Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

That same old pop-up, redirect thing


  • Please log in to reply
7 replies to this topic

#1 wilejo

wilejo

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 05 September 2012 - 11:45 PM

Hi guys, so I've got the same problem everyone else on this forum seems to be having: those pop-up ads in the bottom right (and sometimes left) corner and redirect links. I'm running Windows 7 with Norton Anti-Virus(which is naturally coming up clean). I've already taken the first step that narenxp advised someone in a previous post to do: downloaded TDSSkiller, aswMBR, and ESET online scanner. I've run the scans in all the programs, so here's all the logs. Thank you in advance for any possible help.

TDSSkiller:

21:46:01.0591 14528 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:46:02.0656 14528 ============================================================
21:46:02.0656 14528 Current date / time: 2012/09/05 21:46:02.0656
21:46:02.0656 14528 SystemInfo:
21:46:02.0656 14528
21:46:02.0656 14528 OS Version: 6.1.7601 ServicePack: 1.0
21:46:02.0656 14528 Product type: Workstation
21:46:02.0657 14528 ComputerName: YVES
21:46:02.0657 14528 UserName: Will
21:46:02.0657 14528 Windows directory: C:\windows
21:46:02.0657 14528 System windows directory: C:\windows
21:46:02.0657 14528 Running under WOW64
21:46:02.0657 14528 Processor architecture: Intel x64
21:46:02.0657 14528 Number of processors: 4
21:46:02.0657 14528 Page size: 0x1000
21:46:02.0657 14528 Boot type: Normal boot
21:46:02.0657 14528 ============================================================
21:46:03.0654 14528 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:46:03.0676 14528 ============================================================
21:46:03.0676 14528 \Device\Harddisk0\DR0:
21:46:03.0676 14528 MBR partitions:
21:46:03.0676 14528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48737800
21:46:03.0676 14528 ============================================================
21:46:03.0703 14528 C: <-> \Device\Harddisk0\DR0\Partition1
21:46:03.0703 14528 ============================================================
21:46:03.0703 14528 Initialize success
21:46:03.0703 14528 ============================================================
21:46:37.0037 12508 ============================================================
21:46:37.0037 12508 Scan started
21:46:37.0037 12508 Mode: Manual; TDLFS;
21:46:37.0037 12508 ============================================================
21:46:37.0355 12508 ================ Scan system memory ========================
21:46:37.0355 12508 System memory - ok
21:46:37.0358 12508 ================ Scan services =============================
21:46:37.0654 12508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:46:37.0662 12508 1394ohci - ok
21:46:37.0706 12508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:46:37.0713 12508 ACPI - ok
21:46:37.0769 12508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:46:37.0773 12508 AcpiPmi - ok
21:46:37.0842 12508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:46:37.0855 12508 adp94xx - ok
21:46:37.0910 12508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
21:46:37.0921 12508 adpahci - ok
21:46:37.0983 12508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:46:37.0990 12508 adpu320 - ok
21:46:38.0045 12508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:46:38.0047 12508 AeLookupSvc - ok
21:46:38.0120 12508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:46:38.0129 12508 AFD - ok
21:46:38.0204 12508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:46:38.0207 12508 agp440 - ok
21:46:38.0268 12508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:46:38.0271 12508 ALG - ok
21:46:38.0338 12508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:46:38.0340 12508 aliide - ok
21:46:38.0353 12508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:46:38.0355 12508 amdide - ok
21:46:38.0400 12508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:46:38.0403 12508 AmdK8 - ok
21:46:38.0436 12508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:46:38.0439 12508 AmdPPM - ok
21:46:38.0497 12508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:46:38.0500 12508 amdsata - ok
21:46:38.0522 12508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:46:38.0527 12508 amdsbs - ok
21:46:38.0547 12508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:46:38.0549 12508 amdxata - ok
21:46:38.0602 12508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:46:38.0605 12508 AppID - ok
21:46:38.0644 12508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:46:38.0647 12508 AppIDSvc - ok
21:46:38.0716 12508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:46:38.0719 12508 Appinfo - ok
21:46:38.0795 12508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
21:46:38.0798 12508 arc - ok
21:46:38.0826 12508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
21:46:38.0830 12508 arcsas - ok
21:46:38.0885 12508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:46:38.0887 12508 AsyncMac - ok
21:46:38.0929 12508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:46:38.0931 12508 atapi - ok
21:46:39.0008 12508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:46:39.0020 12508 AudioEndpointBuilder - ok
21:46:39.0040 12508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:46:39.0049 12508 AudioSrv - ok
21:46:39.0107 12508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:46:39.0111 12508 AxInstSV - ok
21:46:39.0180 12508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:46:39.0189 12508 b06bdrv - ok
21:46:39.0236 12508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:46:39.0242 12508 b57nd60a - ok
21:46:39.0302 12508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:46:39.0305 12508 BDESVC - ok
21:46:39.0339 12508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:46:39.0341 12508 Beep - ok
21:46:39.0421 12508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:46:39.0432 12508 BFE - ok
21:46:39.0672 12508 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120823.007\BHDrvx64.sys
21:46:39.0693 12508 BHDrvx64 - ok
21:46:39.0742 12508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
21:46:39.0758 12508 BITS - ok
21:46:39.0815 12508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
21:46:39.0818 12508 blbdrive - ok
21:46:39.0870 12508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:46:39.0874 12508 bowser - ok
21:46:39.0899 12508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:46:39.0902 12508 BrFiltLo - ok
21:46:39.0933 12508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:46:39.0935 12508 BrFiltUp - ok
21:46:39.0970 12508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:46:39.0975 12508 Browser - ok
21:46:40.0009 12508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:46:40.0015 12508 Brserid - ok
21:46:40.0033 12508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:46:40.0035 12508 BrSerWdm - ok
21:46:40.0064 12508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:46:40.0067 12508 BrUsbMdm - ok
21:46:40.0078 12508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:46:40.0080 12508 BrUsbSer - ok
21:46:40.0098 12508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:46:40.0101 12508 BTHMODEM - ok
21:46:40.0166 12508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:46:40.0170 12508 bthserv - ok
21:46:40.0291 12508 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
21:46:40.0296 12508 ccSet_N360 - ok
21:46:40.0330 12508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:46:40.0333 12508 cdfs - ok
21:46:40.0390 12508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:46:40.0395 12508 cdrom - ok
21:46:40.0458 12508 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys
21:46:40.0460 12508 CeKbFilter - ok
21:46:40.0523 12508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:46:40.0525 12508 CertPropSvc - ok
21:46:40.0588 12508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
21:46:40.0590 12508 circlass - ok
21:46:40.0628 12508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:46:40.0635 12508 CLFS - ok
21:46:40.0712 12508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:46:40.0730 12508 clr_optimization_v2.0.50727_32 - ok
21:46:40.0800 12508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:46:40.0804 12508 clr_optimization_v2.0.50727_64 - ok
21:46:40.0893 12508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:46:40.0897 12508 clr_optimization_v4.0.30319_32 - ok
21:46:40.0977 12508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:46:40.0981 12508 clr_optimization_v4.0.30319_64 - ok
21:46:41.0036 12508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
21:46:41.0038 12508 CmBatt - ok
21:46:41.0059 12508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:46:41.0061 12508 cmdide - ok
21:46:41.0101 12508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:46:41.0111 12508 CNG - ok
21:46:41.0167 12508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:46:41.0169 12508 Compbatt - ok
21:46:41.0217 12508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:46:41.0219 12508 CompositeBus - ok
21:46:41.0247 12508 COMSysApp - ok
21:46:41.0278 12508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:46:41.0280 12508 crcdisk - ok
21:46:41.0359 12508 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
21:46:41.0363 12508 CryptSvc - ok
21:46:41.0506 12508 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:46:41.0518 12508 cvhsvc - ok
21:46:41.0587 12508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:46:41.0598 12508 DcomLaunch - ok
21:46:41.0636 12508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:46:41.0642 12508 defragsvc - ok
21:46:41.0703 12508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:46:41.0707 12508 DfsC - ok
21:46:41.0777 12508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:46:41.0783 12508 Dhcp - ok
21:46:41.0823 12508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:46:41.0824 12508 discache - ok
21:46:41.0897 12508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
21:46:41.0899 12508 Disk - ok
21:46:41.0962 12508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:46:41.0967 12508 Dnscache - ok
21:46:41.0985 12508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:46:41.0992 12508 dot3svc - ok
21:46:42.0056 12508 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
21:46:42.0060 12508 Dot4 - ok
21:46:42.0111 12508 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
21:46:42.0113 12508 Dot4Print - ok
21:46:42.0141 12508 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
21:46:42.0142 12508 dot4usb - ok
21:46:42.0186 12508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:46:42.0190 12508 DPS - ok
21:46:42.0248 12508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:46:42.0250 12508 drmkaud - ok
21:46:42.0297 12508 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:46:42.0315 12508 DXGKrnl - ok
21:46:42.0351 12508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:46:42.0354 12508 EapHost - ok
21:46:42.0462 12508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
21:46:42.0545 12508 ebdrv - ok
21:46:42.0633 12508 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:46:42.0644 12508 eeCtrl - ok
21:46:42.0673 12508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:46:42.0676 12508 EFS - ok
21:46:42.0756 12508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:46:42.0768 12508 ehRecvr - ok
21:46:42.0841 12508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:46:42.0844 12508 ehSched - ok
21:46:42.0912 12508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:46:42.0924 12508 elxstor - ok
21:46:43.0010 12508 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:46:43.0015 12508 EraserUtilRebootDrv - ok
21:46:43.0044 12508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:46:43.0047 12508 ErrDev - ok
21:46:43.0131 12508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:46:43.0141 12508 EventSystem - ok
21:46:43.0296 12508 [ 57E61DC4F7980D57C0B162FC5B9F0B38 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:46:43.0328 12508 EvtEng - ok
21:46:43.0362 12508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:46:43.0368 12508 exfat - ok
21:46:43.0414 12508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:46:43.0421 12508 fastfat - ok
21:46:43.0496 12508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:46:43.0512 12508 Fax - ok
21:46:43.0539 12508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
21:46:43.0541 12508 fdc - ok
21:46:43.0588 12508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:46:43.0591 12508 fdPHost - ok
21:46:43.0610 12508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:46:43.0613 12508 FDResPub - ok
21:46:43.0651 12508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:46:43.0655 12508 FileInfo - ok
21:46:43.0682 12508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:46:43.0685 12508 Filetrace - ok
21:46:43.0711 12508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:46:43.0714 12508 flpydisk - ok
21:46:43.0765 12508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:46:43.0774 12508 FltMgr - ok
21:46:43.0833 12508 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:46:43.0857 12508 FontCache - ok
21:46:43.0916 12508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:46:43.0919 12508 FontCache3.0.0.0 - ok
21:46:43.0955 12508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:46:43.0958 12508 FsDepends - ok
21:46:43.0991 12508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:46:43.0994 12508 Fs_Rec - ok
21:46:44.0055 12508 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:46:44.0060 12508 fvevol - ok
21:46:44.0125 12508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:46:44.0128 12508 gagp30kx - ok
21:46:44.0177 12508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:46:44.0193 12508 gpsvc - ok
21:46:44.0283 12508 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:46:44.0286 12508 gupdate - ok
21:46:44.0324 12508 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:46:44.0327 12508 gupdatem - ok
21:46:44.0402 12508 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:46:44.0406 12508 gusvc - ok
21:46:44.0448 12508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:46:44.0450 12508 hcw85cir - ok
21:46:44.0515 12508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:46:44.0525 12508 HdAudAddService - ok
21:46:44.0577 12508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:46:44.0581 12508 HDAudBus - ok
21:46:44.0612 12508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:46:44.0615 12508 HidBatt - ok
21:46:44.0661 12508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:46:44.0665 12508 HidBth - ok
21:46:44.0691 12508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
21:46:44.0694 12508 HidIr - ok
21:46:44.0742 12508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
21:46:44.0744 12508 hidserv - ok
21:46:44.0823 12508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
21:46:44.0826 12508 HidUsb - ok
21:46:44.0865 12508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:46:44.0869 12508 hkmsvc - ok
21:46:44.0892 12508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:46:44.0901 12508 HomeGroupListener - ok
21:46:44.0939 12508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:46:44.0946 12508 HomeGroupProvider - ok
21:46:44.0991 12508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:46:44.0995 12508 HpSAMD - ok
21:46:45.0148 12508 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:46:45.0168 12508 HPSLPSVC - ok
21:46:45.0244 12508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:46:45.0259 12508 HTTP - ok
21:46:45.0278 12508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:46:45.0279 12508 hwpolicy - ok
21:46:45.0349 12508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
21:46:45.0353 12508 i8042prt - ok
21:46:45.0417 12508 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:46:45.0425 12508 iaStor - ok
21:46:45.0485 12508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:46:45.0495 12508 iaStorV - ok
21:46:45.0564 12508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:46:45.0583 12508 idsvc - ok
21:46:45.0699 12508 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120901.001\IDSvia64.sys
21:46:45.0708 12508 IDSVia64 - ok
21:46:46.0094 12508 [ 93C8115D4BAEB1BD047AB0A9B265EE7A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:46:46.0411 12508 igfx - ok
21:46:46.0467 12508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:46:46.0473 12508 iirsp - ok
21:46:46.0526 12508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:46:46.0547 12508 IKEEXT - ok
21:46:46.0624 12508 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
21:46:46.0629 12508 intaud_WaveExtensible - ok
21:46:46.0790 12508 [ AC9AAFD18E4D52084C4AA8A38795B7E4 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:46:46.0882 12508 IntcAzAudAddService - ok
21:46:46.0959 12508 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:46:46.0973 12508 IntcDAud - ok
21:46:47.0001 12508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:46:47.0008 12508 intelide - ok
21:46:47.0081 12508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:46:47.0093 12508 intelppm - ok
21:46:47.0127 12508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:46:47.0136 12508 IPBusEnum - ok
21:46:47.0155 12508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:46:47.0158 12508 IpFilterDriver - ok
21:46:47.0217 12508 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:46:47.0232 12508 iphlpsvc - ok
21:46:47.0262 12508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:46:47.0266 12508 IPMIDRV - ok
21:46:47.0306 12508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:46:47.0311 12508 IPNAT - ok
21:46:47.0351 12508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:46:47.0353 12508 IRENUM - ok
21:46:47.0380 12508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:46:47.0382 12508 isapnp - ok
21:46:47.0435 12508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:46:47.0445 12508 iScsiPrt - ok
21:46:47.0500 12508 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
21:46:47.0504 12508 iwdbus - ok
21:46:47.0560 12508 [ 0B44199365A69696109AB9A5855E0841 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
21:46:47.0565 12508 JMCR - ok
21:46:47.0609 12508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
21:46:47.0612 12508 kbdclass - ok
21:46:47.0676 12508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
21:46:47.0679 12508 kbdhid - ok
21:46:47.0706 12508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:46:47.0710 12508 KeyIso - ok
21:46:47.0749 12508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:46:47.0754 12508 KSecDD - ok
21:46:47.0778 12508 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:46:47.0784 12508 KSecPkg - ok
21:46:47.0847 12508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:46:47.0850 12508 ksthunk - ok
21:46:47.0902 12508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:46:47.0913 12508 KtmRm - ok
21:46:47.0955 12508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
21:46:47.0964 12508 LanmanServer - ok
21:46:48.0030 12508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:46:48.0036 12508 LanmanWorkstation - ok
21:46:48.0096 12508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:46:48.0100 12508 lltdio - ok
21:46:48.0137 12508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:46:48.0146 12508 lltdsvc - ok
21:46:48.0178 12508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:46:48.0181 12508 lmhosts - ok
21:46:48.0265 12508 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:46:48.0273 12508 LMS - ok
21:46:48.0332 12508 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
21:46:48.0335 12508 LPCFilter - ok
21:46:48.0390 12508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:46:48.0395 12508 LSI_FC - ok
21:46:48.0432 12508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:46:48.0437 12508 LSI_SAS - ok
21:46:48.0463 12508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:46:48.0468 12508 LSI_SAS2 - ok
21:46:48.0527 12508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:46:48.0531 12508 LSI_SCSI - ok
21:46:48.0590 12508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:46:48.0594 12508 luafv - ok
21:46:48.0664 12508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:46:48.0669 12508 Mcx2Svc - ok
21:46:48.0711 12508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
21:46:48.0715 12508 megasas - ok
21:46:48.0753 12508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:46:48.0761 12508 MegaSR - ok
21:46:48.0800 12508 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:46:48.0804 12508 MEIx64 - ok
21:46:48.0897 12508 Microsoft SharePoint Workspace Audit Service - ok
21:46:48.0959 12508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:46:48.0965 12508 MMCSS - ok
21:46:48.0996 12508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:46:48.0999 12508 Modem - ok
21:46:49.0052 12508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:46:49.0055 12508 monitor - ok
21:46:49.0111 12508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
21:46:49.0115 12508 mouclass - ok
21:46:49.0170 12508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
21:46:49.0173 12508 mouhid - ok
21:46:49.0204 12508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:46:49.0207 12508 mountmgr - ok
21:46:49.0239 12508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:46:49.0244 12508 mpio - ok
21:46:49.0273 12508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:46:49.0276 12508 mpsdrv - ok
21:46:49.0330 12508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:46:49.0349 12508 MpsSvc - ok
21:46:49.0370 12508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:46:49.0376 12508 MRxDAV - ok
21:46:49.0409 12508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:46:49.0415 12508 mrxsmb - ok
21:46:49.0456 12508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:46:49.0464 12508 mrxsmb10 - ok
21:46:49.0487 12508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:46:49.0492 12508 mrxsmb20 - ok
21:46:49.0516 12508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
21:46:49.0519 12508 msahci - ok
21:46:49.0552 12508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:46:49.0557 12508 msdsm - ok
21:46:49.0589 12508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:46:49.0596 12508 MSDTC - ok
21:46:49.0661 12508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:46:49.0664 12508 Msfs - ok
21:46:49.0685 12508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:46:49.0687 12508 mshidkmdf - ok
21:46:49.0709 12508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:46:49.0713 12508 msisadrv - ok
21:46:49.0782 12508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:46:49.0789 12508 MSiSCSI - ok
21:46:49.0805 12508 msiserver - ok
21:46:49.0877 12508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:46:49.0879 12508 MSKSSRV - ok
21:46:49.0902 12508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:46:49.0906 12508 MSPCLOCK - ok
21:46:49.0926 12508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:46:49.0929 12508 MSPQM - ok
21:46:49.0970 12508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:46:49.0980 12508 MsRPC - ok
21:46:50.0025 12508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:46:50.0028 12508 mssmbios - ok
21:46:50.0079 12508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:46:50.0082 12508 MSTEE - ok
21:46:50.0126 12508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:46:50.0129 12508 MTConfig - ok
21:46:50.0156 12508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:46:50.0160 12508 Mup - ok
21:46:50.0239 12508 [ 50B99D53BC013458381C6476D790C9F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:46:50.0249 12508 MyWiFiDHCPDNS - ok
21:46:50.0460 12508 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
21:46:50.0464 12508 N360 - ok
21:46:50.0508 12508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:46:50.0523 12508 napagent - ok
21:46:50.0613 12508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:46:50.0623 12508 NativeWifiP - ok
21:46:50.0723 12508 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120905.002\ENG64.SYS
21:46:50.0727 12508 NAVENG - ok
21:46:50.0855 12508 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120905.002\EX64.SYS
21:46:50.0891 12508 NAVEX15 - ok
21:46:50.0982 12508 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
21:46:50.0999 12508 NDIS - ok
21:46:51.0045 12508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:46:51.0047 12508 NdisCap - ok
21:46:51.0099 12508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:46:51.0102 12508 NdisTapi - ok
21:46:51.0120 12508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:46:51.0123 12508 Ndisuio - ok
21:46:51.0149 12508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:46:51.0153 12508 NdisWan - ok
21:46:51.0192 12508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:46:51.0195 12508 NDProxy - ok
21:46:51.0222 12508 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:46:51.0226 12508 Net Driver HPZ12 - ok
21:46:51.0285 12508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:46:51.0288 12508 NetBIOS - ok
21:46:51.0325 12508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:46:51.0330 12508 NetBT - ok
21:46:51.0350 12508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:46:51.0353 12508 Netlogon - ok
21:46:51.0409 12508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:46:51.0417 12508 Netman - ok
21:46:51.0447 12508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:46:51.0457 12508 netprofm - ok
21:46:51.0491 12508 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:46:51.0503 12508 NetTcpPortSharing - ok
21:46:51.0785 12508 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
21:46:52.0017 12508 NETwNs64 - ok
21:46:52.0086 12508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:46:52.0089 12508 nfrd960 - ok
21:46:52.0152 12508 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
21:46:52.0160 12508 NlaSvc - ok
21:46:52.0185 12508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:46:52.0190 12508 Npfs - ok
21:46:52.0217 12508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:46:52.0219 12508 nsi - ok
21:46:52.0254 12508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:46:52.0255 12508 nsiproxy - ok
21:46:52.0334 12508 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:46:52.0369 12508 Ntfs - ok
21:46:52.0397 12508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:46:52.0400 12508 Null - ok
21:46:52.0464 12508 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
21:46:52.0468 12508 nusb3hub - ok
21:46:52.0493 12508 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
21:46:52.0498 12508 nusb3xhc - ok
21:46:52.0522 12508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:46:52.0530 12508 nvraid - ok
21:46:52.0585 12508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:46:52.0590 12508 nvstor - ok
21:46:52.0619 12508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:46:52.0626 12508 nv_agp - ok
21:46:52.0649 12508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:46:52.0652 12508 ohci1394 - ok
21:46:52.0711 12508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:46:52.0717 12508 ose - ok
21:46:52.0978 12508 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:46:53.0121 12508 osppsvc - ok
21:46:53.0223 12508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:46:53.0231 12508 p2pimsvc - ok
21:46:53.0257 12508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:46:53.0267 12508 p2psvc - ok
21:46:53.0302 12508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
21:46:53.0305 12508 Parport - ok
21:46:53.0340 12508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:46:53.0344 12508 partmgr - ok
21:46:53.0390 12508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:46:53.0396 12508 PcaSvc - ok
21:46:53.0423 12508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:46:53.0428 12508 pci - ok
21:46:53.0449 12508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
21:46:53.0451 12508 pciide - ok
21:46:53.0482 12508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:46:53.0488 12508 pcmcia - ok
21:46:53.0508 12508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:46:53.0522 12508 pcw - ok
21:46:53.0558 12508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:46:53.0577 12508 PEAUTH - ok
21:46:53.0687 12508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:46:53.0691 12508 PerfHost - ok
21:46:53.0773 12508 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:46:53.0776 12508 PGEffect - ok
21:46:53.0847 12508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:46:53.0878 12508 pla - ok
21:46:53.0943 12508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:46:53.0953 12508 PlugPlay - ok
21:46:53.0990 12508 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:46:54.0010 12508 Pml Driver HPZ12 - ok
21:46:54.0100 12508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:46:54.0105 12508 PNRPAutoReg - ok
21:46:54.0134 12508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:46:54.0141 12508 PNRPsvc - ok
21:46:54.0184 12508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:46:54.0194 12508 PolicyAgent - ok
21:46:54.0220 12508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:46:54.0227 12508 Power - ok
21:46:54.0282 12508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:46:54.0286 12508 PptpMiniport - ok
21:46:54.0315 12508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
21:46:54.0318 12508 Processor - ok
21:46:54.0385 12508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:46:54.0391 12508 ProfSvc - ok
21:46:54.0405 12508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:46:54.0408 12508 ProtectedStorage - ok
21:46:54.0456 12508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:46:54.0459 12508 Psched - ok
21:46:54.0519 12508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:46:54.0544 12508 ql2300 - ok
21:46:54.0560 12508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:46:54.0564 12508 ql40xx - ok
21:46:54.0600 12508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:46:54.0607 12508 QWAVE - ok
21:46:54.0631 12508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:46:54.0634 12508 QWAVEdrv - ok
21:46:54.0660 12508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:46:54.0662 12508 RasAcd - ok
21:46:54.0719 12508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:46:54.0722 12508 RasAgileVpn - ok
21:46:54.0750 12508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:46:54.0755 12508 RasAuto - ok
21:46:54.0811 12508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:46:54.0816 12508 Rasl2tp - ok
21:46:54.0862 12508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:46:54.0871 12508 RasMan - ok
21:46:54.0894 12508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:46:54.0917 12508 RasPppoe - ok
21:46:54.0967 12508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:46:54.0970 12508 RasSstp - ok
21:46:55.0017 12508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:46:55.0022 12508 rdbss - ok
21:46:55.0061 12508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:46:55.0063 12508 rdpbus - ok
21:46:55.0087 12508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:46:55.0088 12508 RDPCDD - ok
21:46:55.0120 12508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:46:55.0121 12508 RDPENCDD - ok
21:46:55.0170 12508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:46:55.0172 12508 RDPREFMP - ok
21:46:55.0206 12508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:46:55.0211 12508 RDPWD - ok
21:46:55.0262 12508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:46:55.0267 12508 rdyboost - ok
21:46:55.0337 12508 [ 18505D90FEE940EE9EAE4C5B421F22B4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:46:55.0350 12508 RegSrvc - ok
21:46:55.0381 12508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:46:55.0386 12508 RemoteAccess - ok
21:46:55.0432 12508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:46:55.0440 12508 RemoteRegistry - ok
21:46:55.0498 12508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:46:55.0501 12508 RpcEptMapper - ok
21:46:55.0534 12508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:46:55.0536 12508 RpcLocator - ok
21:46:55.0586 12508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:46:55.0594 12508 RpcSs - ok
21:46:55.0643 12508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:46:55.0646 12508 rspndr - ok
21:46:55.0711 12508 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:46:55.0719 12508 RTL8167 - ok
21:46:55.0738 12508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:46:55.0741 12508 SamSs - ok
21:46:55.0759 12508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:46:55.0763 12508 sbp2port - ok
21:46:55.0803 12508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:46:55.0808 12508 SCardSvr - ok
21:46:55.0873 12508 [ 46942B6980B35FFDA6AFA40A8328938C ] SCDEmu C:\windows\system32\drivers\SCDEmu.sys
21:46:55.0876 12508 SCDEmu - ok
21:46:55.0915 12508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:46:55.0917 12508 scfilter - ok
21:46:55.0998 12508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:46:56.0014 12508 Schedule - ok
21:46:56.0055 12508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:46:56.0056 12508 SCPolicySvc - ok
21:46:56.0089 12508 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
21:46:56.0092 12508 sdbus - ok
21:46:56.0129 12508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:46:56.0134 12508 SDRSVC - ok
21:46:56.0182 12508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:46:56.0184 12508 secdrv - ok
21:46:56.0217 12508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:46:56.0220 12508 seclogon - ok
21:46:56.0242 12508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
21:46:56.0246 12508 SENS - ok
21:46:56.0267 12508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:46:56.0270 12508 SensrSvc - ok
21:46:56.0299 12508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
21:46:56.0301 12508 Serenum - ok
21:46:56.0320 12508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
21:46:56.0324 12508 Serial - ok
21:46:56.0353 12508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
21:46:56.0355 12508 sermouse - ok
21:46:56.0413 12508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:46:56.0417 12508 SessionEnv - ok
21:46:56.0444 12508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:46:56.0446 12508 sffdisk - ok
21:46:56.0482 12508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:46:56.0484 12508 sffp_mmc - ok
21:46:56.0494 12508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:46:56.0495 12508 sffp_sd - ok
21:46:56.0507 12508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:46:56.0509 12508 sfloppy - ok
21:46:56.0584 12508 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:46:56.0597 12508 Sftfs - ok
21:46:56.0687 12508 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:46:56.0695 12508 sftlist - ok
21:46:56.0719 12508 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:46:56.0724 12508 Sftplay - ok
21:46:56.0781 12508 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:46:56.0783 12508 Sftredir - ok
21:46:56.0838 12508 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:46:56.0840 12508 Sftvol - ok
21:46:56.0894 12508 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:46:56.0897 12508 sftvsa - ok
21:46:56.0930 12508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:46:56.0937 12508 SharedAccess - ok
21:46:56.0981 12508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:46:56.0987 12508 ShellHWDetection - ok
21:46:57.0033 12508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:46:57.0035 12508 SiSRaid2 - ok
21:46:57.0085 12508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:46:57.0088 12508 SiSRaid4 - ok
21:46:57.0156 12508 [ 17EAB7852FF9F15FBAAB4E95EFC0B812 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:46:57.0159 12508 SkypeUpdate - ok
21:46:57.0217 12508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:46:57.0219 12508 Smb - ok
21:46:57.0300 12508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:46:57.0303 12508 SNMPTRAP - ok
21:46:57.0336 12508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:46:57.0338 12508 spldr - ok
21:46:57.0387 12508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:46:57.0396 12508 Spooler - ok
21:46:57.0549 12508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:46:57.0626 12508 sppsvc - ok
21:46:57.0648 12508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:46:57.0654 12508 sppuinotify - ok
21:46:57.0775 12508 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
21:46:57.0786 12508 SRTSP - ok
21:46:57.0810 12508 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
21:46:57.0812 12508 SRTSPX - ok
21:46:57.0855 12508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:46:57.0862 12508 srv - ok
21:46:57.0893 12508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:46:57.0900 12508 srv2 - ok
21:46:57.0923 12508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:46:57.0926 12508 srvnet - ok
21:46:57.0993 12508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:46:57.0998 12508 SSDPSRV - ok
21:46:58.0016 12508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:46:58.0020 12508 SstpSvc - ok
21:46:58.0047 12508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
21:46:58.0049 12508 stexstor - ok
21:46:58.0123 12508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:46:58.0132 12508 stisvc - ok
21:46:58.0160 12508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:46:58.0162 12508 swenum - ok
21:46:58.0212 12508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:46:58.0221 12508 swprv - ok
21:46:58.0290 12508 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
21:46:58.0297 12508 SymDS - ok
21:46:58.0359 12508 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
21:46:58.0375 12508 SymEFA - ok
21:46:58.0442 12508 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
21:46:58.0446 12508 SymEvent - ok
21:46:58.0509 12508 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
21:46:58.0513 12508 SymIRON - ok
21:46:58.0580 12508 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
21:46:58.0587 12508 SymNetS - ok
21:46:58.0684 12508 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:46:58.0704 12508 SynTP - ok
21:46:58.0792 12508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:46:58.0815 12508 SysMain - ok
21:46:58.0839 12508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:46:58.0842 12508 TabletInputService - ok
21:46:58.0869 12508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:46:58.0876 12508 TapiSrv - ok
21:46:58.0910 12508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:46:58.0912 12508 TBS - ok
21:46:58.0999 12508 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:46:59.0025 12508 Tcpip - ok
21:46:59.0100 12508 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:46:59.0117 12508 TCPIP6 - ok
21:46:59.0160 12508 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:46:59.0162 12508 tcpipreg - ok
21:46:59.0218 12508 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:46:59.0220 12508 tdcmdpst - ok
21:46:59.0246 12508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:46:59.0247 12508 TDPIPE - ok
21:46:59.0278 12508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:46:59.0280 12508 TDTCP - ok
21:46:59.0321 12508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:46:59.0324 12508 tdx - ok
21:46:59.0362 12508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:46:59.0364 12508 TermDD - ok
21:46:59.0414 12508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:46:59.0424 12508 TermService - ok
21:46:59.0444 12508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:46:59.0447 12508 Themes - ok
21:46:59.0511 12508 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
21:46:59.0515 12508 Thpdrv - ok
21:46:59.0561 12508 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
21:46:59.0563 12508 Thpevm - ok
21:46:59.0601 12508 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
21:46:59.0609 12508 Thpsrv - ok
21:46:59.0652 12508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:46:59.0654 12508 THREADORDER - ok
21:46:59.0745 12508 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:46:59.0746 12508 TMachInfo - ok
21:46:59.0783 12508 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
21:46:59.0787 12508 TODDSrv - ok
21:46:59.0881 12508 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:46:59.0889 12508 TosCoSrv - ok
21:46:59.0982 12508 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
21:46:59.0987 12508 TOSHIBA eco Utility Service - ok
21:47:00.0033 12508 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:47:00.0037 12508 TOSHIBA HDD SSD Alert Service - ok
21:47:00.0075 12508 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
21:47:00.0084 12508 tos_sps64 - ok
21:47:00.0164 12508 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:47:00.0172 12508 TPCHSrv - ok
21:47:00.0226 12508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:47:00.0230 12508 TrkWks - ok
21:47:00.0277 12508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:47:00.0280 12508 TrustedInstaller - ok
21:47:00.0302 12508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:47:00.0304 12508 tssecsrv - ok
21:47:00.0354 12508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:47:00.0365 12508 TsUsbFlt - ok
21:47:00.0402 12508 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:47:00.0404 12508 TsUsbGD - ok
21:47:00.0441 12508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:47:00.0444 12508 tunnel - ok
21:47:00.0510 12508 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:47:00.0512 12508 TVALZ - ok
21:47:00.0541 12508 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
21:47:00.0543 12508 TVALZFL - ok
21:47:00.0565 12508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:47:00.0568 12508 uagp35 - ok
21:47:00.0595 12508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:47:00.0613 12508 udfs - ok
21:47:00.0726 12508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:47:00.0730 12508 UI0Detect - ok
21:47:00.0774 12508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:47:00.0777 12508 uliagpkx - ok
21:47:00.0822 12508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:47:00.0824 12508 umbus - ok
21:47:00.0875 12508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
21:47:00.0877 12508 UmPass - ok
21:47:01.0034 12508 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:47:01.0092 12508 UNS - ok
21:47:01.0130 12508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:47:01.0137 12508 upnphost - ok
21:47:01.0167 12508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:47:01.0171 12508 usbccgp - ok
21:47:01.0217 12508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:47:01.0220 12508 usbcir - ok
21:47:01.0246 12508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:47:01.0249 12508 usbehci - ok
21:47:01.0304 12508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys
21:47:01.0309 12508 usbhub - ok
21:47:01.0333 12508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:47:01.0335 12508 usbohci - ok
21:47:01.0380 12508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:47:01.0381 12508 usbprint - ok
21:47:01.0429 12508 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:47:01.0453 12508 usbscan - ok
21:47:01.0578 12508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:47:01.0581 12508 USBSTOR - ok
21:47:01.0627 12508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:47:01.0629 12508 usbuhci - ok
21:47:01.0707 12508 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:47:01.0714 12508 usbvideo - ok
21:47:01.0746 12508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:47:01.0750 12508 UxSms - ok
21:47:01.0772 12508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:47:01.0773 12508 VaultSvc - ok
21:47:01.0812 12508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:47:01.0814 12508 vdrvroot - ok
21:47:01.0858 12508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:47:01.0868 12508 vds - ok
21:47:01.0903 12508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:47:01.0905 12508 vga - ok
21:47:01.0924 12508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:47:01.0926 12508 VgaSave - ok
21:47:01.0949 12508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:47:01.0953 12508 vhdmp - ok
21:47:01.0976 12508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:47:01.0979 12508 viaide - ok
21:47:02.0019 12508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:47:02.0021 12508 volmgr - ok
21:47:02.0047 12508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:47:02.0053 12508 volmgrx - ok
21:47:02.0079 12508 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
21:47:02.0085 12508 volsnap - ok
21:47:02.0142 12508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:47:02.0146 12508 vsmraid - ok
21:47:02.0247 12508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:47:02.0272 12508 VSS - ok
21:47:02.0294 12508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:47:02.0297 12508 vwifibus - ok
21:47:02.0354 12508 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:47:02.0356 12508 vwififlt - ok
21:47:02.0391 12508 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:47:02.0393 12508 vwifimp - ok
21:47:02.0428 12508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:47:02.0438 12508 W32Time - ok
21:47:02.0465 12508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:47:02.0468 12508 WacomPen - ok
21:47:02.0538 12508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:47:02.0542 12508 WANARP - ok
21:47:02.0558 12508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:47:02.0560 12508 Wanarpv6 - ok
21:47:02.0675 12508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:47:02.0695 12508 WatAdminSvc - ok
21:47:02.0766 12508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:47:02.0834 12508 wbengine - ok
21:47:02.0858 12508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:47:02.0876 12508 WbioSrvc - ok
21:47:02.0916 12508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:47:02.0931 12508 wcncsvc - ok
21:47:02.0955 12508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:47:02.0960 12508 WcsPlugInService - ok
21:47:03.0019 12508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
21:47:03.0021 12508 Wd - ok
21:47:03.0060 12508 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:47:03.0070 12508 Wdf01000 - ok
21:47:03.0096 12508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:47:03.0099 12508 WdiServiceHost - ok
21:47:03.0108 12508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:47:03.0112 12508 WdiSystemHost - ok
21:47:03.0148 12508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:47:03.0154 12508 WebClient - ok
21:47:03.0167 12508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:47:03.0174 12508 Wecsvc - ok
21:47:03.0204 12508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:47:03.0209 12508 wercplsupport - ok
21:47:03.0268 12508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:47:03.0271 12508 WerSvc - ok
21:47:03.0318 12508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:47:03.0320 12508 WfpLwf - ok
21:47:03.0363 12508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:47:03.0365 12508 WIMMount - ok
21:47:03.0382 12508 WinDefend - ok
21:47:03.0394 12508 WinHttpAutoProxySvc - ok
21:47:03.0456 12508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:47:03.0459 12508 Winmgmt - ok
21:47:03.0546 12508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:47:03.0576 12508 WinRM - ok
21:47:03.0653 12508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:47:03.0655 12508 WinUsb - ok
21:47:03.0705 12508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:47:03.0718 12508 Wlansvc - ok
21:47:03.0807 12508 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:47:03.0810 12508 wlcrasvc - ok
21:47:03.0959 12508 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:47:03.0989 12508 wlidsvc - ok
21:47:04.0018 12508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:47:04.0020 12508 WmiAcpi - ok
21:47:04.0069 12508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:47:04.0073 12508 wmiApSrv - ok
21:47:04.0137 12508 WMPNetworkSvc - ok
21:47:04.0164 12508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:47:04.0167 12508 WPCSvc - ok
21:47:04.0188 12508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:47:04.0192 12508 WPDBusEnum - ok
21:47:04.0227 12508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:47:04.0230 12508 ws2ifsl - ok
21:47:04.0247 12508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
21:47:04.0250 12508 wscsvc - ok
21:47:04.0258 12508 WSearch - ok
21:47:04.0357 12508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:47:04.0391 12508 wuauserv - ok
21:47:04.0409 12508 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:47:04.0412 12508 WudfPf - ok
21:47:04.0484 12508 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:47:04.0488 12508 WUDFRd - ok
21:47:04.0523 12508 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:47:04.0527 12508 wudfsvc - ok
21:47:04.0559 12508 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:47:04.0564 12508 WwanSvc - ok
21:47:04.0611 12508 ================ Scan global ===============================
21:47:04.0638 12508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:47:04.0679 12508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
21:47:04.0691 12508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
21:47:04.0737 12508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:47:04.0770 12508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:47:04.0777 12508 [Global] - ok
21:47:04.0780 12508 ================ Scan MBR ==================================
21:47:04.0795 12508 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:47:05.0939 12508 \Device\Harddisk0\DR0 - ok
21:47:05.0943 12508 ================ Scan VBR ==================================
21:47:05.0974 12508 [ 2410D28DC9439690F8EB468DB187AE40 ] \Device\Harddisk0\DR0\Partition1
21:47:05.0997 12508 \Device\Harddisk0\DR0\Partition1 - ok
21:47:06.0001 12508 ============================================================
21:47:06.0001 12508 Scan finished
21:47:06.0001 12508 ============================================================
21:47:06.0043 14892 Detected object count: 0
21:47:06.0043 14892 Actual detected object count: 0



aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 21:57:17
-----------------------------
21:57:17.373 OS Version: Windows x64 6.1.7601 Service Pack 1
21:57:17.376 Number of processors: 4 586 0x2A07
21:57:17.380 ComputerName: YVES UserName: Will
21:57:19.067 Initialize success
21:58:19.129 AVAST engine defs: 12090502
21:58:43.211 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:58:43.232 Disk 0 Vendor: TOSHIBA_ GB00 Size: 610480MB BusType: 3
21:58:43.254 Disk 0 MBR read successfully
21:58:43.266 Disk 0 MBR scan
21:58:43.284 Disk 0 Windows VISTA default MBR code
21:58:43.307 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:58:43.333 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 593519 MB offset 3074048
21:58:43.391 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15460 MB offset 1218600960
21:58:43.457 Disk 0 scanning C:\windows\system32\drivers
21:58:55.799 Service scanning
21:59:48.527 Modules scanning
21:59:48.562 Disk 0 trace - called modules:
21:59:48.670 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys
21:59:49.026 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007bd7060]
21:59:49.048 3 CLASSPNP.SYS[fffff8800188b43f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8007bd6060]
21:59:49.069 5 thpdrv.sys[fffff88001dbf2b0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005fef050]
21:59:50.600 AVAST engine scan C:\windows
21:59:53.989 AVAST engine scan C:\windows\system32
22:03:44.875 AVAST engine scan C:\windows\system32\drivers
22:04:10.284 AVAST engine scan C:\Users\Will
22:05:33.059 Disk 0 MBR has been saved successfully to "C:\Users\Will\Documents\MBR.dat"
22:05:33.071 The log file has been saved successfully to "C:\Users\Will\Documents\aswMBR.txt"



ESET online scanner:


C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Users\Will\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\4b60fd69-475f5d14 Java/Exploit.CVE-2012-1723.V trojan cleaned by deleting - quarantined

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:13 PM

Posted 05 September 2012 - 11:58 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#3 wilejo

wilejo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 06 September 2012 - 01:02 AM

Thanks for the quick reply.

I ran Mal-Ware Bytes and it came up completely clean, no threats found. Now, the rest of the logs:

FFS:

Farbar Service Scanner Version: 06-08-2012
Ran by Will (administrator) on 06-09-2012 at 00:06:34
Running from "C:\Users\Will\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



MiniToolBox:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Will (administrator) on 06-09-2012 at 00:06:12
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost



AdwCleaner:


# AdwCleaner v2.000 - Logfile created 09/06/2012 at 00:53:45
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Will - YVES
# Boot Mode : Normal
# Running from : C:\Users\Will\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium

***** [Registry] *****

Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1583 octets] - [06/09/2012 00:53:45]

########## EOF - C:\AdwCleaner[S2].txt - [1643 octets] ##########

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:13 PM

Posted 06 September 2012 - 07:05 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#5 wilejo

wilejo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 06 September 2012 - 11:04 PM

All right, I'm hoping I entered those cmd commands correctly. The program responded, so I guess that's probably good. Here are the logs:

MiniToolBox:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Will (administrator) on 06-09-2012 at 23:01:25
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost


**** End of log ****



RKill:

Rkill 2.3.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/06/2012 11:02:18 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\windows\system32\ThpSrv.exe (PID: 2224) [WD-HEUR]
* C:\Windows\System32\ThpSrv.exe (PID: 4312) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Will\Desktop\rkill\rkill-09-06-2012-11-02-33.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/06/2012 11:02:57 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

Edited by wilejo, 06 September 2012 - 11:05 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:13 PM

Posted 06 September 2012 - 11:08 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 wilejo

wilejo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 07 September 2012 - 12:04 AM

Well, you've done it! Everything is running smoothly! Thank you so much for this. I imagine you've helped hundreds (or thousands) of people at this point, and you should know that each of us appreciate it immensely.

Edited by wilejo, 07 September 2012 - 12:04 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:13 PM

Posted 07 September 2012 - 12:05 AM

You're welcome and happy to help :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users