11:08:49.0661 7160 [ A9E111A358AC5F7EBA7AC61E43FC6725 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20120803.001\BHDrvx86.sys
11:08:49.0705 7160 BHDrvx86 - ok
11:08:49.0760 7160 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
11:08:49.0776 7160 BITS - ok
11:08:49.0803 7160 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:08:49.0805 7160 blbdrive - ok
11:08:49.0843 7160 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:08:49.0846 7160 bowser - ok
11:08:50.0125 7160 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:08:50.0127 7160 BrFiltLo - ok
11:08:50.0159 7160 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:08:50.0160 7160 BrFiltUp - ok
11:08:50.0193 7160 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:08:50.0196 7160 Browser - ok
11:08:50.0239 7160 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:08:50.0242 7160 Brserid - ok
11:08:50.0264 7160 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:08:50.0266 7160 BrSerWdm - ok
11:08:50.0283 7160 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:08:50.0285 7160 BrUsbMdm - ok
11:08:50.0297 7160 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:08:50.0299 7160 BrUsbSer - ok
11:08:50.0330 7160 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:08:50.0332 7160 BTHMODEM - ok
11:08:50.0447 7160 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NAV C:\Windows\system32\drivers\NAV\1308000.00E\ccSetx86.sys
11:08:50.0451 7160 ccSet_NAV - ok
11:08:50.0499 7160 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:08:50.0502 7160 cdfs - ok
11:08:50.0541 7160 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:08:50.0544 7160 cdrom - ok
11:08:50.0606 7160 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:08:50.0607 7160 CertPropSvc - ok
11:08:50.0636 7160 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:08:50.0638 7160 circlass - ok
11:08:50.0683 7160 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:08:50.0689 7160 CLFS - ok
11:08:50.0757 7160 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:08:50.0760 7160 clr_optimization_v2.0.50727_32 - ok
11:08:50.0785 7160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:08:51.0974 7160 clr_optimization_v4.0.30319_32 - ok
11:08:52.0045 7160 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:08:52.0047 7160 CmBatt - ok
11:08:52.0067 7160 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:08:52.0069 7160 cmdide - ok
11:08:52.0095 7160 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:08:52.0097 7160 Compbatt - ok
11:08:52.0107 7160 COMSysApp - ok
11:08:52.0182 7160 [ C508B28B9DA7563634A2A2B2EEF4395D ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
11:08:52.0185 7160 ConfigFree Service - ok
11:08:52.0208 7160 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:08:52.0210 7160 crcdisk - ok
11:08:52.0308 7160 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:08:52.0311 7160 Crusoe - ok
11:08:52.0408 7160 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:08:52.0411 7160 CryptSvc - ok
11:08:52.0536 7160 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:08:52.0549 7160 DcomLaunch - ok
11:08:52.0569 7160 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:08:52.0572 7160 DfsC - ok
11:08:52.0969 7160 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:08:53.0623 7160 DFSR - ok
11:08:54.0001 7160 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:08:54.0005 7160 Dhcp - ok
11:08:54.0282 7160 [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr C:\Program Files\GNU\GnuPG\dirmngr.exe
11:08:54.0287 7160 DirMngr - ok
11:08:54.0371 7160 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:08:54.0374 7160 disk - ok
11:08:54.0461 7160 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:08:54.0464 7160 Dnscache - ok
11:08:54.0709 7160 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:08:54.0714 7160 dot3svc - ok
11:08:54.0771 7160 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:08:54.0775 7160 Dot4 - ok
11:08:54.0833 7160 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:08:54.0834 7160 Dot4Print - ok
11:08:55.0365 7160 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:08:55.0367 7160 dot4usb - ok
11:08:55.0405 7160 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:08:55.0409 7160 DPS - ok
11:08:55.0462 7160 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:08:55.0465 7160 drmkaud - ok
11:08:55.0539 7160 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:08:55.0551 7160 DXGKrnl - ok
11:08:55.0580 7160 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:08:55.0584 7160 E1G60 - ok
11:08:55.0622 7160 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:08:55.0624 7160 EapHost - ok
11:08:55.0764 7160 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:08:55.0768 7160 Ecache - ok
11:08:55.0893 7160 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:08:55.0902 7160 eeCtrl - ok
11:08:55.0996 7160 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:08:56.0002 7160 ehRecvr - ok
11:08:56.0022 7160 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
11:08:56.0026 7160 ehSched - ok
11:08:56.0042 7160 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
11:08:56.0044 7160 ehstart - ok
11:08:56.0206 7160 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:08:56.0214 7160 elxstor - ok
11:08:56.0388 7160 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:08:56.0401 7160 EMDMgmt - ok
11:08:56.0451 7160 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:08:56.0455 7160 EraserUtilRebootDrv - ok
11:08:56.0504 7160 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:08:56.0506 7160 ErrDev - ok
11:08:56.0575 7160 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:08:56.0581 7160 EventSystem - ok
11:08:56.0812 7160 [ 9D6A019DEA917F305AF23209FEDD5F16 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:08:57.0391 7160 EvtEng - ok
11:08:57.0449 7160 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:08:57.0453 7160 exfat - ok
11:08:57.0479 7160 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:08:57.0483 7160 fastfat - ok
11:08:57.0545 7160 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:08:57.0546 7160 fdc - ok
11:08:57.0577 7160 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:08:57.0581 7160 fdPHost - ok
11:08:57.0595 7160 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:08:57.0598 7160 FDResPub - ok
11:08:57.0620 7160 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:08:57.0622 7160 FileInfo - ok
11:08:57.0643 7160 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:08:57.0645 7160 Filetrace - ok
11:08:57.0672 7160 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:08:57.0675 7160 flpydisk - ok
11:08:57.0715 7160 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:08:57.0720 7160 FltMgr - ok
11:08:57.0981 7160 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
11:08:57.0997 7160 FontCache - ok
11:08:58.0130 7160 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:08:58.0142 7160 FontCache3.0.0.0 - ok
11:08:58.0219 7160 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:08:58.0221 7160 Fs_Rec - ok
11:08:58.0256 7160 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
11:08:58.0258 7160 FwLnk - ok
11:08:58.0279 7160 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:08:58.0282 7160 gagp30kx - ok
11:08:58.0360 7160 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
11:08:58.0366 7160 GamesAppService - ok
11:08:58.0406 7160 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:08:58.0417 7160 gpsvc - ok
11:08:58.0478 7160 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:08:58.0481 7160 gupdate - ok
11:08:58.0488 7160 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:08:58.0490 7160 gupdatem - ok
11:08:58.0553 7160 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:08:58.0557 7160 gusvc - ok
11:08:58.0609 7160 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:08:58.0616 7160 HdAudAddService - ok
11:08:58.0659 7160 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:08:58.0671 7160 HDAudBus - ok
11:08:58.0692 7160 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:08:58.0695 7160 HidBth - ok
11:08:58.0715 7160 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:08:58.0718 7160 HidIr - ok
11:08:58.0749 7160 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
11:08:58.0751 7160 hidserv - ok
11:08:58.0901 7160 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:08:58.0903 7160 HidUsb - ok
11:08:58.0945 7160 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:08:58.0948 7160 hkmsvc - ok
11:08:58.0975 7160 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:08:58.0977 7160 HpCISSs - ok
11:09:00.0290 7160 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:09:00.0297 7160 hpqcxs08 - ok
11:09:00.0321 7160 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:09:00.0324 7160 hpqddsvc - ok
11:09:00.0405 7160 [ 9D23402D305869844BC6004A05CC74BA ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
11:09:00.0419 7160 HPSLPSVC - ok
11:09:00.0594 7160 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:09:00.0603 7160 HTTP - ok
11:09:00.0641 7160 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:09:00.0643 7160 i2omp - ok
11:09:00.0693 7160 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:09:00.0695 7160 i8042prt - ok
11:09:00.0747 7160 iaStor - ok
11:09:00.0770 7160 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:09:00.0778 7160 iaStorV - ok
11:09:00.0873 7160 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:09:00.0877 7160 IDriverT - ok
11:09:01.0024 7160 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:09:01.0045 7160 idsvc - ok
11:09:01.0223 7160 [ D0A4C9031B57295D6B1078E3CFA45DB4 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20120824.001\IDSvix86.sys
11:09:01.0232 7160 IDSVix86 - ok
11:09:01.0683 7160 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:09:01.0771 7160 igfx - ok
11:09:01.0794 7160 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:09:01.0798 7160 iirsp - ok
11:09:01.0878 7160 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:09:01.0888 7160 IKEEXT - ok
11:09:02.0442 7160 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:09:02.0507 7160 IntcAzAudAddService - ok
11:09:02.0569 7160 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
11:09:02.0571 7160 intelide - ok
11:09:02.0590 7160 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:09:02.0592 7160 intelppm - ok
11:09:02.0636 7160 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:09:02.0640 7160 IPBusEnum - ok
11:09:02.0664 7160 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:09:02.0667 7160 IpFilterDriver - ok
11:09:02.0804 7160 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:09:02.0809 7160 iphlpsvc - ok
11:09:02.0815 7160 IpInIp - ok
11:09:03.0096 7160 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:09:03.0098 7160 IPMIDRV - ok
11:09:03.0211 7160 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:09:03.0214 7160 IPNAT - ok
11:09:03.0237 7160 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:09:03.0239 7160 IRENUM - ok
11:09:04.0277 7160 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:09:04.0280 7160 isapnp - ok
11:09:04.0756 7160 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:09:05.0034 7160 iScsiPrt - ok
11:09:05.0176 7160 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:09:05.0179 7160 iteatapi - ok
11:09:05.0240 7160 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:09:05.0243 7160 iteraid - ok
11:09:05.0264 7160 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:09:05.0267 7160 kbdclass - ok
11:09:05.0301 7160 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:09:05.0304 7160 kbdhid - ok
11:09:05.0359 7160 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:09:05.0362 7160 KeyIso - ok
11:09:05.0451 7160 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
11:09:05.0457 7160 KR10I - ok
11:09:05.0487 7160 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
11:09:05.0503 7160 KR10N - ok
11:09:07.0020 7160 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:09:07.0030 7160 KSecDD - ok
11:09:07.0105 7160 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:09:07.0115 7160 KtmRm - ok
11:09:07.0160 7160 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
11:09:07.0160 7160 LanmanServer - ok
11:09:07.0205 7160 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:09:07.0210 7160 LanmanWorkstation - ok
11:09:07.0255 7160 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:09:07.0255 7160 lltdio - ok
11:09:07.0300 7160 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:09:07.0310 7160 lltdsvc - ok
11:09:07.0335 7160 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:09:07.0335 7160 lmhosts - ok
11:09:07.0365 7160 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:09:07.0370 7160 LSI_FC - ok
11:09:07.0400 7160 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:09:07.0410 7160 LSI_SAS - ok
11:09:07.0455 7160 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:09:07.0460 7160 LSI_SCSI - ok
11:09:07.0490 7160 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:09:07.0490 7160 luafv - ok
11:09:07.0535 7160 [ FB097BBC1A18F044BD17BD2FCCF97865 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:09:07.0535 7160 MBAMProtector - ok
11:09:07.0705 7160 [ BA400ED640BCA1EAE5C727AE17C10207 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:09:07.0720 7160 MBAMService - ok
11:09:07.0755 7160 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:09:07.0755 7160 Mcx2Svc - ok
11:09:07.0795 7160 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:09:07.0800 7160 megasas - ok
11:09:07.0830 7160 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:09:07.0840 7160 MegaSR - ok
11:09:07.0865 7160 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:09:07.0865 7160 MMCSS - ok
11:09:07.0895 7160 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:09:07.0895 7160 Modem - ok
11:09:07.0915 7160 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:09:07.0915 7160 monitor - ok
11:09:07.0940 7160 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:09:07.0945 7160 mouclass - ok
11:09:08.0235 7160 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:09:08.0250 7160 mouhid - ok
11:09:08.0265 7160 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:09:08.0270 7160 MountMgr - ok
11:09:08.0455 7160 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:09:08.0460 7160 MozillaMaintenance - ok
11:09:08.0518 7160 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:09:08.0522 7160 mpio - ok
11:09:08.0929 7160 MpKsl92af3f9f - ok
11:09:09.0166 7160 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:09:09.0277 7160 mpsdrv - ok
11:09:09.0403 7160 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:09:09.0412 7160 MpsSvc - ok
11:09:09.0618 7160 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:09:09.0621 7160 Mraid35x - ok
11:09:09.0652 7160 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:09:09.0656 7160 MRxDAV - ok
11:09:09.0710 7160 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:09:09.0714 7160 mrxsmb - ok
11:09:09.0854 7160 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:09:09.0861 7160 mrxsmb10 - ok
11:09:09.0872 7160 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:09:09.0876 7160 mrxsmb20 - ok
11:09:09.0927 7160 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
11:09:09.0929 7160 msahci - ok
11:09:10.0005 7160 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:09:10.0009 7160 msdsm - ok
11:09:10.0032 7160 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:09:10.0036 7160 MSDTC - ok
11:09:10.0057 7160 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:09:10.0059 7160 Msfs - ok
11:09:10.0218 7160 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:09:10.0219 7160 msisadrv - ok
11:09:10.0249 7160 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:09:10.0253 7160 MSiSCSI - ok
11:09:10.0259 7160 msiserver - ok
11:09:10.0357 7160 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:09:10.0362 7160 MSKSSRV - ok
11:09:10.0379 7160 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:09:10.0380 7160 MSPCLOCK - ok
11:09:10.0387 7160 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:09:10.0390 7160 MSPQM - ok
11:09:10.0427 7160 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:09:10.0431 7160 MsRPC - ok
11:09:10.0468 7160 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:09:10.0469 7160 mssmbios - ok
11:09:10.0487 7160 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:09:10.0488 7160 MSTEE - ok
11:09:10.0598 7160 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:09:10.0598 7160 Mup - ok
11:09:10.0633 7160 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:09:10.0643 7160 napagent - ok
11:09:10.0713 7160 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:09:10.0718 7160 NativeWifiP - ok
11:09:10.0978 7160 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
11:09:10.0983 7160 NAV - ok
11:09:11.0295 7160 [ FA0B7D801E71CE79B915BAE5A90DE224 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20120825.007\NAVENG.SYS
11:09:11.0300 7160 NAVENG - ok
11:09:11.0563 7160 [ 80BB71A7D14CF14B54514A201BF5B985 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20120825.007\NAVEX15.SYS
11:09:11.0595 7160 NAVEX15 - ok
11:09:11.0758 7160 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:09:11.0768 7160 NDIS - ok
11:09:11.0798 7160 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:09:11.0800 7160 NdisTapi - ok
11:09:11.0815 7160 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:09:11.0818 7160 Ndisuio - ok
11:09:11.0850 7160 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:09:11.0855 7160 NdisWan - ok
11:09:11.0883 7160 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:09:11.0885 7160 NDProxy - ok
11:09:11.0943 7160 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:09:11.0948 7160 Net Driver HPZ12 - ok
11:09:11.0965 7160 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:09:11.0968 7160 NetBIOS - ok
11:09:12.0120 7160 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:09:12.0125 7160 netbt - ok
11:09:12.0518 7160 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:09:12.0518 7160 Netlogon - ok
11:09:12.0565 7160 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:09:12.0578 7160 Netman - ok
11:09:12.0615 7160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:09:12.0630 7160 NetMsmqActivator - ok
11:09:12.0638 7160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:09:12.0638 7160 NetPipeActivator - ok
11:09:12.0670 7160 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:09:12.0678 7160 netprofm - ok
11:09:12.0683 7160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:09:12.0685 7160 NetTcpActivator - ok
11:09:12.0690 7160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:09:12.0693 7160 NetTcpPortSharing - ok
11:09:12.0795 7160 NETw5v32 - ok
11:09:15.0751 7160 [ 383712AEC962B72BF6D368A4A64CFE09 ] NETwNv32 C:\Windows\system32\DRIVERS\NETwNv32.sys
11:09:16.0448 7160 NETwNv32 - ok
11:09:16.0528 7160 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:09:16.0530 7160 nfrd960 - ok
11:09:16.0624 7160 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:09:16.0629 7160 NlaSvc - ok
11:09:16.0655 7160 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:09:16.0657 7160 Npfs - ok
11:09:16.0673 7160 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:09:16.0676 7160 nsi - ok
11:09:16.0693 7160 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:09:16.0695 7160 nsiproxy - ok
11:09:16.0885 7160 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:09:16.0918 7160 Ntfs - ok
11:09:16.0954 7160 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:09:16.0957 7160 ntrigdigi - ok
11:09:16.0983 7160 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:09:16.0986 7160 Null - ok
11:09:17.0009 7160 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:09:17.0013 7160 nvraid - ok
11:09:17.0032 7160 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:09:17.0034 7160 nvstor - ok
11:09:17.0057 7160 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:09:17.0060 7160 nv_agp - ok
11:09:17.0067 7160 NwlnkFlt - ok
11:09:17.0092 7160 NwlnkFwd - ok
11:09:17.0354 7160 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:09:17.0365 7160 odserv - ok
11:09:17.0522 7160 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:09:17.0524 7160 ohci1394 - ok
11:09:17.0597 7160 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:09:17.0603 7160 ose - ok
11:09:17.0883 7160 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:09:17.0901 7160 p2pimsvc - ok
11:09:17.0918 7160 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:09:17.0926 7160 p2psvc - ok
11:09:17.0965 7160 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:09:17.0970 7160 Parport - ok
11:09:18.0025 7160 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:09:18.0028 7160 partmgr - ok
11:09:18.0053 7160 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:09:18.0056 7160 Parvdm - ok
11:09:18.0090 7160 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:09:18.0094 7160 PcaSvc - ok
11:09:18.0128 7160 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:09:18.0132 7160 pci - ok
11:09:18.0172 7160 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:09:18.0174 7160 pciide - ok
11:09:18.0202 7160 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:09:18.0207 7160 pcmcia - ok
11:09:18.0271 7160 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:09:18.0290 7160 PEAUTH - ok
11:09:19.0604 7160 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:09:19.0655 7160 pla - ok
11:09:19.0691 7160 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:09:19.0705 7160 PlugPlay - ok
11:09:19.0752 7160 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:09:19.0754 7160 Pml Driver HPZ12 - ok
11:09:19.0839 7160 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:09:19.0845 7160 PNRPAutoReg - ok
11:09:19.0861 7160 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:09:19.0867 7160 PNRPsvc - ok
11:09:19.0909 7160 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:09:19.0918 7160 PolicyAgent - ok
11:09:19.0945 7160 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:09:19.0947 7160 PptpMiniport - ok
11:09:20.0021 7160 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
11:09:20.0024 7160 Processor - ok
11:09:20.0052 7160 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:09:20.0056 7160 ProfSvc - ok
11:09:20.0082 7160 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:09:20.0084 7160 ProtectedStorage - ok
11:09:20.0112 7160 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:09:20.0114 7160 PSched - ok
11:09:20.0137 7160 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:09:20.0139 7160 PxHelp20 - ok
11:09:20.0364 7160 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:09:20.0387 7160 ql2300 - ok
11:09:20.0411 7160 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:09:20.0414 7160 ql40xx - ok
11:09:20.0543 7160 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:09:20.0549 7160 QWAVE - ok
11:09:20.0569 7160 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:09:20.0571 7160 QWAVEdrv - ok
11:09:20.0586 7160 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:09:20.0588 7160 RasAcd - ok
11:09:20.0608 7160 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:09:20.0612 7160 RasAuto - ok
11:09:20.0644 7160 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:09:20.0647 7160 Rasl2tp - ok
11:09:20.0670 7160 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:09:20.0677 7160 RasMan - ok
11:09:20.0710 7160 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:09:20.0712 7160 RasPppoe - ok
11:09:20.0850 7160 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:09:20.0852 7160 RasSstp - ok
11:09:20.0897 7160 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:09:20.0903 7160 rdbss - ok
11:09:20.0934 7160 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:09:20.0936 7160 RDPCDD - ok
11:09:21.0213 7160 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:09:21.0591 7160 rdpdr - ok
11:09:21.0664 7160 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:09:21.0666 7160 RDPENCDD - ok
11:09:21.0796 7160 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:09:21.0802 7160 RDPWD - ok
11:09:21.0936 7160 [ 6987DC1DD7A7159752DFB1F6AABAE062 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:09:21.0960 7160 RegSrvc - ok
11:09:22.0025 7160 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:09:22.0030 7160 RemoteAccess - ok
11:09:22.0070 7160 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:09:22.0075 7160 RemoteRegistry - ok
11:09:22.0129 7160 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
11:09:22.0132 7160 rimmptsk - ok
11:09:22.0155 7160 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
11:09:22.0160 7160 rimsptsk - ok
11:09:22.0247 7160 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
11:09:22.0251 7160 rismxdp - ok
11:09:22.0294 7160 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:09:22.0296 7160 RpcLocator - ok
11:09:22.0405 7160 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:09:22.0411 7160 RpcSs - ok
11:09:22.0432 7160 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:09:22.0438 7160 rspndr - ok
11:09:22.0470 7160 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
11:09:22.0474 7160 RTL8169 - ok
11:09:22.0494 7160 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:09:22.0495 7160 SamSs - ok
11:09:22.0519 7160 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:09:22.0522 7160 sbp2port - ok
11:09:22.0563 7160 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:09:22.0567 7160 SCardSvr - ok
11:09:22.0619 7160 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:09:22.0635 7160 Schedule - ok
11:09:22.0675 7160 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:09:22.0676 7160 SCPolicySvc - ok
11:09:22.0719 7160 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:09:22.0722 7160 sdbus - ok
11:09:22.0763 7160 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:09:22.0768 7160 SDRSVC - ok
11:09:22.0862 7160 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
11:09:22.0867 7160 SeaPort - ok
11:09:22.0971 7160 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:09:22.0974 7160 secdrv - ok
11:09:23.0006 7160 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:09:23.0009 7160 seclogon - ok
11:09:23.0026 7160 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
11:09:23.0029 7160 SENS - ok
11:09:23.0055 7160 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:09:23.0058 7160 Serenum - ok
11:09:23.0077 7160 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:09:23.0080 7160 Serial - ok
11:09:23.0110 7160 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:09:23.0113 7160 sermouse - ok
11:09:23.0291 7160 [ E055C476A234CF2C9113D3F6A004ED6F ] ServicepointService C:\Program Files\Frontier\Servicepoint\ServicepointService.exe
11:09:23.0305 7160 ServicepointService - ok
11:09:24.0106 7160 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:09:24.0111 7160 SessionEnv - ok
11:09:24.0165 7160 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:09:24.0167 7160 sffdisk - ok
11:09:24.0199 7160 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:09:24.0201 7160 sffp_mmc - ok
11:09:24.0231 7160 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:09:24.0233 7160 sffp_sd - ok
11:09:24.0293 7160 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:09:24.0295 7160 sfloppy - ok
11:09:24.0340 7160 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:09:24.0347 7160 SharedAccess - ok
11:09:24.0383 7160 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:09:24.0391 7160 ShellHWDetection - ok
11:09:24.0415 7160 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:09:24.0427 7160 sisagp - ok
11:09:24.0447 7160 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:09:24.0450 7160 SiSRaid2 - ok
11:09:24.0469 7160 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:09:24.0491 7160 SiSRaid4 - ok
11:09:25.0276 7160 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:09:25.0372 7160 slsvc - ok
11:09:25.0430 7160 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:09:25.0434 7160 SLUINotify - ok
11:09:25.0619 7160 [ 3566310DF25EA5C3B2E9F50F5B50EAC1 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
11:09:25.0621 7160 SmartFaceVWatchSrv - ok
11:09:25.0666 7160 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:09:25.0669 7160 Smb - ok
11:09:25.0705 7160 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:09:25.0708 7160 SNMPTRAP - ok
11:09:25.0907 7160 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:09:25.0909 7160 spldr - ok
11:09:25.0967 7160 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:09:25.0972 7160 Spooler - ok
11:09:26.0043 7160 sprtsvc_quickcare - ok
11:09:26.0391 7160 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\NAV\1308000.00E\SRTSP.SYS
11:09:26.0403 7160 SRTSP - ok
11:09:26.0433 7160 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\NAV\1308000.00E\SRTSPX.SYS
11:09:26.0437 7160 SRTSPX - ok
11:09:26.0610 7160 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:09:26.0619 7160 srv - ok
11:09:26.0859 7160 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:09:26.0993 7160 srv2 - ok
11:09:27.0068 7160 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:09:27.0071 7160 srvnet - ok
11:09:27.0119 7160 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:09:27.0125 7160 SSDPSRV - ok
11:09:27.0152 7160 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:09:27.0157 7160 SstpSvc - ok
11:09:27.0204 7160 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:09:27.0207 7160 StillCam - ok
11:09:27.0268 7160 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:09:27.0280 7160 stisvc - ok
11:09:27.0397 7160 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
11:09:27.0406 7160 SupportSoft RemoteAssist - ok
11:09:27.0569 7160 [ 3E4239B92139F7174A0DA7D53FE5E1AB ] SVRPEDRV C:\Windows\System32\sysprep\PEDrv.sys
11:09:27.0570 7160 SVRPEDRV - ok
11:09:27.0621 7160 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:09:27.0623 7160 swenum - ok
11:09:27.0657 7160 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:09:27.0665 7160 swprv - ok
11:09:27.0708 7160 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:09:27.0710 7160 Symc8xx - ok
11:09:27.0770 7160 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\NAV\1308000.00E\SYMDS.SYS
11:09:27.0777 7160 SymDS - ok
11:09:27.0976 7160 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\NAV\1308000.00E\SYMEFA.SYS
11:09:27.0995 7160 SymEFA - ok
11:09:28.0053 7160 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
11:09:28.0058 7160 SymEvent - ok
11:09:28.0096 7160 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\NAV\1308000.00E\Ironx86.SYS
11:09:28.0100 7160 SymIRON - ok
11:09:28.0145 7160 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32\Drivers\NAV\1308000.00E\SYMTDIV.SYS
11:09:28.0153 7160 SYMTDIv - ok
11:09:28.0180 7160 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:09:28.0183 7160 Sym_hi - ok
11:09:28.0213 7160 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:09:28.0215 7160 Sym_u3 - ok
11:09:28.0254 7160 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:09:28.0259 7160 SynTP - ok
11:09:28.0529 7160 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:09:28.0541 7160 SysMain - ok
11:09:28.0583 7160 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:09:28.0587 7160 TabletInputService - ok
11:09:28.0710 7160 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:09:28.0716 7160 TapiSrv - ok
11:09:28.0755 7160 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:09:28.0758 7160 TBS - ok
11:09:28.0823 7160 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:09:28.0840 7160 Tcpip - ok
11:09:28.0860 7160 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:09:28.0866 7160 Tcpip6 - ok
11:09:28.0944 7160 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:09:28.0946 7160 tcpipreg - ok
11:09:29.0234 7160 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:09:29.0236 7160 tdcmdpst - ok
11:09:29.0469 7160 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:09:29.0471 7160 TDPIPE - ok
11:09:29.0486 7160 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:09:29.0488 7160 TDTCP - ok
11:09:29.0520 7160 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:09:29.0523 7160 tdx - ok
11:09:29.0554 7160 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:09:29.0557 7160 TermDD - ok
11:09:29.0847 7160 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:09:29.0880 7160 TermService - ok
11:09:29.0884 7160 tgsrvc_quickcare - ok
11:09:29.0917 7160 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:09:29.0920 7160 Themes - ok
11:09:29.0948 7160 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:09:29.0950 7160 THREADORDER - ok
11:09:30.0320 7160 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:09:30.0322 7160 TMachInfo - ok
11:09:30.0376 7160 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
11:09:30.0380 7160 TNaviSrv - ok
11:09:30.0475 7160 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
11:09:30.0480 7160 TODDSrv - ok
11:09:30.0534 7160 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
11:09:30.0543 7160 TosCoSrv - ok
11:09:30.0674 7160 [ 8E10E654E354CF330ED75882769A0107 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
11:09:30.0678 7160 TOSHIBA Bluetooth Service - ok
11:09:30.0717 7160 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
11:09:30.0722 7160 TOSHIBA SMART Log Service - ok
11:09:30.0773 7160 Tosrfcom - ok
11:09:30.0821 7160 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
11:09:30.0823 7160 tosrfec - ok
11:09:30.0886 7160 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
11:09:30.0893 7160 tos_sps32 - ok
11:09:30.0925 7160 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:09:30.0930 7160 TrkWks - ok
11:09:30.0977 7160 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:09:30.0978 7160 TrustedInstaller - ok
11:09:31.0020 7160 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:09:31.0022 7160 tssecsrv - ok
11:09:31.0130 7160 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:09:31.0132 7160 tunmp - ok
11:09:31.0162 7160 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:09:31.0164 7160 tunnel - ok
11:09:31.0203 7160 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:09:31.0205 7160 TVALZ - ok
11:09:31.0224 7160 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:09:31.0227 7160 uagp35 - ok
11:09:31.0256 7160 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:09:31.0275 7160 udfs - ok
11:09:31.0312 7160 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:09:31.0316 7160 UI0Detect - ok
11:09:31.0389 7160 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
11:09:31.0391 7160 UleadBurningHelper - ok
11:09:31.0501 7160 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:09:31.0504 7160 uliagpkx - ok
11:09:31.0618 7160 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:09:31.0624 7160 uliahci - ok
11:09:31.0645 7160 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:09:31.0649 7160 UlSata - ok
11:09:31.0674 7160 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:09:31.0678 7160 ulsata2 - ok
11:09:31.0705 7160 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:09:31.0707 7160 umbus - ok
11:09:31.0746 7160 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:09:31.0753 7160 upnphost - ok
11:09:31.0813 7160 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:09:31.0817 7160 usbccgp - ok
11:09:31.0992 7160 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:09:32.0314 7160 usbcir - ok
11:09:32.0733 7160 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:09:32.0736 7160 usbehci - ok
11:09:32.0948 7160 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:09:32.0954 7160 usbhub - ok
11:09:32.0996 7160 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:09:32.0999 7160 usbohci - ok
11:09:33.0022 7160 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:09:33.0025 7160 usbprint - ok
11:09:33.0128 7160 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:09:33.0131 7160 usbscan - ok
11:09:33.0192 7160 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:09:33.0195 7160 USBSTOR - ok
11:09:33.0212 7160 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:09:33.0215 7160 usbuhci - ok
11:09:33.0269 7160 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:09:33.0274 7160 usbvideo - ok
11:09:33.0306 7160 [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
11:09:33.0308 7160 UVCFTR - ok
11:09:33.0343 7160 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:09:33.0346 7160 UxSms - ok
11:09:33.0413 7160 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:09:33.0423 7160 vds - ok
11:09:33.0452 7160 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:09:33.0454 7160 vga - ok
11:09:33.0479 7160 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:09:33.0481 7160 VgaSave - ok
11:09:33.0515 7160 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:09:33.0518 7160 viaagp - ok
11:09:33.0549 7160 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:09:33.0578 7160 ViaC7 - ok
11:09:33.0602 7160 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
11:09:33.0604 7160 viaide - ok
11:09:33.0629 7160 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:09:33.0632 7160 volmgr - ok
11:09:33.0775 7160 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:09:33.0782 7160 volmgrx - ok
11:09:33.0808 7160 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:09:33.0814 7160 volsnap - ok
11:09:34.0233 7160 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:09:34.0237 7160 vsmraid - ok
11:09:34.0306 7160 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:09:34.0333 7160 VSS - ok
11:09:34.0425 7160 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:09:34.0435 7160 W32Time - ok
11:09:35.0067 7160 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:09:35.0070 7160 WacomPen - ok
11:09:35.0176 7160 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:09:35.0180 7160 Wanarp - ok
11:09:35.0187 7160 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:09:35.0190 7160 Wanarpv6 - ok
11:09:35.0294 7160 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:09:35.0307 7160 wcncsvc - ok
11:09:35.0337 7160 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:09:35.0342 7160 WcsPlugInService - ok
11:09:35.0380 7160 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:09:35.0384 7160 Wd - ok
11:09:35.0418 7160 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:09:35.0431 7160 Wdf01000 - ok
11:09:35.0463 7160 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:09:35.0468 7160 WdiServiceHost - ok
11:09:35.0473 7160 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:09:35.0479 7160 WdiSystemHost - ok
11:09:35.0520 7160 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:09:35.0526 7160 WebClient - ok
11:09:35.0563 7160 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:09:35.0568 7160 Wecsvc - ok
11:09:35.0597 7160 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:09:35.0601 7160 wercplsupport - ok
11:09:35.0635 7160 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:09:35.0640 7160 WerSvc - ok
11:09:35.0706 7160 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:09:35.0712 7160 WinDefend - ok
11:09:35.0723 7160 WinHttpAutoProxySvc - ok
11:09:35.0770 7160 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:09:35.0774 7160 Winmgmt - ok
11:09:35.0968 7160 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:09:35.0995 7160 WinRM - ok
11:09:36.0078 7160 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:09:36.0091 7160 Wlansvc - ok
11:09:36.0355 7160 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:09:36.0399 7160 wlidsvc - ok
11:09:36.0438 7160 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:09:36.0440 7160 WmiAcpi - ok
11:09:36.0614 7160 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:09:36.0618 7160 wmiApSrv - ok
11:09:36.0737 7160 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:09:36.0756 7160 WMPNetworkSvc - ok
11:09:36.0793 7160 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:09:36.0799 7160 WPCSvc - ok
11:09:36.0832 7160 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:09:36.0836 7160 WPDBusEnum - ok
11:09:36.0891 7160 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:09:36.0894 7160 WpdUsb - ok
11:09:36.0979 7160 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:09:36.0995 7160 WPFFontCache_v0400 - ok
11:09:37.0037 7160 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:09:37.0040 7160 ws2ifsl - ok
11:09:37.0065 7160 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
11:09:37.0069 7160 wscsvc - ok
11:09:37.0141 7160 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:09:37.0211 7160 WSDPrintDevice - ok
11:09:37.0217 7160 WSearch - ok
11:09:37.0349 7160 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:09:37.0389 7160 wuauserv - ok
11:09:37.0489 7160 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:09:37.0492 7160 WUDFRd - ok
11:09:37.0535 7160 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:09:37.0539 7160 wudfsvc - ok
11:09:37.0640 7160 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:09:37.0875 7160 YahooAUService - ok
11:09:37.0910 7160 ================ Scan global ===============================
11:09:37.0942 7160 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:09:38.0143 7160 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:09:38.0165 7160 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:09:38.0234 7160 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:09:38.0242 7160 [Global] - ok
11:09:38.0243 7160 ================ Scan MBR ==================================
11:09:38.0248 7160 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
11:09:38.0249 7160 Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:09:38.0449 7160 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:09:38.0449 7160 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:09:38.0597 7160 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:09:38.0598 7160 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:09:38.0599 7160 ================ Scan VBR ==================================
11:09:38.0611 7160 [ DD3EB6352AA2D14F90EC976F7FA762B4 ] \Device\Harddisk0\DR0\Partition1
11:09:38.0613 7160 \Device\Harddisk0\DR0\Partition1 - ok
11:09:38.0614 7160 ============================================================
11:09:38.0614 7160 Scan finished
11:09:38.0614 7160 ============================================================
11:09:38.0640 7172 Detected object count: 2
11:09:38.0640 7172 Actual detected object count: 2
11:13:14.0164 7172 \Device\Harddisk0\DR0\# - copied to quarantine
11:13:14.0169 7172 \Device\Harddisk0\DR0 - copied to quarantine
11:13:14.0298 7172 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
11:13:14.0320 7172 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
11:13:14.0326 7172 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
11:13:14.0334 7172 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:13:14.0344 7172 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:13:14.0369 7172 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:13:14.0651 7172 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:13:14.0654 7172 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
11:13:14.0671 7172 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
11:13:14.0675 7172 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
11:13:14.0680 7172 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:13:14.0685 7172 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:13:14.0700 7172 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
11:13:14.0703 7172 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
11:13:14.0764 7172 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
11:13:14.0766 7172 \Device\Harddisk0\DR0 - ok
11:13:14.0773 7172 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
11:13:14.0777 7172 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:13:14.0777 7172 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:13:34.0897 6028 Deinitialize success





11:17:02.0783 1836 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:17:03.0282 1836 ============================================================
11:17:03.0282 1836 Current date / time: 2012/08/27 11:17:03.0282
11:17:03.0282 1836 SystemInfo:
11:17:03.0282 1836
11:17:03.0282 1836 OS Version: 6.0.6002 ServicePack: 2.0
11:17:03.0282 1836 Product type: Workstation
11:17:03.0282 1836 ComputerName: ANITA-PC
11:17:03.0282 1836 UserName: Anita
11:17:03.0282 1836 Windows directory: C:\Windows
11:17:03.0282 1836 System windows directory: C:\Windows
11:17:03.0282 1836 Processor architecture: Intel x86
11:17:03.0282 1836 Number of processors: 2
11:17:03.0282 1836 Page size: 0x1000
11:17:03.0282 1836 Boot type: Normal boot
11:17:03.0282 1836 ============================================================
11:17:05.0653 1836 BG loaded
11:17:06.0183 1836 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:17:06.0199 1836 ============================================================
11:17:06.0199 1836 \Device\Harddisk0\DR0:
11:17:06.0199 1836 MBR partitions:
11:17:06.0199 1836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2430F800
11:17:06.0199 1836 ============================================================
11:17:06.0917 1836 C: <-> \Device\Harddisk0\DR0\Partition1
11:17:06.0917 1836 ============================================================
11:17:06.0917 1836 Initialize success
11:17:06.0917 1836 ============================================================
11:20:36.0798 1400 Deinitialize success




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 11:21:05
-----------------------------
11:21:05.904 OS Version: Windows 6.0.6002 Service Pack 2
11:21:05.904 Number of processors: 2 586 0x170A
11:21:05.904 ComputerName: ANITA-PC UserName: Anita
11:21:15.108 Initialize success
11:22:05.020 AVAST engine defs: 12082700
11:22:34.879 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:22:34.879 Disk 0 Vendor: TOSHIBA_MK3252GSX LV010M Size: 305245MB BusType: 3
11:22:35.144 Disk 0 MBR read successfully
11:22:35.144 Disk 0 MBR scan
11:22:35.144 Disk 0 Windows VISTA default MBR code
11:22:35.175 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
11:22:35.347 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 296479 MB offset 3074048
11:22:35.627 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 7265 MB offset 610263040
11:22:35.674 Disk 0 scanning sectors +625141760
11:22:35.877 Disk 0 scanning C:\Windows\system32\drivers
11:23:05.860 Service scanning
11:24:07.120 Modules scanning
11:25:03.530 Disk 0 trace - called modules:
11:25:04.060 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
11:25:04.060 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87e46ac8]
11:25:04.060 3 CLASSPNP.SYS[8c1108b3] -> nt!IofCallDriver -> [0x8743e918]
11:25:04.076 5 acpi.sys[806936bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x874128d8]
11:25:05.542 AVAST engine scan C:\Windows
11:25:10.831 AVAST engine scan C:\Windows\system32
11:28:49.636 AVAST engine scan C:\Windows\system32\drivers
11:29:04.176 AVAST engine scan C:\Users\Anita
11:37:03.236 AVAST engine scan C:\ProgramData
11:43:27.800 Scan finished successfully
11:59:35.936 Disk 0 MBR has been saved successfully to "C:\Users\Anita\Desktop\MBR.dat"
11:59:35.936 The log file has been saved successfully to "C:\Users\Anita\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 27 August 2012 - 12:08 PM

Thanks for your help. I guess I did have a rootkit after all. TDSS killer had me reboot once. Here are the logs. I did not include the ESET log since it already came up clean yesterday. Did you want me to re-run it now?


Not needed,i believe you :P

Please run TDSSkiller once again and post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 cart0181

cart0181
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 27 August 2012 - 05:39 PM

Thanks again for all your help. I did everything you said. I will post all 5 logs below:

12:11:55.0268 0544 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:11:55.0674 0544 ============================================================
12:11:55.0674 0544 Current date / time: 2012/08/27 12:11:55.0674
12:11:55.0674 0544 SystemInfo:
12:11:55.0674 0544
12:11:55.0674 0544 OS Version: 6.0.6002 ServicePack: 2.0
12:11:55.0674 0544 Product type: Workstation
12:11:55.0674 0544 ComputerName: ANITA-PC
12:11:55.0674 0544 UserName: Anita
12:11:55.0674 0544 Windows directory: C:\Windows
12:11:55.0674 0544 System windows directory: C:\Windows
12:11:55.0674 0544 Processor architecture: Intel x86
12:11:55.0674 0544 Number of processors: 2
12:11:55.0674 0544 Page size: 0x1000
12:11:55.0674 0544 Boot type: Normal boot
12:11:55.0674 0544 ============================================================
12:11:57.0265 0544 BG loaded
12:11:57.0608 0544 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:11:57.0640 0544 ============================================================
12:11:57.0640 0544 \Device\Harddisk0\DR0:
12:11:57.0640 0544 MBR partitions:
12:11:57.0640 0544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2430F800
12:11:57.0640 0544 ============================================================
12:11:57.0764 0544 C: <-> \Device\Harddisk0\DR0\Partition1
12:11:57.0764 0544 ============================================================
12:11:57.0764 0544 Initialize success
12:11:57.0764 0544 ============================================================
12:12:22.0210 4400 ============================================================
12:12:22.0210 4400 Scan started
12:12:22.0210 4400 Mode: Manual; TDLFS;
12:12:22.0210 4400 ============================================================
12:12:22.0506 4400 ================ Scan system memory ========================
12:12:22.0506 4400 System memory - ok
12:12:22.0506 4400 ================ Scan services =============================
12:12:22.0818 4400 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:12:22.0818 4400 ACPI - ok
12:12:22.0927 4400 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:12:22.0927 4400 AdobeARMservice - ok
12:12:23.0036 4400 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:12:23.0068 4400 AdobeFlashPlayerUpdateSvc - ok
12:12:23.0146 4400 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:12:23.0177 4400 adp94xx - ok
12:12:23.0224 4400 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:12:23.0224 4400 adpahci - ok
12:12:23.0255 4400 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:12:23.0255 4400 adpu160m - ok
12:12:23.0286 4400 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:12:23.0302 4400 adpu320 - ok
12:12:23.0348 4400 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:12:23.0348 4400 AeLookupSvc - ok
12:12:23.0411 4400 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:12:23.0411 4400 AFD - ok
12:12:23.0458 4400 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:12:23.0458 4400 AgereModemAudio - ok
12:12:23.0536 4400 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:12:23.0551 4400 AgereSoftModem - ok
12:12:23.0598 4400 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:12:23.0598 4400 agp440 - ok
12:12:23.0645 4400 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:12:23.0676 4400 aic78xx - ok
12:12:23.0707 4400 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:12:23.0707 4400 ALG - ok
12:12:23.0723 4400 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
12:12:23.0723 4400 aliide - ok
12:12:23.0754 4400 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:12:23.0754 4400 amdagp - ok
12:12:23.0770 4400 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
12:12:23.0785 4400 amdide - ok
12:12:23.0816 4400 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:12:23.0816 4400 AmdK7 - ok
12:12:23.0832 4400 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:12:23.0848 4400 AmdK8 - ok
12:12:23.0910 4400 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:12:23.0910 4400 Appinfo - ok
12:12:23.0926 4400 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
12:12:23.0957 4400 arc - ok
12:12:23.0988 4400 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:12:23.0988 4400 arcsas - ok
12:12:24.0269 4400 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:12:24.0284 4400 aspnet_state - ok
12:12:24.0347 4400 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:12:24.0347 4400 AsyncMac - ok
12:12:24.0378 4400 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
12:12:24.0378 4400 atapi - ok
12:12:24.0440 4400 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:12:24.0440 4400 AudioEndpointBuilder - ok
12:12:24.0456 4400 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:12:24.0456 4400 Audiosrv - ok
12:12:24.0550 4400 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
12:12:24.0550 4400 BBSvc - ok
12:12:24.0596 4400 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:12:24.0596 4400 Beep - ok
12:12:24.0659 4400 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:12:24.0659 4400 BFE - ok
12:12:24.0924 4400 [ 080BE9BAD2B41B8D91A4BC96C092AA9E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20120823.005\BHDrvx86.sys
12:12:24.0940 4400 BHDrvx86 - ok
12:12:25.0002 4400 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:12:25.0018 4400 BITS - ok
12:12:25.0049 4400 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:12:25.0049 4400 blbdrive - ok
12:12:25.0064 4400 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:12:25.0080 4400 bowser - ok
12:12:25.0111 4400 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:12:25.0111 4400 BrFiltLo - ok
12:12:25.0127 4400 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:12:25.0127 4400 BrFiltUp - ok
12:12:25.0205 4400 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:12:25.0205 4400 Browser - ok
12:12:25.0236 4400 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:12:25.0236 4400 Brserid - ok
12:12:25.0252 4400 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:12:25.0252 4400 BrSerWdm - ok
12:12:25.0267 4400 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:12:25.0267 4400 BrUsbMdm - ok
12:12:25.0283 4400 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:12:25.0283 4400 BrUsbSer - ok
12:12:25.0314 4400 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:12:25.0314 4400 BTHMODEM - ok
12:12:25.0423 4400 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NAV C:\Windows\system32\drivers\NAV\1308000.00E\ccSetx86.sys
12:12:25.0423 4400 ccSet_NAV - ok
12:12:25.0470 4400 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:12:25.0470 4400 cdfs - ok
12:12:25.0501 4400 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:12:25.0501 4400 cdrom - ok
12:12:25.0564 4400 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:12:25.0564 4400 CertPropSvc - ok
12:12:25.0595 4400 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
12:12:25.0595 4400 circlass - ok
12:12:25.0642 4400 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:12:25.0642 4400 CLFS - ok
12:12:25.0688 4400 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:12:25.0688 4400 clr_optimization_v2.0.50727_32 - ok
12:12:25.0735 4400 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:12:25.0766 4400 clr_optimization_v4.0.30319_32 - ok
12:12:25.0813 4400 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:12:25.0813 4400 CmBatt - ok
12:12:25.0844 4400 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:12:25.0844 4400 cmdide - ok
12:12:25.0860 4400 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:12:25.0860 4400 Compbatt - ok
12:12:25.0860 4400 COMSysApp - ok
12:12:25.0938 4400 [ C508B28B9DA7563634A2A2B2EEF4395D ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
12:12:25.0938 4400 ConfigFree Service - ok
12:12:25.0938 4400 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:12:25.0938 4400 crcdisk - ok
12:12:25.0954 4400 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:12:25.0969 4400 Crusoe - ok
12:12:26.0032 4400 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:12:26.0032 4400 CryptSvc - ok
12:12:26.0094 4400 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:12:26.0094 4400 DcomLaunch - ok
12:12:26.0110 4400 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:12:26.0110 4400 DfsC - ok
12:12:26.0203 4400 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:12:26.0219 4400 DFSR - ok
12:12:26.0281 4400 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:12:26.0281 4400 Dhcp - ok
12:12:26.0390 4400 [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr C:\Program Files\GNU\GnuPG\dirmngr.exe
12:12:26.0390 4400 DirMngr - ok
12:12:26.0453 4400 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:12:26.0453 4400 disk - ok
12:12:26.0531 4400 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:12:26.0531 4400 Dnscache - ok
12:12:26.0578 4400 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:12:26.0578 4400 dot3svc - ok
12:12:26.0624 4400 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:12:26.0624 4400 Dot4 - ok
12:12:26.0640 4400 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:12:26.0640 4400 Dot4Print - ok
12:12:26.0702 4400 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:12:26.0702 4400 dot4usb - ok
12:12:26.0734 4400 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:12:26.0734 4400 DPS - ok
12:12:26.0796 4400 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:12:26.0812 4400 drmkaud - ok
12:12:26.0843 4400 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:12:26.0858 4400 DXGKrnl - ok
12:12:26.0874 4400 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:12:26.0874 4400 E1G60 - ok
12:12:26.0921 4400 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:12:26.0921 4400 EapHost - ok
12:12:26.0968 4400 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:12:26.0968 4400 Ecache - ok
12:12:27.0092 4400 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:12:27.0092 4400 eeCtrl - ok
12:12:27.0202 4400 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:12:27.0202 4400 ehRecvr - ok
12:12:27.0233 4400 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
12:12:27.0233 4400 ehSched - ok
12:12:27.0248 4400 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
12:12:27.0248 4400 ehstart - ok
12:12:27.0311 4400 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:12:27.0326 4400 elxstor - ok
12:12:27.0358 4400 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:12:27.0373 4400 EMDMgmt - ok
12:12:27.0420 4400 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:12:27.0420 4400 EraserUtilRebootDrv - ok
12:12:27.0451 4400 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:12:27.0467 4400 ErrDev - ok
12:12:27.0545 4400 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:12:27.0545 4400 EventSystem - ok
12:12:27.0685 4400 [ 9D6A019DEA917F305AF23209FEDD5F16 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:12:27.0701 4400 EvtEng - ok
12:12:27.0748 4400 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:12:27.0748 4400 exfat - ok
12:12:27.0779 4400 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:12:27.0794 4400 fastfat - ok
12:12:27.0826 4400 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:12:27.0826 4400 fdc - ok
12:12:27.0857 4400 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:12:27.0857 4400 fdPHost - ok
12:12:27.0872 4400 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:12:27.0888 4400 FDResPub - ok
12:12:27.0935 4400 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:12:27.0935 4400 FileInfo - ok
12:12:27.0950 4400 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:12:27.0950 4400 Filetrace - ok
12:12:27.0966 4400 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:12:27.0966 4400 flpydisk - ok
12:12:27.0997 4400 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:12:27.0997 4400 FltMgr - ok
12:12:28.0075 4400 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:12:28.0091 4400 FontCache - ok
12:12:28.0153 4400 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:12:28.0153 4400 FontCache3.0.0.0 - ok
12:12:28.0200 4400 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:12:28.0200 4400 Fs_Rec - ok
12:12:28.0247 4400 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
12:12:28.0247 4400 FwLnk - ok
12:12:28.0278 4400 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:12:28.0278 4400 gagp30kx - ok
12:12:28.0340 4400 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
12:12:28.0340 4400 GamesAppService - ok
12:12:28.0465 4400 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:12:28.0465 4400 gpsvc - ok
12:12:28.0559 4400 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:12:28.0559 4400 gupdate - ok
12:12:28.0559 4400 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:12:28.0559 4400 gupdatem - ok
12:12:28.0606 4400 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:12:28.0606 4400 gusvc - ok
12:12:28.0652 4400 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:12:28.0652 4400 HdAudAddService - ok
12:12:28.0699 4400 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:12:28.0715 4400 HDAudBus - ok
12:12:28.0715 4400 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:12:28.0730 4400 HidBth - ok
12:12:28.0746 4400 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:12:28.0746 4400 HidIr - ok
12:12:28.0793 4400 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:12:28.0793 4400 hidserv - ok
12:12:28.0840 4400 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:12:28.0840 4400 HidUsb - ok
12:12:28.0886 4400 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:12:28.0886 4400 hkmsvc - ok
12:12:28.0933 4400 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:12:28.0933 4400 HpCISSs - ok
12:12:29.0089 4400 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:12:29.0089 4400 hpqcxs08 - ok
12:12:29.0120 4400 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:12:29.0136 4400 hpqddsvc - ok
12:12:29.0198 4400 [ 9D23402D305869844BC6004A05CC74BA ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
12:12:29.0214 4400 HPSLPSVC - ok
12:12:29.0261 4400 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:12:29.0276 4400 HTTP - ok
12:12:29.0308 4400 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:12:29.0308 4400 i2omp - ok
12:12:29.0354 4400 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:12:29.0354 4400 i8042prt - ok
12:12:29.0401 4400 iaStor - ok
12:12:29.0417 4400 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:12:29.0432 4400 iaStorV - ok
12:12:29.0495 4400 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:12:29.0495 4400 IDriverT - ok
12:12:29.0729 4400 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:12:29.0791 4400 idsvc - ok
12:12:29.0900 4400 [ D0A4C9031B57295D6B1078E3CFA45DB4 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20120824.001\IDSvix86.sys
12:12:29.0900 4400 IDSVix86 - ok
12:12:30.0602 4400 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:12:30.0665 4400 igfx - ok
12:12:30.0696 4400 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:12:30.0696 4400 iirsp - ok
12:12:30.0743 4400 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:12:30.0743 4400 IKEEXT - ok
12:12:30.0868 4400 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:12:30.0914 4400 IntcAzAudAddService - ok
12:12:30.0961 4400 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:12:30.0961 4400 intelide - ok
12:12:31.0024 4400 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:12:31.0024 4400 intelppm - ok
12:12:31.0070 4400 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:12:31.0086 4400 IPBusEnum - ok
12:12:31.0102 4400 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:12:31.0102 4400 IpFilterDriver - ok
12:12:31.0148 4400 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:12:31.0148 4400 iphlpsvc - ok
12:12:31.0148 4400 IpInIp - ok
12:12:31.0180 4400 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:12:31.0180 4400 IPMIDRV - ok
12:12:31.0211 4400 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:12:31.0226 4400 IPNAT - ok
12:12:31.0226 4400 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:12:31.0226 4400 IRENUM - ok
12:12:31.0258 4400 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:12:31.0258 4400 isapnp - ok
12:12:31.0304 4400 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:12:31.0304 4400 iScsiPrt - ok
12:12:31.0336 4400 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:12:31.0336 4400 iteatapi - ok
12:12:31.0351 4400 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:12:31.0351 4400 iteraid - ok
12:12:31.0367 4400 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:12:31.0367 4400 kbdclass - ok
12:12:31.0398 4400 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:12:31.0398 4400 kbdhid - ok
12:12:31.0460 4400 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:12:31.0460 4400 KeyIso - ok
12:12:31.0585 4400 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
12:12:31.0585 4400 KR10I - ok
12:12:31.0616 4400 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
12:12:31.0616 4400 KR10N - ok
12:12:31.0694 4400 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:12:31.0710 4400 KSecDD - ok
12:12:31.0741 4400 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:12:31.0741 4400 KtmRm - ok
12:12:31.0772 4400 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:12:31.0772 4400 LanmanServer - ok
12:12:31.0819 4400 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:12:31.0835 4400 LanmanWorkstation - ok
12:12:31.0866 4400 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:12:31.0866 4400 lltdio - ok
12:12:31.0897 4400 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:12:31.0913 4400 lltdsvc - ok
12:12:31.0928 4400 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:12:31.0928 4400 lmhosts - ok
12:12:31.0944 4400 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:12:31.0944 4400 LSI_FC - ok
12:12:31.0960 4400 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:12:31.0975 4400 LSI_SAS - ok
12:12:31.0991 4400 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:12:31.0991 4400 LSI_SCSI - ok
12:12:32.0006 4400 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:12:32.0022 4400 luafv - ok
12:12:32.0053 4400 [ FB097BBC1A18F044BD17BD2FCCF97865 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:12:32.0053 4400 MBAMProtector - ok
12:12:32.0178 4400 [ BA400ED640BCA1EAE5C727AE17C10207 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:12:32.0178 4400 MBAMService - ok
12:12:32.0209 4400 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:12:32.0209 4400 Mcx2Svc - ok
12:12:32.0240 4400 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
12:12:32.0240 4400 megasas - ok
12:12:32.0287 4400 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:12:32.0287 4400 MegaSR - ok
12:12:32.0303 4400 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:12:32.0303 4400 MMCSS - ok
12:12:32.0334 4400 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:12:32.0334 4400 Modem - ok
12:12:32.0365 4400 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:12:32.0365 4400 monitor - ok
12:12:32.0381 4400 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:12:32.0381 4400 mouclass - ok
12:12:32.0428 4400 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:12:32.0428 4400 mouhid - ok
12:12:32.0459 4400 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:12:32.0459 4400 MountMgr - ok
12:12:32.0584 4400 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:12:32.0584 4400 MozillaMaintenance - ok
12:12:32.0630 4400 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
12:12:32.0646 4400 mpio - ok
12:12:32.0818 4400 MpKsl92af3f9f - ok
12:12:32.0849 4400 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:12:32.0849 4400 mpsdrv - ok
12:12:32.0880 4400 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:12:32.0896 4400 MpsSvc - ok
12:12:32.0911 4400 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:12:32.0911 4400 Mraid35x - ok
12:12:32.0942 4400 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:12:32.0942 4400 MRxDAV - ok
12:12:32.0958 4400 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:12:32.0958 4400 mrxsmb - ok
12:12:33.0020 4400 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:12:33.0020 4400 mrxsmb10 - ok
12:12:33.0020 4400 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:12:33.0036 4400 mrxsmb20 - ok
12:12:33.0083 4400 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
12:12:33.0083 4400 msahci - ok
12:12:33.0114 4400 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:12:33.0114 4400 msdsm - ok
12:12:33.0130 4400 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:12:33.0130 4400 MSDTC - ok
12:12:33.0145 4400 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:12:33.0161 4400 Msfs - ok
12:12:33.0208 4400 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:12:33.0208 4400 msisadrv - ok
12:12:33.0239 4400 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:12:33.0239 4400 MSiSCSI - ok
12:12:33.0239 4400 msiserver - ok
12:12:33.0286 4400 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:12:33.0286 4400 MSKSSRV - ok
12:12:33.0301 4400 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:12:33.0317 4400 MSPCLOCK - ok
12:12:33.0317 4400 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:12:33.0317 4400 MSPQM - ok
12:12:33.0348 4400 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:12:33.0348 4400 MsRPC - ok
12:12:33.0379 4400 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:12:33.0395 4400 mssmbios - ok
12:12:33.0410 4400 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:12:33.0410 4400 MSTEE - ok
12:12:33.0426 4400 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:12:33.0426 4400 Mup - ok
12:12:33.0473 4400 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:12:33.0473 4400 napagent - ok
12:12:33.0520 4400 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:12:33.0520 4400 NativeWifiP - ok
12:12:33.0644 4400 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
12:12:33.0644 4400 NAV - ok
12:12:33.0754 4400 [ FA0B7D801E71CE79B915BAE5A90DE224 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20120827.001\NAVENG.SYS
12:12:33.0769 4400 NAVENG - ok
12:12:33.0816 4400 [ 80BB71A7D14CF14B54514A201BF5B985 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20120827.001\NAVEX15.SYS
12:12:33.0847 4400 NAVEX15 - ok
12:12:33.0910 4400 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:12:33.0910 4400 NDIS - ok
12:12:33.0941 4400 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:12:33.0941 4400 NdisTapi - ok
12:12:33.0972 4400 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:12:33.0972 4400 Ndisuio - ok
12:12:34.0066 4400 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:12:34.0066 4400 NdisWan - ok
12:12:34.0081 4400 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:12:34.0097 4400 NDProxy - ok
12:12:34.0144 4400 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:12:34.0144 4400 Net Driver HPZ12 - ok
12:12:34.0175 4400 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:12:34.0175 4400 NetBIOS - ok
12:12:34.0237 4400 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:12:34.0237 4400 netbt - ok
12:12:34.0253 4400 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:12:34.0253 4400 Netlogon - ok
12:12:34.0284 4400 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:12:34.0300 4400 Netman - ok
12:12:34.0331 4400 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:34.0362 4400 NetMsmqActivator - ok
12:12:34.0378 4400 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:34.0378 4400 NetPipeActivator - ok
12:12:34.0393 4400 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:12:34.0409 4400 netprofm - ok
12:12:34.0409 4400 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:34.0409 4400 NetTcpActivator - ok
12:12:34.0424 4400 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:12:34.0424 4400 NetTcpPortSharing - ok
12:12:34.0440 4400 NETw5v32 - ok
12:12:34.0690 4400 [ 383712AEC962B72BF6D368A4A64CFE09 ] NETwNv32 C:\Windows\system32\DRIVERS\NETwNv32.sys
12:12:34.0861 4400 NETwNv32 - ok
12:12:34.0924 4400 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:12:34.0924 4400 nfrd960 - ok
12:12:34.0970 4400 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:12:34.0970 4400 NlaSvc - ok
12:12:35.0002 4400 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:12:35.0002 4400 Npfs - ok
12:12:35.0017 4400 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:12:35.0017 4400 nsi - ok
12:12:35.0033 4400 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:12:35.0033 4400 nsiproxy - ok
12:12:35.0095 4400 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:12:35.0111 4400 Ntfs - ok
12:12:35.0142 4400 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:12:35.0142 4400 ntrigdigi - ok
12:12:35.0158 4400 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:12:35.0158 4400 Null - ok
12:12:35.0189 4400 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:12:35.0189 4400 nvraid - ok
12:12:35.0204 4400 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:12:35.0204 4400 nvstor - ok
12:12:35.0236 4400 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:12:35.0236 4400 nv_agp - ok
12:12:35.0236 4400 NwlnkFlt - ok
12:12:35.0251 4400 NwlnkFwd - ok
12:12:35.0360 4400 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:12:35.0360 4400 odserv - ok
12:12:35.0407 4400 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:12:35.0407 4400 ohci1394 - ok
12:12:35.0438 4400 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:12:35.0438 4400 ose - ok
12:12:35.0485 4400 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:12:35.0485 4400 p2pimsvc - ok
12:12:35.0501 4400 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:12:35.0516 4400 p2psvc - ok
12:12:35.0532 4400 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:12:35.0548 4400 Parport - ok
12:12:35.0594 4400 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:12:35.0594 4400 partmgr - ok
12:12:35.0610 4400 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:12:35.0610 4400 Parvdm - ok
12:12:35.0641 4400 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:12:35.0641 4400 PcaSvc - ok
12:12:35.0704 4400 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:12:35.0704 4400 pci - ok
12:12:35.0750 4400 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
12:12:35.0750 4400 pciide - ok
12:12:35.0813 4400 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:12:35.0813 4400 pcmcia - ok
12:12:35.0875 4400 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:12:35.0891 4400 PEAUTH - ok
12:12:35.0969 4400 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:12:35.0984 4400 pla - ok
12:12:36.0031 4400 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:12:36.0031 4400 PlugPlay - ok
12:12:36.0062 4400 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:12:36.0078 4400 Pml Driver HPZ12 - ok
12:12:36.0109 4400 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:12:36.0109 4400 PNRPAutoReg - ok
12:12:36.0140 4400 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:12:36.0140 4400 PNRPsvc - ok
12:12:36.0172 4400 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:12:36.0172 4400 PolicyAgent - ok
12:12:36.0203 4400 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:12:36.0203 4400 PptpMiniport - ok
12:12:36.0234 4400 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
12:12:36.0234 4400 Processor - ok
12:12:36.0265 4400 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:12:36.0265 4400 ProfSvc - ok
12:12:36.0281 4400 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:12:36.0281 4400 ProtectedStorage - ok
12:12:36.0312 4400 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:12:36.0312 4400 PSched - ok
12:12:36.0328 4400 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:12:36.0328 4400 PxHelp20 - ok
12:12:36.0390 4400 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:12:36.0406 4400 ql2300 - ok
12:12:36.0437 4400 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:12:36.0437 4400 ql40xx - ok
12:12:36.0484 4400 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:12:36.0484 4400 QWAVE - ok
12:12:36.0515 4400 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:12:36.0515 4400 QWAVEdrv - ok
12:12:36.0530 4400 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:12:36.0530 4400 RasAcd - ok
12:12:36.0546 4400 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:12:36.0546 4400 RasAuto - ok
12:12:36.0577 4400 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:12:36.0593 4400 Rasl2tp - ok
12:12:36.0624 4400 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:12:36.0624 4400 RasMan - ok
12:12:36.0655 4400 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:12:36.0655 4400 RasPppoe - ok
12:12:36.0686 4400 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:12:36.0686 4400 RasSstp - ok
12:12:36.0733 4400 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:12:36.0733 4400 rdbss - ok
12:12:36.0749 4400 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:12:36.0749 4400 RDPCDD - ok
12:12:36.0780 4400 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:12:36.0780 4400 rdpdr - ok
12:12:36.0796 4400 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:12:36.0796 4400 RDPENCDD - ok
12:12:36.0827 4400 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:12:36.0827 4400 RDPWD - ok
12:12:36.0905 4400 [ 6987DC1DD7A7159752DFB1F6AABAE062 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:12:36.0905 4400 RegSrvc - ok
12:12:36.0952 4400 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:12:36.0952 4400 RemoteAccess - ok
12:12:37.0061 4400 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:12:37.0061 4400 RemoteRegistry - ok
12:12:37.0108 4400 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
12:12:37.0123 4400 rimmptsk - ok
12:12:37.0123 4400 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
12:12:37.0123 4400 rimsptsk - ok
12:12:37.0139 4400 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
12:12:37.0139 4400 rismxdp - ok
12:12:37.0170 4400 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:12:37.0170 4400 RpcLocator - ok
12:12:37.0217 4400 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:12:37.0217 4400 RpcSs - ok
12:12:37.0232 4400 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:12:37.0232 4400 rspndr - ok
12:12:37.0248 4400 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
12:12:37.0264 4400 RTL8169 - ok
12:12:37.0279 4400 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:12:37.0279 4400 SamSs - ok
12:12:37.0310 4400 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:12:37.0310 4400 sbp2port - ok
12:12:37.0342 4400 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:12:37.0342 4400 SCardSvr - ok
12:12:37.0388 4400 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:12:37.0388 4400 Schedule - ok
12:12:37.0420 4400 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:12:37.0420 4400 SCPolicySvc - ok
12:12:37.0466 4400 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:12:37.0466 4400 sdbus - ok
12:12:37.0498 4400 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:12:37.0513 4400 SDRSVC - ok
12:12:37.0607 4400 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
12:12:37.0607 4400 SeaPort - ok
12:12:37.0638 4400 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:12:37.0638 4400 secdrv - ok
12:12:37.0669 4400 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:12:37.0669 4400 seclogon - ok
12:12:37.0700 4400 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:12:37.0700 4400 SENS - ok
12:12:37.0716 4400 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:12:37.0716 4400 Serenum - ok
12:12:37.0732 4400 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
12:12:37.0747 4400 Serial - ok
12:12:37.0763 4400 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:12:37.0763 4400 sermouse - ok
12:12:37.0825 4400 [ E055C476A234CF2C9113D3F6A004ED6F ] ServicepointService C:\Program Files\Frontier\Servicepoint\ServicepointService.exe
12:12:37.0841 4400 ServicepointService - ok
12:12:37.0872 4400 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:12:37.0872 4400 SessionEnv - ok
12:12:37.0934 4400 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
12:12:37.0934 4400 sffdisk - ok
12:12:37.0950 4400 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:12:37.0950 4400 sffp_mmc - ok
12:12:37.0950 4400 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
12:12:37.0966 4400 sffp_sd - ok
12:12:37.0981 4400 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:12:37.0997 4400 sfloppy - ok
12:12:38.0028 4400 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:12:38.0044 4400 SharedAccess - ok
12:12:38.0106 4400 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:12:38.0122 4400 ShellHWDetection - ok
12:12:38.0153 4400 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:12:38.0153 4400 sisagp - ok
12:12:38.0231 4400 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:12:38.0231 4400 SiSRaid2 - ok
12:12:38.0278 4400 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:12:38.0324 4400 SiSRaid4 - ok
12:12:38.0730 4400 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:12:38.0839 4400 slsvc - ok
12:12:38.0870 4400 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:12:38.0870 4400 SLUINotify - ok
12:12:38.0980 4400 [ 3566310DF25EA5C3B2E9F50F5B50EAC1 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
12:12:38.0980 4400 SmartFaceVWatchSrv - ok
12:12:39.0011 4400 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:12:39.0026 4400 Smb - ok
12:12:39.0058 4400 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:12:39.0058 4400 SNMPTRAP - ok
12:12:39.0120 4400 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:12:39.0120 4400 spldr - ok
12:12:39.0167 4400 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:12:39.0167 4400 Spooler - ok
12:12:39.0245 4400 sprtsvc_quickcare - ok
12:12:39.0791 4400 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\NAV\1308000.00E\SRTSP.SYS
12:12:39.0806 4400 SRTSP - ok
12:12:39.0838 4400 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\NAV\1308000.00E\SRTSPX.SYS
12:12:39.0838 4400 SRTSPX - ok
12:12:39.0900 4400 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:12:39.0900 4400 srv - ok
12:12:39.0994 4400 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:12:39.0994 4400 srv2 - ok
12:12:40.0025 4400 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:12:40.0025 4400 srvnet - ok
12:12:40.0056 4400 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:12:40.0056 4400 SSDPSRV - ok
12:12:40.0118 4400 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:12:40.0134 4400 SstpSvc - ok
12:12:40.0165 4400 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:12:40.0165 4400 StillCam - ok
12:12:40.0228 4400 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:12:40.0243 4400 stisvc - ok
12:12:40.0493 4400 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
12:12:40.0555 4400 SupportSoft RemoteAssist - ok
12:12:40.0633 4400 [ 3E4239B92139F7174A0DA7D53FE5E1AB ] SVRPEDRV C:\Windows\System32\sysprep\PEDrv.sys
12:12:40.0633 4400 SVRPEDRV - ok
12:12:40.0758 4400 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:12:40.0758 4400 swenum - ok
12:12:40.0883 4400 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:12:40.0898 4400 swprv - ok
12:12:40.0961 4400 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:12:40.0992 4400 Symc8xx - ok
12:12:41.0070 4400 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\NAV\1308000.00E\SYMDS.SYS
12:12:41.0070 4400 SymDS - ok
12:12:41.0117 4400 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\NAV\1308000.00E\SYMEFA.SYS
12:12:41.0132 4400 SymEFA - ok
12:12:41.0179 4400 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:12:41.0179 4400 SymEvent - ok
12:12:41.0226 4400 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\NAV\1308000.00E\Ironx86.SYS
12:12:41.0226 4400 SymIRON - ok
12:12:41.0257 4400 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32\Drivers\NAV\1308000.00E\SYMTDIV.SYS
12:12:41.0257 4400 SYMTDIv - ok
12:12:41.0288 4400 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:12:41.0288 4400 Sym_hi - ok
12:12:41.0304 4400 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:12:41.0304 4400 Sym_u3 - ok
12:12:41.0351 4400 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:12:41.0351 4400 SynTP - ok
12:12:41.0398 4400 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:12:41.0398 4400 SysMain - ok
12:12:41.0429 4400 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:12:41.0444 4400 TabletInputService - ok
12:12:41.0632 4400 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:12:41.0632 4400 TapiSrv - ok
12:12:41.0663 4400 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:12:41.0663 4400 TBS - ok
12:12:41.0834 4400 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:12:41.0850 4400 Tcpip - ok
12:12:41.0866 4400 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:12:41.0866 4400 Tcpip6 - ok
12:12:41.0912 4400 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:12:41.0912 4400 tcpipreg - ok
12:12:41.0959 4400 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:12:41.0959 4400 tdcmdpst - ok
12:12:42.0084 4400 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:12:42.0084 4400 TDPIPE - ok
12:12:42.0131 4400 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:12:42.0131 4400 TDTCP - ok
12:12:42.0178 4400 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:12:42.0178 4400 tdx - ok
12:12:42.0209 4400 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:12:42.0224 4400 TermDD - ok
12:12:42.0240 4400 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:12:42.0256 4400 TermService - ok
12:12:42.0256 4400 tgsrvc_quickcare - ok
12:12:42.0271 4400 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:12:42.0287 4400 Themes - ok
12:12:42.0302 4400 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:12:42.0302 4400 THREADORDER - ok
12:12:42.0396 4400 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
12:12:42.0396 4400 TMachInfo - ok
12:12:42.0521 4400 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
12:12:42.0521 4400 TNaviSrv - ok
12:12:42.0599 4400 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
12:12:42.0599 4400 TODDSrv - ok
12:12:42.0646 4400 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
12:12:42.0661 4400 TosCoSrv - ok
12:12:42.0724 4400 [ 8E10E654E354CF330ED75882769A0107 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
12:12:42.0724 4400 TOSHIBA Bluetooth Service - ok
12:12:42.0739 4400 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
12:12:42.0755 4400 TOSHIBA SMART Log Service - ok
12:12:42.0786 4400 Tosrfcom - ok
12:12:42.0817 4400 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
12:12:42.0817 4400 tosrfec - ok
12:12:42.0864 4400 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
12:12:42.0864 4400 tos_sps32 - ok
12:12:42.0895 4400 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:12:42.0895 4400 TrkWks - ok
12:12:42.0973 4400 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:12:42.0973 4400 TrustedInstaller - ok
12:12:43.0020 4400 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:12:43.0036 4400 tssecsrv - ok
12:12:43.0082 4400 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:12:43.0082 4400 tunmp - ok
12:12:43.0207 4400 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:12:43.0207 4400 tunnel - ok
12:12:43.0270 4400 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:12:43.0270 4400 TVALZ - ok
12:12:43.0316 4400 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:12:43.0316 4400 uagp35 - ok
12:12:43.0441 4400 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:12:43.0472 4400 udfs - ok
12:12:43.0504 4400 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:12:43.0504 4400 UI0Detect - ok
12:12:43.0660 4400 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
12:12:43.0660 4400 UleadBurningHelper - ok
12:12:43.0800 4400 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:12:43.0800 4400 uliagpkx - ok
12:12:43.0862 4400 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:12:43.0862 4400 uliahci - ok
12:12:43.0878 4400 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:12:43.0894 4400 UlSata - ok
12:12:43.0909 4400 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:12:43.0909 4400 ulsata2 - ok
12:12:43.0940 4400 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:12:43.0940 4400 umbus - ok
12:12:43.0972 4400 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:12:43.0987 4400 upnphost - ok
12:12:44.0034 4400 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:12:44.0034 4400 usbccgp - ok
12:12:44.0096 4400 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:12:44.0128 4400 usbcir - ok
12:12:44.0190 4400 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:12:44.0190 4400 usbehci - ok
12:12:44.0237 4400 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:12:44.0237 4400 usbhub - ok
12:12:44.0252 4400 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:12:44.0252 4400 usbohci - ok
12:12:44.0268 4400 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:12:44.0268 4400 usbprint - ok
12:12:44.0284 4400 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:12:44.0284 4400 usbscan - ok
12:12:44.0346 4400 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:12:44.0346 4400 USBSTOR - ok
12:12:44.0377 4400 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:12:44.0377 4400 usbuhci - ok
12:12:44.0424 4400 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:12:44.0440 4400 usbvideo - ok
12:12:44.0471 4400 [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
12:12:44.0471 4400 UVCFTR - ok
12:12:44.0502 4400 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:12:44.0502 4400 UxSms - ok
12:12:44.0736 4400 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:12:44.0736 4400 vds - ok
12:12:44.0798 4400 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:12:44.0798 4400 vga - ok
12:12:44.0814 4400 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:12:44.0814 4400 VgaSave - ok
12:12:44.0830 4400 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:12:44.0830 4400 viaagp - ok
12:12:44.0861 4400 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:12:44.0892 4400 ViaC7 - ok
12:12:44.0908 4400 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
12:12:44.0908 4400 viaide - ok
12:12:44.0939 4400 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:12:44.0939 4400 volmgr - ok
12:12:44.0986 4400 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:12:44.0986 4400 volmgrx - ok
12:12:45.0017 4400 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:12:45.0017 4400 volsnap - ok
12:12:45.0048 4400 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:12:45.0048 4400 vsmraid - ok
12:12:45.0110 4400 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:12:45.0126 4400 VSS - ok
12:12:45.0157 4400 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:12:45.0173 4400 W32Time - ok
12:12:45.0204 4400 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:12:45.0204 4400 WacomPen - ok
12:12:45.0235 4400 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:12:45.0235 4400 Wanarp - ok
12:12:45.0235 4400 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:12:45.0235 4400 Wanarpv6 - ok
12:12:45.0251 4400 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:12:45.0266 4400 wcncsvc - ok
12:12:45.0298 4400 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:12:45.0298 4400 WcsPlugInService - ok
12:12:45.0313 4400 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
12:12:45.0329 4400 Wd - ok
12:12:45.0376 4400 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:12:45.0376 4400 Wdf01000 - ok
12:12:45.0391 4400 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:12:45.0391 4400 WdiServiceHost - ok
12:12:45.0407 4400 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:12:45.0407 4400 WdiSystemHost - ok
12:12:45.0438 4400 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:12:45.0438 4400 WebClient - ok
12:12:45.0485 4400 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:12:45.0485 4400 Wecsvc - ok
12:12:45.0500 4400 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:12:45.0500 4400 wercplsupport - ok
12:12:45.0547 4400 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:12:45.0563 4400 WerSvc - ok
12:12:45.0641 4400 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:12:45.0641 4400 WinDefend - ok
12:12:45.0656 4400 WinHttpAutoProxySvc - ok
12:12:45.0688 4400 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:12:45.0688 4400 Winmgmt - ok
12:12:45.0734 4400 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:12:45.0766 4400 WinRM - ok
12:12:45.0937 4400 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:12:45.0953 4400 Wlansvc - ok
12:12:46.0358 4400 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:12:46.0468 4400 wlidsvc - ok
12:12:46.0483 4400 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:12:46.0483 4400 WmiAcpi - ok
12:12:46.0514 4400 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:12:46.0530 4400 wmiApSrv - ok
12:12:46.0592 4400 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:12:46.0608 4400 WMPNetworkSvc - ok
12:12:46.0624 4400 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:12:46.0624 4400 WPCSvc - ok
12:12:46.0655 4400 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:12:46.0670 4400 WPDBusEnum - ok
12:12:46.0702 4400 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:12:46.0717 4400 WpdUsb - ok
12:12:46.0811 4400 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:12:46.0826 4400 WPFFontCache_v0400 - ok
12:12:46.0904 4400 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:12:46.0920 4400 ws2ifsl - ok
12:12:46.0951 4400 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:12:46.0951 4400 wscsvc - ok
12:12:46.0967 4400 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:12:46.0967 4400 WSDPrintDevice - ok
12:12:46.0982 4400 WSearch - ok
12:12:47.0248 4400 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:12:47.0326 4400 wuauserv - ok
12:12:47.0357 4400 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:12:47.0372 4400 WUDFRd - ok
12:12:47.0404 4400 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:12:47.0404 4400 wudfsvc - ok
12:12:47.0575 4400 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:12:47.0575 4400 YahooAUService - ok
12:12:47.0591 4400 ================ Scan global ===============================
12:12:47.0622 4400 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:12:47.0653 4400 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:12:47.0684 4400 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:12:47.0716 4400 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:12:47.0731 4400 [Global] - ok
12:12:47.0731 4400 ================ Scan MBR ==================================
12:12:47.0731 4400 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
12:12:48.0589 4400 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:12:48.0589 4400 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:12:48.0589 4400 ================ Scan VBR ==================================
12:12:48.0605 4400 [ DD3EB6352AA2D14F90EC976F7FA762B4 ] \Device\Harddisk0\DR0\Partition1
12:12:48.0605 4400 \Device\Harddisk0\DR0\Partition1 - ok
12:12:48.0605 4400 ============================================================
12:12:48.0605 4400 Scan finished
12:12:48.0605 4400 ============================================================
12:12:48.0620 2644 Detected object count: 1
12:12:48.0620 2644 Actual detected object count: 1
12:12:58.0932 2644 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:12:58.0932 2644 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:13:04.0267 1724 Deinitialize success




Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.27.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Anita :: ANITA-PC [administrator]

Protection: Disabled

8/27/2012 12:15:27 PM
mbam-log-2012-08-27 (12-15-27).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 379208
Time elapsed: 2 hour(s), 31 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version: 23-07-2012
Ran by Anita (administrator) on 27-08-2012 at 17:19:08
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Anita-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : eau.wi.charter.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : eau.wi.charter.com
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-21-6B-D2-BF-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::412b:1630:3738:974d%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.114(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 27, 2012 11:16:50 AM
Lease Expires . . . . . . . . . . : Tuesday, August 28, 2012 11:16:49 AM
Default Gateway . . . . . . . . . : 192.168.1.2
DHCP Server . . . . . . . . . . . : 192.168.1.2
DHCPv6 IAID . . . . . . . . . . . : 301998443
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-C7-B2-85-00-1E-33-84-11-00
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
68.115.71.53
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-1E-33-89-9E-31
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . : eau.wi.charter.com
Description . . . . . . . . . . . : isatap.eau.wi.charter.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.114%15(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
68.115.71.53
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2cdc:2737:3f57:fe8d(Preferred)
Link-local IPv6 Address . . . . . : fe80::2cdc:2737:3f57:fe8d%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{29971CE0-ED76-4A76-86C2-217595A139F4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: google.com.eau.wi.charter.com
Address: 67.215.65.132



Pinging google.com [74.125.225.98] with 32 bytes of data:

Reply from 74.125.225.98: bytes=32 time=27ms TTL=53

Reply from 74.125.225.98: bytes=32 time=31ms TTL=53



Ping statistics for 74.125.225.98:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 31ms, Average = 29ms

Server: resolver1.opendns.com
Address: 208.67.222.222

Name: yahoo.com.eau.wi.charter.com
Address: 67.215.65.132



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=135ms TTL=49

Reply from 72.30.38.140: bytes=32 time=115ms TTL=49



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 115ms, Maximum = 135ms, Average = 125ms

Server: resolver1.opendns.com
Address: 208.67.222.222

Name: bleepingcomputer.com.eau.wi.charter.com
Address: 67.215.65.132



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 21 6b d2 bf 26 ...... Intel® WiFi Link 5100 AGN
10 ...00 1e 33 89 9e 31 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
11 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
15 ...00 00 00 00 00 00 00 e0 isatap.eau.wi.charter.com
13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.{29971CE0-ED76-4A76-86C2-217595A139F4}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.114 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.114 281
192.168.1.114 255.255.255.255 On-link 192.168.1.114 281
192.168.1.255 255.255.255.255 On-link 192.168.1.114 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.114 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.114 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 18 ::/0 On-link
1 306 ::1/128 On-link
13 18 2001::/32 On-link
13 266 2001:0:4137:9e76:2cdc:2737:3f57:fe8d/128
On-link
12 281 fe80::/64 On-link
13 266 fe80::/64 On-link
15 286 fe80::5efe:192.168.1.114/128
On-link
13 266 fe80::2cdc:2737:3f57:fe8d/128
On-link
12 281 fe80::412b:1630:3738:974d/128
On-link
1 306 ff00::/8 On-link
13 266 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/27/2012 11:16:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 11:06:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 11:02:51 AM) (Source: MsiInstaller) (User: Anita-PC)Anita-PC
Description: Product: D110 -- Error 1706.No valid source could be found for product D110. The Windows Installer cannot continue.

Error: (08/27/2012 11:01:23 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module Flash32_11_3_300_271.ocx, version 11.3.300.271, time stamp 0x5026ff3f, exception code 0xc0000005, fault offset 0x00472a39,
process id 0x4d8, application start time 0xsvchost.exe0.

Error: (08/27/2012 10:48:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2012 03:13:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2012 03:09:51 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0001576d,
process id 0x2c44, application start time 0xsvchost.exe0.

Error: (08/26/2012 02:33:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2012 01:57:43 AM) (Source: MsiInstaller) (User: Anita-PC)Anita-PC
Description: Product: D110 -- Error 1706.No valid source could be found for product D110. The Windows Installer cannot continue.

Error: (08/26/2012 01:13:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/06/2010 09:48:52 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :20" could not be registered on the interface with IP address 192.168.2.101.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.

Error: (09/06/2010 09:48:52 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :0" could not be registered on the interface with IP address 192.168.2.101.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.

Error: (09/06/2010 09:48:52 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :0" could not be registered on the interface with IP address 192.168.2.101.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.

Error: (09/06/2010 09:48:52 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A5C99F56-B3D7-4AA5-85F5-FAC5A2FB6429} because another computer on the network has the same name. The server could not start.

Error: (09/06/2010 09:46:43 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :20" could not be registered on the interface with IP address 169.254.151.77.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.

Error: (09/06/2010 09:46:43 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :0" could not be registered on the interface with IP address 169.254.151.77.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.

Error: (09/06/2010 09:46:43 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :0" could not be registered on the interface with IP address 169.254.151.77.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.

Error: (09/06/2010 09:46:43 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A5C99F56-B3D7-4AA5-85F5-FAC5A2FB6429} because another computer on the network has the same name. The server could not start.

Error: (09/06/2010 06:21:43 PM) (Source: Service Control Manager) (User: )
Description: 30000RP_FWS

Error: (09/05/2010 02:21:50 PM) (Source: netbt) (User: )
Description: The name "ANITA-PC :20" could not be registered on the interface with IP address 192.168.2.101.
The computer with the IP address 192.168.2.100 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
32 Bit HP CIO Components Installer (Version: 7.1.4)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Amazon Links (Version: 1.0)
Avery Template - U_0306_01_JSLegal_2_0809_01_pg1_en (Version: 1.0.0.0)
Avery Wizard 4.0 (Version: 4.0.4)
Bing Bar (Version: 7.0.609.0)
Bluetooth Stack for Windows by Toshiba (Version: v6.10.07(T))
BufferChm (Version: 140.0.212.000)
Camera Assistant Software for Toshiba (Version: 1.7.209.0807L)
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
CenturyLink Installer (Version: 1.0)
CenturyLink Personal Digital Vault™ (Version: 1.0.0004)
CenturyLink QuickCare 2.7 (Version: 2.7.1111.1612)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink PowerCinema for TOSHIBA (Version: 6.0.2001)
D110 (Version: 140.0.283.000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DVD MovieFactory for TOSHIBA (Version: 5.51)
Frontier Servicepoint 3.7.44 (Version: 3.7.44)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer (Version: 4.0.0.002)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 140.0.211.000)
Gpg4win (2.1.0) (Version: 2.1.0)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPAppStudio (Version: 140.0.95.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless WiFi Software (Version: 14.03.0000)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XML Parser (Version: 8.20.8730.4)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyCenturyLink Toolbar
Network (Version: 140.0.215.000)
Norton AntiVirus (Version: 19.8.0.14)
OpenOffice.org 3.3 (Version: 3.3.9567)
Picasa 2 (Version: 2.0)
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickBooks Basic Edition 2004
QuickBooks Financial Center (Version: 1.10.0000)
QuickTransfer (Version: 140.0.98.000)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
Recover My Files (Version: 4.7.2.1139)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (Version: 3.54.02)
RPS CRT (Version: 7.0.25)
RPS CRT (Version: 8.0.27)
RPS CRT (Version: 9.0.49)
Scan (Version: 140.0.80.000)
SeaTools for Windows (Version: 1.2.0.6)
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Status (Version: 140.0.256.000)
Synaptics Pointing Device Driver (Version: 10.1.8.0)
The Weather Channel App
Toolbox (Version: 140.0.428.000)
TOSHIBA Assist (Version: 2.01.05)
TOSHIBA ConfigFree (Version: 7.2.21)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 2.0.2.32)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA PowerCinema Helper (Version: 1.00)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Utilities (Version: 1.8.1.3)
TOSHIBA Service Station (Version: 1.1.14)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.19)
TrayApp (Version: 140.0.212.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
WebReg (Version: 140.0.212.017)
WildTangent Games (Version: 1.0.0.62)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.5)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
WorldWinner Games (Version: 1.9.0.23)
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 2939.25 MB
Available physical RAM: 1659.98 MB
Total Pagefile: 6086.71 MB
Available Pagefile: 4543.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.06 MB

========================= Partitions: =====================================

1 Drive c: (SQ004829V03) (Fixed) (Total:289.53 GB) (Free:200.56 GB) NTFS

========================= Users: ========================================

User accounts for \\ANITA-PC

Administrator Anita Guest


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by Anita (administrator) on 27-08-2012 at 17:21:50
Running from "C:\Users\Anita\Desktop\New Folder"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 21:24] - [2008-01-20 21:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.801 - Logfile created 08/27/2012 at 17:23:43
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Anita - ANITA-PC
# Boot Mode : Normal
# Running from : C:\Users\Anita\Desktop\New Folder\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Anita\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Anita\AppData\LocalLow\MyWebSearch

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\vjlvu2is.default\prefs.js

C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\vjlvu2is.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3564 octets] - [27/08/2012 17:23:43]

########## EOF - C:\AdwCleaner[S1].txt - [3692 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 27 August 2012 - 09:55 PM

12:12:58.0932 2644 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Run TDSSkiller again and select DELETE

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 cart0181

cart0181
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 28 August 2012 - 12:23 AM

I tried to add the TDSS Killer log, but the system said the post was too long. I seem to have forgotten how to attach files. Sorry.




Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/28/2012 12:15:54 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/28/2012 12:16:09 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 28 August 2012 - 12:33 AM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 cart0181

cart0181
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 28 August 2012 - 02:46 AM

Ok, I ran TFC in normal mode. It seemed to take a long time at first, but it continued eventually. It restarted the computer. Is there a log file for TFC that I should post?

I turned off system restore on all drives and restarted the computer a second time (after TFC). Then I re-enabled SR and created a new RP.

I updated the Flash Player so I'm now running 11.4.402.265 in both the ActiveX and Plug-in Versions.
I installed Java 7 Update 6. I don't see any other Java entries in the P&F list.

I ran from elevated command prompt, netstat -b I don't seem to have anymore superfluous connections there. Do you think I am in the clear? Why did I scan clean with 3 virus scanners, yet I still had TDSS file system on the drive?

Also, when I run the Task Scheduler I still get the message, "The task image is corrupt or has been tampered with.mcupdate"
Is this a problem? Is there anything that needs to be done there?

Thanks again, narenxp, for all your assistance on this. I really can't thank you enough. I was completely lost. :blink:

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 28 August 2012 - 04:08 AM

Do you think I am in the clear? Why did I scan clean with 3 virus scanners, yet I still had TDSS file system on the drive?


Initially you had skipped it.We removed it later

Also, when I run the Task Scheduler I still get the message, "The task image is corrupt or has been tampered with.mcupdate"
Is this a problem? Is there anything that needs to be done there?


C:\windows\system32\tasks\Microsoft\windows\Media Center\mcupdate

Delete this file

safe surfing

#11 cart0181

cart0181
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 28 August 2012 - 11:19 AM

Okay, I guess this is all taken care of. I deleted mcupdate and now the Task Scheduler runs as normal. All I can say is THANK YOU. You are a genius. :wizardball:

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 28 August 2012 - 12:49 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users