Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

desperately need help!


  • Please log in to reply
25 replies to this topic

#1 gduggs

gduggs

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 29 October 2012 - 12:11 AM

I don't know where to start. I have tried everything to get rid of this virus. I can't even google search it because it redirects every single attempt to wacky websites!! I don't know where to turn except for the geek squad and they are way way way out of my budget. Can someone please help me? I'm pretty computer literate so I can follow any instructions given, I just can't find the stupid virus!! :wacko:

Thanks in advance!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:13 PM

Posted 29 October 2012 - 05:12 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 11:52 AM

I had downloaded TDSSkiller already and could never get the program to launch. Will it work in safe mode? I will try to install the other 2 programs now. Thanks.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:13 PM

Posted 30 October 2012 - 02:21 PM

Download Listparts from here

For 32 bit

List parts 32

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#5 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 03:54 PM

ListParts by Farbar Version: 30-10-2012
Ran by ginabina (administrator) on 30-10-2012 at 16:53:31
Windows 7 (X64)
Running From: C:\Users\ginabina\Downloads
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 41%
Total physical RAM: 4043.86 MB
Available physical RAM: 2350.47 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 6188.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3988.35 MB

======================= Partitions =========================

1 Drive c: (TI106321W0B) (Fixed) (Total:282.96 GB) (Free:228.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 282 GB 1501 MB
Partition 3 Primary 13 GB 284 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 System NTFS Partition 1500 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI106321W0B NTFS Partition 282 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Edited by gduggs, 30 October 2012 - 03:58 PM.


#6 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 04:01 PM

Also tried TDSSKiller and awsMBR and they will not run. ESET online scanner does though.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:13 PM

Posted 30 October 2012 - 04:03 PM

.

Edited by narenxp, 30 October 2012 - 04:18 PM.


#8 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 04:17 PM

TDSSfix ran, I had to reboot. It asked me to update TDSSKiller, I declined, it continued the scan. After that TDSSKiller immediately launched and found the rootkit, but could not cure it. It wants me to reboot... Should I? Here is the log:



17:13:05.0490 3620 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
17:13:14.0301 3620 ============================================================
17:13:14.0301 3620 Current date / time: 2012/10/30 17:13:14.0301
17:13:14.0301 3620 SystemInfo:
17:13:14.0301 3620
17:13:14.0301 3620 OS Version: 6.1.7601 ServicePack: 1.0
17:13:14.0301 3620 Product type: Workstation
17:13:14.0301 3620 ComputerName: GINABINASLAPTOP
17:13:14.0301 3620 UserName: ginabina
17:13:14.0301 3620 Windows directory: C:\windows
17:13:14.0301 3620 System windows directory: C:\windows
17:13:14.0301 3620 Running under WOW64
17:13:14.0301 3620 Processor architecture: Intel x64
17:13:14.0301 3620 Number of processors: 2
17:13:14.0301 3620 Page size: 0x1000
17:13:14.0301 3620 Boot type: Normal boot
17:13:14.0301 3620 ============================================================
17:13:15.0292 3620 BG loaded
17:13:15.0622 3620 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
17:13:15.0622 3620 ============================================================
17:13:15.0622 3620 \Device\Harddisk0\DR0:
17:13:15.0622 3620 MBR partitions:
17:13:15.0622 3620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235E9800
17:13:15.0622 3620 ============================================================
17:13:15.0662 3620 C: <-> \Device\Harddisk0\DR0\Partition1
17:13:15.0662 3620 ============================================================
17:13:15.0662 3620 Initialize success
17:13:15.0662 3620 ============================================================
17:13:19.0937 2376 ============================================================
17:13:19.0937 2376 Scan started
17:13:19.0937 2376 Mode: Manual;
17:13:19.0937 2376 ============================================================
17:13:22.0037 2376 ================ Scan system memory ========================
17:13:22.0037 2376 System memory - ok
17:13:22.0037 2376 ================ Scan services =============================
17:13:22.0277 2376 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:13:22.0287 2376 1394ohci - ok
17:13:22.0517 2376 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:13:22.0517 2376 ACDaemon - ok
17:13:22.0577 2376 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:13:22.0577 2376 ACPI - ok
17:13:22.0637 2376 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:13:22.0637 2376 AcpiPmi - ok
17:13:22.0797 2376 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:13:22.0807 2376 AdobeFlashPlayerUpdateSvc - ok
17:13:22.0867 2376 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:13:22.0877 2376 adp94xx - ok
17:13:22.0957 2376 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:13:22.0967 2376 adpahci - ok
17:13:22.0997 2376 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:13:22.0997 2376 adpu320 - ok
17:13:23.0027 2376 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:13:23.0027 2376 AeLookupSvc - ok
17:13:23.0157 2376 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
17:13:23.0157 2376 Afc - ok
17:13:23.0277 2376 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:13:23.0287 2376 AFD - ok
17:13:23.0357 2376 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:13:23.0357 2376 agp440 - ok
17:13:23.0447 2376 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:13:23.0457 2376 ALG - ok
17:13:23.0517 2376 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:13:23.0517 2376 aliide - ok
17:13:23.0527 2376 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:13:23.0537 2376 amdide - ok
17:13:23.0597 2376 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:13:23.0597 2376 AmdK8 - ok
17:13:23.0607 2376 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:13:23.0607 2376 AmdPPM - ok
17:13:23.0637 2376 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:13:23.0637 2376 amdsata - ok
17:13:23.0717 2376 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:13:23.0727 2376 amdsbs - ok
17:13:23.0757 2376 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:13:23.0757 2376 amdxata - ok
17:13:23.0877 2376 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:13:23.0877 2376 AppID - ok
17:13:23.0907 2376 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:13:23.0907 2376 AppIDSvc - ok
17:13:23.0977 2376 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:13:23.0977 2376 Appinfo - ok
17:13:24.0727 2376 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:13:24.0737 2376 Apple Mobile Device - ok
17:13:24.0797 2376 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:13:24.0807 2376 arc - ok
17:13:24.0807 2376 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:13:24.0807 2376 arcsas - ok
17:13:24.0844 2376 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:13:24.0844 2376 AsyncMac - ok
17:13:24.0893 2376 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:13:24.0894 2376 atapi - ok
17:13:24.0964 2376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:13:24.0975 2376 AudioEndpointBuilder - ok
17:13:24.0986 2376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:13:24.0990 2376 AudioSrv - ok
17:13:26.0329 2376 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:13:26.0484 2376 AVGIDSAgent - ok
17:13:26.0586 2376 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:13:26.0587 2376 avgwd - ok
17:13:27.0026 2376 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:13:27.0028 2376 AxInstSV - ok
17:13:27.0393 2376 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:13:27.0400 2376 b06bdrv - ok
17:13:27.0455 2376 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:13:27.0458 2376 b57nd60a - ok
17:13:27.0561 2376 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:13:27.0564 2376 BDESVC - ok
17:13:27.0630 2376 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:13:27.0631 2376 Beep - ok
17:13:27.0767 2376 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:13:27.0771 2376 BFE - ok
17:13:28.0158 2376 [ 1D757A7E020C577C4259A755F21B7152 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
17:13:28.0251 2376 BHDrvx64 - ok
17:13:28.0345 2376 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
17:13:28.0376 2376 BITS - ok
17:13:28.0454 2376 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:13:28.0454 2376 blbdrive - ok
17:13:28.0595 2376 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:13:28.0595 2376 Bonjour Service - ok
17:13:28.0657 2376 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:13:28.0657 2376 bowser - ok
17:13:28.0719 2376 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:13:28.0719 2376 BrFiltLo - ok
17:13:28.0751 2376 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:13:28.0751 2376 BrFiltUp - ok
17:13:28.0813 2376 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:13:28.0813 2376 Browser - ok
17:13:28.0875 2376 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:13:28.0875 2376 Brserid - ok
17:13:28.0875 2376 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:13:28.0875 2376 BrSerWdm - ok
17:13:28.0922 2376 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:13:28.0922 2376 BrUsbMdm - ok
17:13:28.0922 2376 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:13:28.0922 2376 BrUsbSer - ok
17:13:28.0953 2376 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:13:28.0953 2376 BTHMODEM - ok
17:13:29.0109 2376 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:13:29.0109 2376 bthserv - ok
17:13:29.0453 2376 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
17:13:30.0255 2376 ccSet_NIS - ok
17:13:30.0305 2376 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:13:30.0308 2376 cdfs - ok
17:13:30.0456 2376 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:13:30.0457 2376 cdrom - ok
17:13:30.0582 2376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:13:30.0584 2376 CertPropSvc - ok
17:13:30.0894 2376 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:13:30.0895 2376 circlass - ok
17:13:30.0973 2376 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:13:30.0979 2376 CLFS - ok
17:13:31.0180 2376 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:13:31.0183 2376 clr_optimization_v2.0.50727_32 - ok
17:13:31.0344 2376 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:13:31.0346 2376 clr_optimization_v2.0.50727_64 - ok
17:13:32.0712 2376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:13:32.0978 2376 clr_optimization_v4.0.30319_32 - ok
17:13:33.0208 2376 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:13:33.0210 2376 clr_optimization_v4.0.30319_64 - ok
17:13:33.0305 2376 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:13:33.0306 2376 CmBatt - ok
17:13:33.0324 2376 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:13:33.0325 2376 cmdide - ok
17:13:33.0473 2376 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:13:33.0489 2376 CNG - ok
17:13:33.0876 2376 [ A260BE645DD096D90318C8CF98536720 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
17:13:33.0894 2376 CnxtHdAudService - ok
17:13:34.0138 2376 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:13:34.0141 2376 Compbatt - ok
17:13:34.0220 2376 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:13:34.0222 2376 CompositeBus - ok
17:13:34.0259 2376 COMSysApp - ok
17:13:34.0294 2376 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:13:34.0296 2376 crcdisk - ok
17:13:34.0360 2376 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
17:13:34.0363 2376 CryptSvc - ok
17:13:34.0597 2376 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:13:34.0608 2376 cvhsvc - ok
17:13:34.0757 2376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:13:34.0768 2376 DcomLaunch - ok
17:13:34.0840 2376 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:13:34.0848 2376 defragsvc - ok
17:13:34.0889 2376 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:13:34.0891 2376 DfsC - ok
17:13:34.0969 2376 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:13:34.0975 2376 Dhcp - ok
17:13:34.0997 2376 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:13:34.0997 2376 discache - ok
17:13:35.0133 2376 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:13:35.0133 2376 Disk - ok
17:13:35.0218 2376 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:13:35.0224 2376 Dnscache - ok
17:13:35.0246 2376 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:13:35.0250 2376 dot3svc - ok
17:13:35.0267 2376 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:13:35.0268 2376 DPS - ok
17:13:35.0334 2376 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:13:35.0334 2376 drmkaud - ok
17:13:35.0440 2376 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:13:35.0446 2376 DXGKrnl - ok
17:13:35.0563 2376 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:13:35.0566 2376 EapHost - ok
17:13:35.0865 2376 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:13:35.0974 2376 ebdrv - ok
17:13:36.0091 2376 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:13:36.0101 2376 eeCtrl - ok
17:13:36.0150 2376 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:13:36.0152 2376 EFS - ok
17:13:36.0313 2376 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:13:36.0328 2376 ehRecvr - ok
17:13:36.0367 2376 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:13:36.0369 2376 ehSched - ok
17:13:36.0481 2376 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:13:36.0487 2376 elxstor - ok
17:13:36.0561 2376 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:13:36.0565 2376 EraserUtilRebootDrv - ok
17:13:36.0591 2376 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:13:36.0593 2376 ErrDev - ok
17:13:36.0748 2376 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:13:36.0755 2376 EventSystem - ok
17:13:36.0838 2376 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:13:36.0842 2376 exfat - ok
17:13:36.0872 2376 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:13:36.0877 2376 fastfat - ok
17:13:36.0996 2376 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:13:37.0009 2376 Fax - ok
17:13:37.0034 2376 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:13:37.0036 2376 fdc - ok
17:13:37.0107 2376 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:13:37.0108 2376 fdPHost - ok
17:13:37.0116 2376 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:13:37.0117 2376 FDResPub - ok
17:13:37.0182 2376 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:13:37.0183 2376 FileInfo - ok
17:13:37.0225 2376 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:13:37.0227 2376 Filetrace - ok
17:13:37.0254 2376 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:13:37.0256 2376 flpydisk - ok
17:13:37.0297 2376 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:13:37.0300 2376 FltMgr - ok
17:13:37.0459 2376 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:13:37.0478 2376 FontCache - ok
17:13:37.0529 2376 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:13:37.0531 2376 FontCache3.0.0.0 - ok
17:13:37.0579 2376 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:13:37.0581 2376 FsDepends - ok
17:13:37.0628 2376 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:13:37.0629 2376 Fs_Rec - ok
17:13:37.0672 2376 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:13:37.0677 2376 fvevol - ok
17:13:37.0739 2376 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
17:13:37.0740 2376 FwLnk - ok
17:13:37.0820 2376 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:13:37.0823 2376 gagp30kx - ok
17:13:37.0915 2376 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:13:37.0916 2376 GEARAspiWDM - ok
17:13:38.0006 2376 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:13:38.0018 2376 gpsvc - ok
17:13:38.0141 2376 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:13:38.0144 2376 gupdate - ok
17:13:38.0154 2376 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:13:38.0157 2376 gupdatem - ok
17:13:38.0204 2376 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:13:38.0205 2376 hcw85cir - ok
17:13:38.0247 2376 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:13:38.0251 2376 HdAudAddService - ok
17:13:38.0324 2376 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:13:38.0325 2376 HDAudBus - ok
17:13:38.0330 2376 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:13:38.0331 2376 HidBatt - ok
17:13:38.0372 2376 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:13:38.0374 2376 HidBth - ok
17:13:38.0452 2376 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:13:38.0454 2376 HidIr - ok
17:13:38.0474 2376 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:13:38.0475 2376 hidserv - ok
17:13:38.0585 2376 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
17:13:38.0586 2376 HidUsb - ok
17:13:38.0653 2376 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:13:38.0655 2376 hkmsvc - ok
17:13:38.0716 2376 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:13:38.0719 2376 HomeGroupListener - ok
17:13:38.0753 2376 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:13:38.0755 2376 HomeGroupProvider - ok
17:13:38.0867 2376 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:13:38.0868 2376 HpSAMD - ok
17:13:38.0969 2376 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:13:38.0974 2376 HTTP - ok
17:13:39.0013 2376 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:13:39.0014 2376 hwpolicy - ok
17:13:39.0148 2376 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:13:39.0149 2376 i8042prt - ok
17:13:39.0253 2376 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:13:39.0256 2376 iaStor - ok
17:13:39.0367 2376 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:13:39.0371 2376 iaStorV - ok
17:13:39.0473 2376 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:13:39.0487 2376 idsvc - ok
17:13:39.0608 2376 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120303.003\IDSvia64.sys
17:13:39.0615 2376 IDSVia64 - ok
17:13:39.0913 2376 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:13:39.0988 2376 igfx - ok
17:13:40.0065 2376 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:13:40.0068 2376 iirsp - ok
17:13:40.0120 2376 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:13:40.0125 2376 IKEEXT - ok
17:13:40.0178 2376 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:13:40.0179 2376 intelide - ok
17:13:40.0255 2376 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:13:40.0255 2376 intelppm - ok
17:13:40.0313 2376 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:13:40.0315 2376 IPBusEnum - ok
17:13:40.0342 2376 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:13:40.0344 2376 IpFilterDriver - ok
17:13:40.0393 2376 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:13:40.0395 2376 IPMIDRV - ok
17:13:40.0428 2376 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:13:40.0430 2376 IPNAT - ok
17:13:40.0588 2376 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:13:40.0593 2376 iPod Service - ok
17:13:40.0673 2376 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:13:40.0673 2376 IRENUM - ok
17:13:40.0720 2376 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:13:40.0720 2376 isapnp - ok
17:13:40.0733 2376 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:13:40.0737 2376 iScsiPrt - ok
17:13:40.0783 2376 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:13:40.0783 2376 kbdclass - ok
17:13:40.0826 2376 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:13:40.0827 2376 kbdhid - ok
17:13:40.0850 2376 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:13:40.0851 2376 KeyIso - ok
17:13:40.0918 2376 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:13:40.0920 2376 KSecDD - ok
17:13:40.0973 2376 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:13:40.0975 2376 KSecPkg - ok
17:13:41.0035 2376 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:13:41.0037 2376 ksthunk - ok
17:13:41.0122 2376 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:13:41.0126 2376 KtmRm - ok
17:13:41.0182 2376 [ 045FB70BC993B691517CE309045FF02D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
17:13:41.0182 2376 L1C - ok
17:13:41.0316 2376 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:13:41.0319 2376 LanmanServer - ok
17:13:41.0371 2376 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:13:41.0373 2376 LanmanWorkstation - ok
17:13:41.0487 2376 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:13:41.0488 2376 lltdio - ok
17:13:41.0567 2376 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:13:41.0571 2376 lltdsvc - ok
17:13:41.0647 2376 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:13:41.0648 2376 lmhosts - ok
17:13:41.0767 2376 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:13:41.0773 2376 LMS - ok
17:13:41.0861 2376 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:13:41.0862 2376 LSI_FC - ok
17:13:41.0896 2376 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:13:41.0898 2376 LSI_SAS - ok
17:13:41.0929 2376 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:13:41.0930 2376 LSI_SAS2 - ok
17:13:41.0960 2376 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:13:41.0962 2376 LSI_SCSI - ok
17:13:42.0017 2376 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:13:42.0018 2376 luafv - ok
17:13:42.0025 2376 MBAMProtector - ok
17:13:42.0075 2376 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:13:42.0078 2376 MBAMScheduler - ok
17:13:42.0141 2376 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:13:42.0148 2376 MBAMService - ok
17:13:42.0188 2376 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:13:42.0191 2376 Mcx2Svc - ok
17:13:42.0238 2376 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:13:42.0238 2376 megasas - ok
17:13:42.0268 2376 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:13:42.0271 2376 MegaSR - ok
17:13:42.0305 2376 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:13:42.0305 2376 MEIx64 - ok
17:13:42.0432 2376 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:13:42.0434 2376 MMCSS - ok
17:13:42.0455 2376 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:13:42.0458 2376 Modem - ok
17:13:42.0538 2376 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:13:42.0539 2376 monitor - ok
17:13:42.0588 2376 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:13:42.0588 2376 mouclass - ok
17:13:42.0616 2376 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
17:13:42.0617 2376 mouhid - ok
17:13:42.0661 2376 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:13:42.0662 2376 mountmgr - ok
17:13:42.0732 2376 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:13:42.0734 2376 mpio - ok
17:13:42.0751 2376 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:13:42.0752 2376 mpsdrv - ok
17:13:42.0768 2376 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:13:42.0770 2376 MRxDAV - ok
17:13:42.0796 2376 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:13:42.0797 2376 mrxsmb - ok
17:13:42.0818 2376 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:13:42.0820 2376 mrxsmb10 - ok
17:13:42.0841 2376 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:13:42.0842 2376 mrxsmb20 - ok
17:13:42.0886 2376 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
17:13:42.0887 2376 msahci - ok
17:13:42.0903 2376 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:13:42.0905 2376 msdsm - ok
17:13:42.0954 2376 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:13:42.0957 2376 MSDTC - ok
17:13:43.0020 2376 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:13:43.0020 2376 Msfs - ok
17:13:43.0032 2376 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:13:43.0033 2376 mshidkmdf - ok
17:13:43.0061 2376 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:13:43.0061 2376 msisadrv - ok
17:13:43.0107 2376 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:13:43.0110 2376 MSiSCSI - ok
17:13:43.0113 2376 msiserver - ok
17:13:43.0165 2376 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:13:43.0166 2376 MSKSSRV - ok
17:13:43.0189 2376 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:13:43.0190 2376 MSPCLOCK - ok
17:13:43.0194 2376 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:13:43.0195 2376 MSPQM - ok
17:13:43.0234 2376 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:13:43.0238 2376 MsRPC - ok
17:13:43.0248 2376 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:13:43.0248 2376 mssmbios - ok
17:13:43.0279 2376 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:13:43.0279 2376 MSTEE - ok
17:13:43.0279 2376 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:13:43.0279 2376 MTConfig - ok
17:13:43.0331 2376 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:13:43.0332 2376 Mup - ok
17:13:43.0373 2376 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:13:43.0379 2376 napagent - ok
17:13:43.0456 2376 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:13:43.0458 2376 NativeWifiP - ok
17:13:43.0540 2376 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120304.006\ENG64.SYS
17:13:43.0542 2376 NAVENG - ok
17:13:43.0609 2376 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120304.006\EX64.SYS
17:13:43.0649 2376 NAVEX15 - ok
17:13:43.0726 2376 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:13:43.0736 2376 NDIS - ok
17:13:43.0801 2376 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:13:43.0802 2376 NdisCap - ok
17:13:43.0836 2376 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:13:43.0846 2376 NdisTapi - ok
17:13:43.0866 2376 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:13:43.0867 2376 Ndisuio - ok
17:13:43.0887 2376 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:13:43.0888 2376 NdisWan - ok
17:13:43.0917 2376 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:13:43.0917 2376 NDProxy - ok
17:13:43.0993 2376 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:13:43.0993 2376 NetBIOS - ok
17:13:44.0068 2376 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:13:44.0070 2376 NetBT - ok
17:13:44.0118 2376 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:13:44.0119 2376 Netlogon - ok
17:13:44.0214 2376 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:13:44.0221 2376 Netman - ok
17:13:44.0306 2376 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:13:44.0322 2376 netprofm - ok
17:13:44.0360 2376 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:44.0363 2376 NetTcpPortSharing - ok
17:13:44.0469 2376 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:13:44.0819 2376 nfrd960 - ok
17:13:45.0210 2376 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
17:13:45.0237 2376 NIS - ok
17:13:45.0295 2376 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:13:45.0297 2376 NlaSvc - ok
17:13:45.0423 2376 Norton PC Checkup Application Launcher - ok
17:13:45.0457 2376 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:13:45.0457 2376 Npfs - ok
17:13:45.0494 2376 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:13:45.0495 2376 nsi - ok
17:13:45.0560 2376 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:13:45.0560 2376 nsiproxy - ok
17:13:45.0857 2376 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:13:45.0893 2376 Ntfs - ok
17:13:45.0915 2376 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:13:45.0916 2376 Null - ok
17:13:45.0958 2376 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:13:45.0960 2376 nvraid - ok
17:13:45.0986 2376 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:13:45.0989 2376 nvstor - ok
17:13:46.0021 2376 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:13:46.0023 2376 nv_agp - ok
17:13:46.0027 2376 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:13:46.0028 2376 ohci1394 - ok
17:13:46.0085 2376 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:13:46.0087 2376 ose - ok
17:13:46.0402 2376 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:13:46.0562 2376 osppsvc - ok
17:13:46.0669 2376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:13:46.0674 2376 p2pimsvc - ok
17:13:46.0725 2376 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:13:46.0731 2376 p2psvc - ok
17:13:46.0754 2376 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:13:46.0756 2376 Parport - ok
17:13:46.0787 2376 Partizan - ok
17:13:46.0842 2376 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:13:46.0843 2376 partmgr - ok
17:13:46.0877 2376 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:13:46.0879 2376 PcaSvc - ok
17:13:46.0962 2376 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
17:13:46.0963 2376 PCCUJobMgr - ok
17:13:46.0990 2376 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:13:46.0993 2376 pci - ok
17:13:47.0017 2376 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
17:13:47.0017 2376 pciide - ok
17:13:47.0046 2376 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:13:47.0049 2376 pcmcia - ok
17:13:47.0094 2376 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:13:47.0095 2376 pcw - ok
17:13:47.0131 2376 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:13:47.0135 2376 PEAUTH - ok
17:13:47.0212 2376 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:13:47.0214 2376 PerfHost - ok
17:13:47.0280 2376 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
17:13:47.0280 2376 PGEffect - ok
17:13:47.0352 2376 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:13:47.0368 2376 pla - ok
17:13:47.0430 2376 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:13:47.0446 2376 PlugPlay - ok
17:13:47.0477 2376 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:13:47.0477 2376 PNRPAutoReg - ok
17:13:47.0502 2376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:13:47.0507 2376 PNRPsvc - ok
17:13:47.0579 2376 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:13:47.0585 2376 PolicyAgent - ok
17:13:47.0638 2376 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:13:47.0640 2376 Power - ok
17:13:47.0709 2376 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:13:47.0710 2376 PptpMiniport - ok
17:13:47.0737 2376 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:13:47.0739 2376 Processor - ok
17:13:47.0779 2376 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:13:47.0781 2376 ProfSvc - ok
17:13:47.0795 2376 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:13:47.0796 2376 ProtectedStorage - ok
17:13:47.0835 2376 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:13:47.0836 2376 Psched - ok
17:13:47.0969 2376 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:13:48.0019 2376 ql2300 - ok
17:13:48.0024 2376 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:13:48.0026 2376 ql40xx - ok
17:13:48.0049 2376 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:13:48.0054 2376 QWAVE - ok
17:13:48.0075 2376 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:13:48.0076 2376 QWAVEdrv - ok
17:13:48.0079 2376 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:13:48.0080 2376 RasAcd - ok
17:13:48.0128 2376 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:13:48.0129 2376 RasAgileVpn - ok
17:13:48.0140 2376 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:13:48.0142 2376 RasAuto - ok
17:13:48.0180 2376 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:13:48.0181 2376 Rasl2tp - ok
17:13:48.0230 2376 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:13:48.0234 2376 RasMan - ok
17:13:48.0248 2376 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:13:48.0249 2376 RasPppoe - ok
17:13:48.0298 2376 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:13:48.0298 2376 RasSstp - ok
17:13:48.0320 2376 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:13:48.0324 2376 rdbss - ok
17:13:48.0349 2376 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:13:48.0350 2376 rdpbus - ok
17:13:48.0399 2376 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:13:48.0399 2376 RDPCDD - ok
17:13:48.0415 2376 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:13:48.0415 2376 RDPENCDD - ok
17:13:48.0434 2376 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:13:48.0435 2376 RDPREFMP - ok
17:13:48.0491 2376 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:13:48.0494 2376 RDPWD - ok
17:13:48.0604 2376 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:13:48.0621 2376 rdyboost - ok
17:13:48.0658 2376 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:13:48.0661 2376 RemoteAccess - ok
17:13:48.0752 2376 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:13:48.0755 2376 RemoteRegistry - ok
17:13:48.0796 2376 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:13:48.0797 2376 RpcEptMapper - ok
17:13:48.0832 2376 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:13:48.0833 2376 RpcLocator - ok
17:13:48.0932 2376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:13:48.0935 2376 RpcSs - ok
17:13:48.0999 2376 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:13:48.0999 2376 rspndr - ok
17:13:49.0071 2376 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:13:49.0074 2376 RSUSBSTOR - ok
17:13:49.0166 2376 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
17:13:49.0172 2376 RTL8192Ce - ok
17:13:49.0184 2376 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:13:49.0186 2376 SamSs - ok
17:13:49.0229 2376 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:13:49.0232 2376 sbp2port - ok
17:13:49.0280 2376 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:13:49.0284 2376 SCardSvr - ok
17:13:49.0305 2376 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:13:49.0306 2376 scfilter - ok
17:13:49.0408 2376 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:13:49.0415 2376 Schedule - ok
17:13:49.0450 2376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:13:49.0464 2376 SCPolicySvc - ok
17:13:49.0552 2376 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:13:49.0555 2376 SDRSVC - ok
17:13:49.0577 2376 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:13:49.0577 2376 secdrv - ok
17:13:49.0601 2376 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:13:49.0603 2376 seclogon - ok
17:13:49.0638 2376 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:13:49.0639 2376 SENS - ok
17:13:49.0671 2376 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:13:49.0673 2376 SensrSvc - ok
17:13:49.0702 2376 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:13:49.0703 2376 Serenum - ok
17:13:49.0775 2376 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:13:49.0778 2376 Serial - ok
17:13:49.0782 2376 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:13:49.0783 2376 sermouse - ok
17:13:50.0185 2376 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:13:50.0188 2376 SessionEnv - ok
17:13:50.0250 2376 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:13:50.0251 2376 sffdisk - ok
17:13:50.0254 2376 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:13:50.0255 2376 sffp_mmc - ok
17:13:50.0258 2376 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:13:50.0259 2376 sffp_sd - ok
17:13:50.0264 2376 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:13:50.0265 2376 sfloppy - ok
17:13:50.0314 2376 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:13:50.0319 2376 Sftfs - ok
17:13:50.0386 2376 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:13:50.0389 2376 sftlist - ok
17:13:50.0441 2376 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:13:50.0443 2376 Sftplay - ok
17:13:50.0472 2376 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:13:50.0472 2376 Sftredir - ok
17:13:50.0505 2376 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:13:50.0506 2376 Sftvol - ok
17:13:50.0523 2376 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:13:50.0525 2376 sftvsa - ok
17:13:50.0556 2376 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:13:50.0559 2376 ShellHWDetection - ok
17:13:50.0618 2376 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:13:50.0620 2376 SiSRaid2 - ok
17:13:50.0652 2376 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:13:50.0652 2376 SiSRaid4 - ok
17:13:50.0748 2376 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:13:50.0749 2376 SkypeUpdate - ok
17:13:50.0811 2376 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:13:50.0813 2376 Smb - ok
17:13:50.0871 2376 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:13:50.0872 2376 SNMPTRAP - ok
17:13:50.0903 2376 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:13:50.0904 2376 spldr - ok
17:13:50.0969 2376 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:13:50.0974 2376 Spooler - ok
17:13:51.0376 2376 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:13:51.0457 2376 sppsvc - ok
17:13:51.0496 2376 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:13:51.0500 2376 sppuinotify - ok
17:13:51.0720 2376 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
17:13:51.0720 2376 SRTSP - ok
17:13:51.0766 2376 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
17:13:51.0768 2376 SRTSPX - ok
17:13:51.0826 2376 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:13:51.0829 2376 srv - ok
17:13:51.0847 2376 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:13:51.0851 2376 srv2 - ok
17:13:51.0869 2376 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:13:51.0870 2376 srvnet - ok
17:13:51.0930 2376 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:13:51.0933 2376 SSDPSRV - ok
17:13:51.0949 2376 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:13:51.0951 2376 SstpSvc - ok
17:13:51.0969 2376 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:13:51.0970 2376 stexstor - ok
17:13:52.0033 2376 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:13:52.0038 2376 stisvc - ok
17:13:52.0073 2376 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:13:52.0073 2376 swenum - ok
17:13:52.0104 2376 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:13:52.0111 2376 swprv - ok
17:13:52.0146 2376 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
17:13:52.0152 2376 SymDS - ok
17:13:52.0195 2376 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
17:13:52.0208 2376 SymEFA - ok
17:13:52.0246 2376 [ 894579207E39C465737E850A252CE4F2 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
17:13:52.0248 2376 SymEvent - ok
17:13:52.0282 2376 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
17:13:52.0287 2376 SymIRON - ok
17:13:52.0348 2376 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
17:13:52.0354 2376 SymNetS - ok
17:13:52.0419 2376 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:13:52.0421 2376 SynTP - ok
17:13:52.0543 2376 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:13:52.0559 2376 SysMain - ok
17:13:52.0594 2376 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:13:52.0633 2376 TabletInputService - ok
17:13:52.0667 2376 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:13:52.0672 2376 TapiSrv - ok
17:13:52.0690 2376 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:13:52.0692 2376 TBS - ok
17:13:52.0871 2376 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:13:52.0918 2376 Tcpip - ok
17:13:52.0964 2376 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:13:52.0964 2376 TCPIP6 - ok
17:13:53.0011 2376 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:13:53.0011 2376 tcpipreg - ok
17:13:53.0042 2376 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
17:13:53.0042 2376 tdcmdpst - ok
17:13:53.0074 2376 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:13:53.0074 2376 TDPIPE - ok
17:13:53.0105 2376 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:13:53.0120 2376 TDTCP - ok
17:13:53.0167 2376 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:13:53.0167 2376 tdx - ok
17:13:53.0183 2376 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:13:53.0183 2376 TermDD - ok
17:13:53.0214 2376 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:13:53.0230 2376 TermService - ok
17:13:53.0264 2376 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:13:53.0265 2376 Themes - ok
17:13:53.0289 2376 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:13:53.0290 2376 THREADORDER - ok
17:13:53.0399 2376 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:13:53.0399 2376 TMachInfo - ok
17:13:53.0442 2376 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
17:13:53.0444 2376 TODDSrv - ok
17:13:53.0551 2376 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
17:13:53.0554 2376 TosCoSrv - ok
17:13:53.0621 2376 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:13:53.0623 2376 TOSHIBA HDD SSD Alert Service - ok
17:13:53.0712 2376 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
17:13:53.0724 2376 tos_sps64 - ok
17:13:53.0795 2376 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:13:53.0799 2376 TrkWks - ok
17:13:53.0872 2376 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:13:53.0876 2376 TrustedInstaller - ok
17:13:53.0913 2376 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:13:53.0915 2376 tssecsrv - ok
17:13:53.0960 2376 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:13:53.0961 2376 TsUsbFlt - ok
17:13:53.0979 2376 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:13:53.0980 2376 TsUsbGD - ok
17:13:54.0050 2376 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:13:54.0051 2376 tunnel - ok
17:13:54.0177 2376 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:13:54.0192 2376 TVALZ - ok
17:13:54.0209 2376 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:13:54.0248 2376 uagp35 - ok
17:13:54.0275 2376 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:13:54.0279 2376 udfs - ok
17:13:54.0325 2376 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:13:54.0327 2376 UI0Detect - ok
17:13:54.0331 2376 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:13:54.0332 2376 uliagpkx - ok
17:13:54.0373 2376 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:13:54.0373 2376 umbus - ok
17:13:54.0398 2376 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:13:54.0399 2376 UmPass - ok
17:13:54.0599 2376 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:13:54.0635 2376 UNS - ok
17:13:54.0694 2376 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:13:54.0697 2376 upnphost - ok
17:13:54.0764 2376 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:13:54.0766 2376 USBAAPL64 - ok
17:13:54.0803 2376 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:13:54.0803 2376 usbccgp - ok
17:13:54.0847 2376 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:13:54.0849 2376 usbcir - ok
17:13:54.0875 2376 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:13:54.0876 2376 usbehci - ok
17:13:54.0919 2376 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:13:54.0921 2376 usbhub - ok
17:13:54.0938 2376 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:13:54.0939 2376 usbohci - ok
17:13:55.0047 2376 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:13:55.0048 2376 usbprint - ok
17:13:55.0101 2376 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
17:13:55.0103 2376 usbscan - ok
17:13:55.0143 2376 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:13:55.0145 2376 USBSTOR - ok
17:13:55.0180 2376 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:13:55.0181 2376 usbuhci - ok
17:13:55.0255 2376 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:13:55.0256 2376 usbvideo - ok
17:13:55.0318 2376 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:13:55.0319 2376 UxSms - ok
17:13:55.0385 2376 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:13:55.0386 2376 VaultSvc - ok
17:13:55.0447 2376 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:13:55.0449 2376 vdrvroot - ok
17:13:55.0501 2376 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:13:55.0507 2376 vds - ok
17:13:55.0565 2376 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:13:55.0577 2376 vga - ok
17:13:55.0683 2376 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:13:55.0684 2376 VgaSave - ok
17:13:55.0730 2376 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:13:55.0734 2376 vhdmp - ok
17:13:55.0737 2376 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:13:55.0738 2376 viaide - ok
17:13:55.0779 2376 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:13:55.0781 2376 volmgr - ok
17:13:55.0820 2376 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:13:55.0824 2376 volmgrx - ok
17:13:55.0862 2376 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
17:13:55.0866 2376 volsnap - ok
17:13:55.0977 2376 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:13:55.0979 2376 vsmraid - ok
17:13:56.0088 2376 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:13:56.0104 2376 VSS - ok
17:13:56.0142 2376 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:13:56.0143 2376 vwifibus - ok
17:13:56.0165 2376 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:13:56.0166 2376 vwififlt - ok
17:13:56.0215 2376 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:13:56.0220 2376 W32Time - ok
17:13:56.0267 2376 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:13:56.0268 2376 WacomPen - ok
17:13:56.0312 2376 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:13:56.0313 2376 WANARP - ok
17:13:56.0316 2376 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:13:56.0317 2376 Wanarpv6 - ok
17:13:56.0448 2376 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:13:56.0461 2376 WatAdminSvc - ok
17:13:56.0586 2376 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:13:56.0603 2376 wbengine - ok
17:13:56.0624 2376 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:13:56.0627 2376 WbioSrvc - ok
17:13:56.0661 2376 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:13:56.0667 2376 wcncsvc - ok
17:13:56.0678 2376 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:13:56.0681 2376 WcsPlugInService - ok
17:13:56.0706 2376 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:13:56.0707 2376 Wd - ok
17:13:56.0729 2376 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:13:56.0736 2376 Wdf01000 - ok
17:13:56.0772 2376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:13:56.0775 2376 WdiServiceHost - ok
17:13:56.0778 2376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:13:56.0780 2376 WdiSystemHost - ok
17:13:56.0818 2376 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:13:56.0822 2376 WebClient - ok
17:13:56.0837 2376 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:13:56.0840 2376 Wecsvc - ok
17:13:56.0881 2376 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:13:56.0883 2376 wercplsupport - ok
17:13:56.0921 2376 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:13:56.0923 2376 WerSvc - ok
17:13:56.0966 2376 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:13:56.0966 2376 WfpLwf - ok
17:13:57.0028 2376 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:13:57.0030 2376 WIMMount - ok
17:13:57.0034 2376 WinHttpAutoProxySvc - ok
17:13:57.0123 2376 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:13:57.0124 2376 Winmgmt - ok
17:13:57.0345 2376 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:13:57.0370 2376 WinRM - ok
17:13:57.0466 2376 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:13:57.0468 2376 WinUsb - ok
17:13:57.0530 2376 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:13:57.0538 2376 Wlansvc - ok
17:13:57.0633 2376 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:13:57.0634 2376 wlcrasvc - ok
17:13:57.0783 2376 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:13:57.0796 2376 wlidsvc - ok
17:13:57.0806 2376 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:13:57.0808 2376 WmiAcpi - ok
17:13:57.0844 2376 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:13:57.0847 2376 wmiApSrv - ok
17:13:57.0907 2376 WMPNetworkSvc - ok
17:13:57.0947 2376 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:13:57.0950 2376 WPCSvc - ok
17:13:57.0977 2376 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:13:57.0979 2376 WPDBusEnum - ok
17:13:58.0013 2376 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:13:58.0014 2376 ws2ifsl - ok
17:13:58.0018 2376 WSearch - ok
17:13:58.0157 2376 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:13:58.0182 2376 wuauserv - ok
17:13:58.0207 2376 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:13:58.0208 2376 WudfPf - ok
17:13:58.0320 2376 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:13:58.0323 2376 WUDFRd - ok
17:13:58.0372 2376 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:13:58.0373 2376 wudfsvc - ok
17:13:58.0411 2376 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:13:58.0414 2376 WwanSvc - ok
17:13:58.0452 2376 ================ Scan global ===============================
17:13:58.0483 2376 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:13:58.0519 2376 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:13:58.0525 2376 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:13:58.0555 2376 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:13:58.0588 2376 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:13:58.0591 2376 [Global] - ok
17:13:58.0592 2376 ================ Scan MBR ==================================
17:13:58.0605 2376 [ FDD46D635CDEA2AE30B1143C81F72849 ] \Device\Harddisk0\DR0
17:13:58.0978 2376 Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
17:13:59.0094 2376 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
17:13:59.0094 2376 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
17:13:59.0097 2376 ================ Scan VBR ==================================
17:13:59.0128 2376 [ F35360472A297C6EDD472B5A8FE5D58B ] \Device\Harddisk0\DR0\Partition1
17:13:59.0129 2376 \Device\Harddisk0\DR0\Partition1 - ok
17:13:59.0130 2376 ============================================================
17:13:59.0130 2376 Scan finished
17:13:59.0130 2376 ============================================================
17:13:59.0140 2156 Detected object count: 1
17:13:59.0140 2156 Actual detected object count: 1
17:14:14.0429 2156 \Device\Harddisk0\DR0\# - copied to quarantine
17:14:14.0430 2156 \Device\Harddisk0\DR0 - copied to quarantine
17:14:14.0655 2156 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:14:14.0656 2156 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
17:14:14.0657 2156 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
17:14:14.0667 2156 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
17:14:14.0668 2156 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
17:14:14.0670 2156 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
17:14:14.0671 2156 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
17:14:14.0672 2156 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
17:14:14.0673 2156 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
17:14:14.0704 2156 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:14:14.0714 2156 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:14:14.0716 2156 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:14:14.0717 2156 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:14:14.0718 2156 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
17:14:14.0719 2156 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine
17:14:14.0720 2156 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine
17:14:14.0722 2156 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine
17:14:14.0722 2156 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
17:14:14.0724 2156 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
17:14:14.0725 2156 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
17:14:14.0788 2156 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
17:14:14.0808 2156 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
17:14:14.0829 2156 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
17:14:14.0898 2156 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
17:14:14.0941 2156 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
17:14:14.0966 2156 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
17:14:15.0300 2156 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
17:14:15.0394 2156 \Device\Harddisk0\DR0 - processing error
17:14:26.0741 2156 \Device\Harddisk0\DR0 - will be restored on reboot
17:14:26.0846 2156 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:13 PM

Posted 30 October 2012 - 04:19 PM

Reboot the PC and run all these scans and post the logs

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply



#10 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 04:41 PM

TDSSKiller:

17:39:25.0517 2128 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:39:26.0134 2128 ============================================================
17:39:26.0134 2128 Current date / time: 2012/10/30 17:39:26.0134
17:39:26.0134 2128 SystemInfo:
17:39:26.0134 2128
17:39:26.0134 2128 OS Version: 6.1.7601 ServicePack: 1.0
17:39:26.0134 2128 Product type: Workstation
17:39:26.0134 2128 ComputerName: GINABINASLAPTOP
17:39:26.0135 2128 UserName: ginabina
17:39:26.0135 2128 Windows directory: C:\windows
17:39:26.0135 2128 System windows directory: C:\windows
17:39:26.0135 2128 Running under WOW64
17:39:26.0135 2128 Processor architecture: Intel x64
17:39:26.0135 2128 Number of processors: 2
17:39:26.0135 2128 Page size: 0x1000
17:39:26.0135 2128 Boot type: Normal boot
17:39:26.0135 2128 ============================================================
17:39:26.0252 2128 BG loaded
17:39:26.0628 2128 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:39:26.0636 2128 ============================================================
17:39:26.0636 2128 \Device\Harddisk0\DR0:
17:39:26.0636 2128 MBR partitions:
17:39:26.0636 2128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235E9800
17:39:26.0636 2128 ============================================================
17:39:26.0660 2128 C: <-> \Device\Harddisk0\DR0\Partition1
17:39:26.0660 2128 ============================================================
17:39:26.0661 2128 Initialize success
17:39:26.0661 2128 ============================================================
17:39:30.0091 3692 ============================================================
17:39:30.0091 3692 Scan started
17:39:30.0091 3692 Mode: Manual;
17:39:30.0091 3692 ============================================================
17:39:30.0586 3692 ================ Scan system memory ========================
17:39:30.0586 3692 System memory - ok
17:39:30.0589 3692 ================ Scan services =============================
17:39:30.0798 3692 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:39:30.0803 3692 1394ohci - ok
17:39:31.0005 3692 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:39:31.0007 3692 ACDaemon - ok
17:39:31.0062 3692 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:39:31.0070 3692 ACPI - ok
17:39:31.0126 3692 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:39:31.0127 3692 AcpiPmi - ok
17:39:31.0267 3692 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:39:31.0272 3692 AdobeFlashPlayerUpdateSvc - ok
17:39:31.0345 3692 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:39:31.0355 3692 adp94xx - ok
17:39:31.0438 3692 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:39:31.0445 3692 adpahci - ok
17:39:31.0475 3692 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:39:31.0477 3692 adpu320 - ok
17:39:31.0505 3692 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:39:31.0506 3692 AeLookupSvc - ok
17:39:31.0610 3692 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
17:39:31.0611 3692 Afc - ok
17:39:31.0685 3692 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:39:31.0692 3692 AFD - ok
17:39:31.0742 3692 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:39:31.0744 3692 agp440 - ok
17:39:31.0771 3692 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:39:31.0775 3692 ALG - ok
17:39:31.0812 3692 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:39:31.0813 3692 aliide - ok
17:39:31.0821 3692 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:39:31.0822 3692 amdide - ok
17:39:31.0865 3692 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:39:31.0867 3692 AmdK8 - ok
17:39:31.0872 3692 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:39:31.0873 3692 AmdPPM - ok
17:39:31.0937 3692 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:39:31.0938 3692 amdsata - ok
17:39:31.0966 3692 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:39:31.0969 3692 amdsbs - ok
17:39:31.0992 3692 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:39:31.0993 3692 amdxata - ok
17:39:32.0021 3692 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:39:32.0023 3692 AppID - ok
17:39:32.0061 3692 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:39:32.0063 3692 AppIDSvc - ok
17:39:32.0083 3692 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:39:32.0084 3692 Appinfo - ok
17:39:32.0195 3692 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:39:32.0197 3692 Apple Mobile Device - ok
17:39:32.0246 3692 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:39:32.0248 3692 arc - ok
17:39:32.0257 3692 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:39:32.0260 3692 arcsas - ok
17:39:32.0309 3692 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:39:32.0310 3692 AsyncMac - ok
17:39:32.0377 3692 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:39:32.0379 3692 atapi - ok
17:39:32.0454 3692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:39:32.0464 3692 AudioEndpointBuilder - ok
17:39:32.0476 3692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:39:32.0483 3692 AudioSrv - ok
17:39:32.0915 3692 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:39:33.0027 3692 AVGIDSAgent - ok
17:39:33.0080 3692 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:39:33.0081 3692 avgwd - ok
17:39:33.0143 3692 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:39:33.0147 3692 AxInstSV - ok
17:39:33.0211 3692 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:39:33.0218 3692 b06bdrv - ok
17:39:33.0261 3692 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:39:33.0264 3692 b57nd60a - ok
17:39:33.0333 3692 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:39:33.0337 3692 BDESVC - ok
17:39:33.0358 3692 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:39:33.0359 3692 Beep - ok
17:39:33.0429 3692 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:39:33.0435 3692 BFE - ok
17:39:33.0657 3692 [ 1D757A7E020C577C4259A755F21B7152 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
17:39:33.0670 3692 BHDrvx64 - ok
17:39:33.0711 3692 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
17:39:33.0720 3692 BITS - ok
17:39:33.0776 3692 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:39:33.0777 3692 blbdrive - ok
17:39:33.0893 3692 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:39:33.0901 3692 Bonjour Service - ok
17:39:33.0942 3692 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:39:33.0944 3692 bowser - ok
17:39:33.0984 3692 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:39:33.0985 3692 BrFiltLo - ok
17:39:34.0018 3692 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:39:34.0019 3692 BrFiltUp - ok
17:39:34.0054 3692 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:39:34.0057 3692 Browser - ok
17:39:34.0086 3692 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:39:34.0093 3692 Brserid - ok
17:39:34.0102 3692 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:39:34.0106 3692 BrSerWdm - ok
17:39:34.0113 3692 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:39:34.0114 3692 BrUsbMdm - ok
17:39:34.0118 3692 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:39:34.0119 3692 BrUsbSer - ok
17:39:34.0124 3692 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:39:34.0125 3692 BTHMODEM - ok
17:39:34.0171 3692 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:39:34.0172 3692 bthserv - ok
17:39:34.0295 3692 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
17:39:34.0298 3692 ccSet_NIS - ok
17:39:34.0355 3692 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:39:34.0357 3692 cdfs - ok
17:39:34.0406 3692 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:39:34.0409 3692 cdrom - ok
17:39:34.0466 3692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:39:34.0469 3692 CertPropSvc - ok
17:39:34.0527 3692 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:39:34.0529 3692 circlass - ok
17:39:34.0559 3692 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:39:34.0567 3692 CLFS - ok
17:39:34.0641 3692 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:34.0645 3692 clr_optimization_v2.0.50727_32 - ok
17:39:34.0694 3692 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:39:34.0697 3692 clr_optimization_v2.0.50727_64 - ok
17:39:34.0784 3692 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:39:34.0787 3692 clr_optimization_v4.0.30319_32 - ok
17:39:34.0826 3692 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:39:34.0829 3692 clr_optimization_v4.0.30319_64 - ok
17:39:34.0888 3692 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:39:34.0890 3692 CmBatt - ok
17:39:34.0907 3692 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:39:34.0909 3692 cmdide - ok
17:39:34.0968 3692 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:39:34.0977 3692 CNG - ok
17:39:35.0094 3692 [ A260BE645DD096D90318C8CF98536720 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
17:39:35.0113 3692 CnxtHdAudService - ok
17:39:35.0176 3692 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:39:35.0177 3692 Compbatt - ok
17:39:35.0225 3692 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:39:35.0226 3692 CompositeBus - ok
17:39:35.0253 3692 COMSysApp - ok
17:39:35.0276 3692 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:39:35.0278 3692 crcdisk - ok
17:39:35.0319 3692 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
17:39:35.0322 3692 CryptSvc - ok
17:39:35.0424 3692 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:39:35.0436 3692 cvhsvc - ok
17:39:35.0517 3692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:39:35.0527 3692 DcomLaunch - ok
17:39:35.0589 3692 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:39:35.0597 3692 defragsvc - ok
17:39:35.0649 3692 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:39:35.0650 3692 DfsC - ok
17:39:35.0683 3692 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:39:35.0689 3692 Dhcp - ok
17:39:35.0712 3692 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:39:35.0713 3692 discache - ok
17:39:35.0775 3692 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:39:35.0778 3692 Disk - ok
17:39:35.0813 3692 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:39:35.0815 3692 Dnscache - ok
17:39:35.0830 3692 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:39:35.0835 3692 dot3svc - ok
17:39:35.0850 3692 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:39:35.0853 3692 DPS - ok
17:39:35.0905 3692 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:39:35.0906 3692 drmkaud - ok
17:39:35.0951 3692 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:39:35.0966 3692 DXGKrnl - ok
17:39:35.0989 3692 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:39:35.0991 3692 EapHost - ok
17:39:36.0140 3692 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:39:36.0183 3692 ebdrv - ok
17:39:36.0263 3692 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:39:36.0271 3692 eeCtrl - ok
17:39:36.0289 3692 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:39:36.0291 3692 EFS - ok
17:39:36.0360 3692 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:39:36.0372 3692 ehRecvr - ok
17:39:36.0417 3692 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:39:36.0420 3692 ehSched - ok
17:39:36.0487 3692 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:39:36.0495 3692 elxstor - ok
17:39:36.0554 3692 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:39:36.0556 3692 EraserUtilRebootDrv - ok
17:39:36.0573 3692 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:39:36.0574 3692 ErrDev - ok
17:39:36.0649 3692 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:39:36.0654 3692 EventSystem - ok
17:39:36.0676 3692 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:39:36.0679 3692 exfat - ok
17:39:36.0699 3692 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:39:36.0702 3692 fastfat - ok
17:39:36.0784 3692 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:39:36.0796 3692 Fax - ok
17:39:36.0839 3692 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:39:36.0840 3692 fdc - ok
17:39:36.0890 3692 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:39:36.0891 3692 fdPHost - ok
17:39:36.0910 3692 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:39:36.0912 3692 FDResPub - ok
17:39:36.0942 3692 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:39:36.0943 3692 FileInfo - ok
17:39:36.0962 3692 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:39:36.0963 3692 Filetrace - ok
17:39:37.0015 3692 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:39:37.0015 3692 flpydisk - ok
17:39:37.0057 3692 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:39:37.0062 3692 FltMgr - ok
17:39:37.0117 3692 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:39:37.0132 3692 FontCache - ok
17:39:37.0167 3692 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:39:37.0169 3692 FontCache3.0.0.0 - ok
17:39:37.0195 3692 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:39:37.0196 3692 FsDepends - ok
17:39:37.0221 3692 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:39:37.0222 3692 Fs_Rec - ok
17:39:37.0265 3692 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:39:37.0268 3692 fvevol - ok
17:39:37.0322 3692 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
17:39:37.0322 3692 FwLnk - ok
17:39:37.0380 3692 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:39:37.0382 3692 gagp30kx - ok
17:39:37.0442 3692 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:39:37.0443 3692 GEARAspiWDM - ok
17:39:37.0499 3692 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:39:37.0512 3692 gpsvc - ok
17:39:37.0590 3692 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:39:37.0593 3692 gupdate - ok
17:39:37.0601 3692 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:39:37.0604 3692 gupdatem - ok
17:39:37.0652 3692 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:39:37.0653 3692 hcw85cir - ok
17:39:37.0698 3692 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:39:37.0706 3692 HdAudAddService - ok
17:39:37.0764 3692 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:39:37.0766 3692 HDAudBus - ok
17:39:37.0774 3692 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:39:37.0775 3692 HidBatt - ok
17:39:37.0786 3692 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:39:37.0788 3692 HidBth - ok
17:39:37.0796 3692 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:39:37.0799 3692 HidIr - ok
17:39:37.0824 3692 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:39:37.0825 3692 hidserv - ok
17:39:37.0879 3692 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
17:39:37.0881 3692 HidUsb - ok
17:39:37.0948 3692 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:39:37.0952 3692 hkmsvc - ok
17:39:37.0977 3692 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:39:37.0982 3692 HomeGroupListener - ok
17:39:38.0057 3692 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:39:38.0060 3692 HomeGroupProvider - ok
17:39:38.0094 3692 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:39:38.0096 3692 HpSAMD - ok
17:39:38.0189 3692 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:39:38.0200 3692 HTTP - ok
17:39:38.0219 3692 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:39:38.0219 3692 hwpolicy - ok
17:39:38.0264 3692 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:39:38.0267 3692 i8042prt - ok
17:39:38.0351 3692 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:39:38.0358 3692 iaStor - ok
17:39:38.0416 3692 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:39:38.0421 3692 iaStorV - ok
17:39:38.0507 3692 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:39:38.0525 3692 idsvc - ok
17:39:38.0639 3692 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120303.003\IDSvia64.sys
17:39:38.0647 3692 IDSVia64 - ok
17:39:38.0948 3692 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:39:39.0014 3692 igfx - ok
17:39:39.0081 3692 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:39:39.0082 3692 iirsp - ok
17:39:39.0140 3692 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:39:39.0151 3692 IKEEXT - ok
17:39:39.0158 3692 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:39:39.0158 3692 intelide - ok
17:39:39.0204 3692 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:39:39.0205 3692 intelppm - ok
17:39:39.0252 3692 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:39:39.0256 3692 IPBusEnum - ok
17:39:39.0303 3692 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:39:39.0305 3692 IpFilterDriver - ok
17:39:39.0321 3692 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:39:39.0322 3692 IPMIDRV - ok
17:39:39.0345 3692 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:39:39.0346 3692 IPNAT - ok
17:39:39.0443 3692 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:39:39.0456 3692 iPod Service - ok
17:39:39.0488 3692 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:39:39.0489 3692 IRENUM - ok
17:39:39.0546 3692 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:39:39.0547 3692 isapnp - ok
17:39:39.0573 3692 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:39:39.0577 3692 iScsiPrt - ok
17:39:39.0621 3692 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:39:39.0622 3692 kbdclass - ok
17:39:39.0642 3692 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:39:39.0643 3692 kbdhid - ok
17:39:39.0666 3692 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:39:39.0668 3692 KeyIso - ok
17:39:39.0712 3692 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:39:39.0714 3692 KSecDD - ok
17:39:39.0768 3692 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:39:39.0772 3692 KSecPkg - ok
17:39:39.0818 3692 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:39:39.0819 3692 ksthunk - ok
17:39:39.0862 3692 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:39:39.0872 3692 KtmRm - ok
17:39:39.0933 3692 [ 045FB70BC993B691517CE309045FF02D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
17:39:39.0934 3692 L1C - ok
17:39:40.0000 3692 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:39:40.0006 3692 LanmanServer - ok
17:39:40.0030 3692 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:39:40.0033 3692 LanmanWorkstation - ok
17:39:40.0092 3692 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:39:40.0094 3692 lltdio - ok
17:39:40.0129 3692 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:39:40.0137 3692 lltdsvc - ok
17:39:40.0173 3692 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:39:40.0174 3692 lmhosts - ok
17:39:40.0263 3692 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:39:40.0268 3692 LMS - ok
17:39:40.0321 3692 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:39:40.0323 3692 LSI_FC - ok
17:39:40.0345 3692 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:39:40.0347 3692 LSI_SAS - ok
17:39:40.0367 3692 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:39:40.0368 3692 LSI_SAS2 - ok
17:39:40.0393 3692 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:39:40.0396 3692 LSI_SCSI - ok
17:39:40.0444 3692 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:39:40.0446 3692 luafv - ok
17:39:40.0480 3692 MBAMProtector - ok
17:39:40.0549 3692 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:39:40.0555 3692 MBAMScheduler - ok
17:39:40.0591 3692 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:39:40.0600 3692 MBAMService - ok
17:39:40.0633 3692 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:39:40.0636 3692 Mcx2Svc - ok
17:39:40.0663 3692 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:39:40.0663 3692 megasas - ok
17:39:40.0717 3692 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:39:40.0720 3692 MegaSR - ok
17:39:40.0754 3692 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:39:40.0755 3692 MEIx64 - ok
17:39:40.0815 3692 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:39:40.0819 3692 MMCSS - ok
17:39:40.0826 3692 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:39:40.0827 3692 Modem - ok
17:39:40.0887 3692 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:39:40.0889 3692 monitor - ok
17:39:40.0904 3692 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:39:40.0906 3692 mouclass - ok
17:39:40.0921 3692 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
17:39:40.0922 3692 mouhid - ok
17:39:40.0955 3692 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:39:40.0958 3692 mountmgr - ok
17:39:40.0982 3692 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:39:40.0986 3692 mpio - ok
17:39:41.0012 3692 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:39:41.0015 3692 mpsdrv - ok
17:39:41.0023 3692 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:39:41.0024 3692 MRxDAV - ok
17:39:41.0056 3692 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:39:41.0057 3692 mrxsmb - ok
17:39:41.0077 3692 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:39:41.0079 3692 mrxsmb10 - ok
17:39:41.0090 3692 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:39:41.0091 3692 mrxsmb20 - ok
17:39:41.0102 3692 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
17:39:41.0102 3692 msahci - ok
17:39:41.0119 3692 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:39:41.0121 3692 msdsm - ok
17:39:41.0137 3692 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:39:41.0140 3692 MSDTC - ok
17:39:41.0202 3692 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:39:41.0203 3692 Msfs - ok
17:39:41.0225 3692 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:39:41.0227 3692 mshidkmdf - ok
17:39:41.0243 3692 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:39:41.0244 3692 msisadrv - ok
17:39:41.0313 3692 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:39:41.0318 3692 MSiSCSI - ok
17:39:41.0328 3692 msiserver - ok
17:39:41.0381 3692 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:39:41.0382 3692 MSKSSRV - ok
17:39:41.0409 3692 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:39:41.0410 3692 MSPCLOCK - ok
17:39:41.0418 3692 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:39:41.0419 3692 MSPQM - ok
17:39:41.0461 3692 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:39:41.0467 3692 MsRPC - ok
17:39:41.0487 3692 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:39:41.0488 3692 mssmbios - ok
17:39:41.0513 3692 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:39:41.0514 3692 MSTEE - ok
17:39:41.0533 3692 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:39:41.0534 3692 MTConfig - ok
17:39:41.0546 3692 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:39:41.0547 3692 Mup - ok
17:39:41.0591 3692 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:39:41.0603 3692 napagent - ok
17:39:41.0649 3692 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:39:41.0651 3692 NativeWifiP - ok
17:39:41.0711 3692 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120304.006\ENG64.SYS
17:39:41.0715 3692 NAVENG - ok
17:39:41.0778 3692 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120304.006\EX64.SYS
17:39:41.0801 3692 NAVEX15 - ok
17:39:41.0871 3692 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:39:41.0887 3692 NDIS - ok
17:39:41.0949 3692 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:39:41.0951 3692 NdisCap - ok
17:39:41.0995 3692 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:39:41.0996 3692 NdisTapi - ok
17:39:42.0015 3692 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:39:42.0016 3692 Ndisuio - ok
17:39:42.0059 3692 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:39:42.0061 3692 NdisWan - ok
17:39:42.0117 3692 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:39:42.0119 3692 NDProxy - ok
17:39:42.0163 3692 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:39:42.0165 3692 NetBIOS - ok
17:39:42.0195 3692 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:39:42.0199 3692 NetBT - ok
17:39:42.0211 3692 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:39:42.0213 3692 Netlogon - ok
17:39:42.0272 3692 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:39:42.0278 3692 Netman - ok
17:39:42.0300 3692 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:39:42.0306 3692 netprofm - ok
17:39:42.0343 3692 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:39:42.0345 3692 NetTcpPortSharing - ok
17:39:42.0407 3692 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:39:42.0409 3692 nfrd960 - ok
17:39:42.0659 3692 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
17:39:42.0662 3692 NIS - ok
17:39:42.0722 3692 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:39:42.0727 3692 NlaSvc - ok
17:39:42.0816 3692 Norton PC Checkup Application Launcher - ok
17:39:42.0839 3692 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:39:42.0840 3692 Npfs - ok
17:39:42.0854 3692 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:39:42.0856 3692 nsi - ok
17:39:42.0886 3692 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:39:42.0886 3692 nsiproxy - ok
17:39:42.0961 3692 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:39:42.0981 3692 Ntfs - ok
17:39:42.0997 3692 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:39:42.0997 3692 Null - ok
17:39:43.0040 3692 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:39:43.0042 3692 nvraid - ok
17:39:43.0057 3692 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:39:43.0060 3692 nvstor - ok
17:39:43.0103 3692 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:39:43.0104 3692 nv_agp - ok
17:39:43.0110 3692 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:39:43.0111 3692 ohci1394 - ok
17:39:43.0155 3692 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:43.0158 3692 ose - ok
17:39:43.0308 3692 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:43.0369 3692 osppsvc - ok
17:39:43.0395 3692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:39:43.0399 3692 p2pimsvc - ok
17:39:43.0418 3692 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:39:43.0423 3692 p2psvc - ok
17:39:43.0447 3692 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:39:43.0448 3692 Parport - ok
17:39:43.0480 3692 Partizan - ok
17:39:43.0524 3692 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:39:43.0526 3692 partmgr - ok
17:39:43.0560 3692 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:39:43.0566 3692 PcaSvc - ok
17:39:43.0645 3692 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
17:39:43.0648 3692 PCCUJobMgr - ok
17:39:43.0684 3692 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:39:43.0688 3692 pci - ok
17:39:43.0710 3692 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
17:39:43.0711 3692 pciide - ok
17:39:43.0739 3692 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:39:43.0742 3692 pcmcia - ok
17:39:43.0765 3692 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:39:43.0766 3692 pcw - ok
17:39:43.0792 3692 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:39:43.0799 3692 PEAUTH - ok
17:39:43.0861 3692 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:39:43.0865 3692 PerfHost - ok
17:39:43.0940 3692 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
17:39:43.0941 3692 PGEffect - ok
17:39:44.0012 3692 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:39:44.0032 3692 pla - ok
17:39:44.0104 3692 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:39:44.0112 3692 PlugPlay - ok
17:39:44.0139 3692 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:39:44.0141 3692 PNRPAutoReg - ok
17:39:44.0184 3692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:39:44.0188 3692 PNRPsvc - ok
17:39:44.0217 3692 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:39:44.0224 3692 PolicyAgent - ok
17:39:44.0242 3692 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:39:44.0245 3692 Power - ok
17:39:44.0303 3692 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:39:44.0306 3692 PptpMiniport - ok
17:39:44.0331 3692 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:39:44.0332 3692 Processor - ok
17:39:44.0396 3692 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:39:44.0399 3692 ProfSvc - ok
17:39:44.0412 3692 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:39:44.0414 3692 ProtectedStorage - ok
17:39:44.0430 3692 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:39:44.0431 3692 Psched - ok
17:39:44.0498 3692 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:39:44.0522 3692 ql2300 - ok
17:39:44.0542 3692 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:39:44.0545 3692 ql40xx - ok
17:39:44.0577 3692 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:39:44.0581 3692 QWAVE - ok
17:39:44.0602 3692 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:39:44.0603 3692 QWAVEdrv - ok
17:39:44.0606 3692 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:39:44.0607 3692 RasAcd - ok
17:39:44.0657 3692 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:39:44.0658 3692 RasAgileVpn - ok
17:39:44.0678 3692 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:39:44.0683 3692 RasAuto - ok
17:39:44.0709 3692 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:39:44.0711 3692 Rasl2tp - ok
17:39:44.0748 3692 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:39:44.0757 3692 RasMan - ok
17:39:44.0775 3692 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:39:44.0776 3692 RasPppoe - ok
17:39:44.0826 3692 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:39:44.0827 3692 RasSstp - ok
17:39:44.0849 3692 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:39:44.0852 3692 rdbss - ok
17:39:44.0876 3692 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:39:44.0877 3692 rdpbus - ok
17:39:44.0904 3692 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:39:44.0905 3692 RDPCDD - ok
17:39:44.0930 3692 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:39:44.0930 3692 RDPENCDD - ok
17:39:44.0961 3692 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:39:44.0962 3692 RDPREFMP - ok
17:39:45.0009 3692 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:39:45.0014 3692 RDPWD - ok
17:39:45.0050 3692 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:39:45.0055 3692 rdyboost - ok
17:39:45.0086 3692 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:39:45.0089 3692 RemoteAccess - ok
17:39:45.0147 3692 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:39:45.0152 3692 RemoteRegistry - ok
17:39:45.0198 3692 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:39:45.0201 3692 RpcEptMapper - ok
17:39:45.0237 3692 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:39:45.0239 3692 RpcLocator - ok
17:39:45.0260 3692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:39:45.0267 3692 RpcSs - ok
17:39:45.0304 3692 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:39:45.0305 3692 rspndr - ok
17:39:45.0377 3692 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:39:45.0382 3692 RSUSBSTOR - ok
17:39:45.0422 3692 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
17:39:45.0438 3692 RTL8192Ce - ok
17:39:45.0456 3692 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:39:45.0458 3692 SamSs - ok
17:39:45.0479 3692 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:39:45.0480 3692 sbp2port - ok
17:39:45.0508 3692 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:39:45.0512 3692 SCardSvr - ok
17:39:45.0533 3692 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:39:45.0533 3692 scfilter - ok
17:39:45.0567 3692 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:39:45.0576 3692 Schedule - ok
17:39:45.0600 3692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:39:45.0601 3692 SCPolicySvc - ok
17:39:45.0624 3692 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:39:45.0628 3692 SDRSVC - ok
17:39:45.0682 3692 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:39:45.0684 3692 secdrv - ok
17:39:45.0706 3692 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:39:45.0709 3692 seclogon - ok
17:39:45.0732 3692 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:39:45.0735 3692 SENS - ok
17:39:45.0777 3692 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:39:45.0779 3692 SensrSvc - ok
17:39:45.0819 3692 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:39:45.0820 3692 Serenum - ok
17:39:45.0870 3692 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:39:45.0872 3692 Serial - ok
17:39:45.0878 3692 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:39:45.0879 3692 sermouse - ok
17:39:45.0913 3692 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:39:45.0916 3692 SessionEnv - ok
17:39:45.0921 3692 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:39:45.0922 3692 sffdisk - ok
17:39:45.0925 3692 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:39:45.0926 3692 sffp_mmc - ok
17:39:45.0930 3692 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:39:45.0930 3692 sffp_sd - ok
17:39:45.0934 3692 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:39:45.0934 3692 sfloppy - ok
17:39:45.0990 3692 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:39:45.0998 3692 Sftfs - ok
17:39:46.0106 3692 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:39:46.0114 3692 sftlist - ok
17:39:46.0137 3692 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:39:46.0141 3692 Sftplay - ok
17:39:46.0151 3692 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:39:46.0152 3692 Sftredir - ok
17:39:46.0166 3692 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:39:46.0167 3692 Sftvol - ok
17:39:46.0184 3692 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:39:46.0186 3692 sftvsa - ok
17:39:46.0216 3692 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:39:46.0220 3692 ShellHWDetection - ok
17:39:46.0279 3692 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:39:46.0281 3692 SiSRaid2 - ok
17:39:46.0302 3692 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:39:46.0305 3692 SiSRaid4 - ok
17:39:46.0398 3692 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:39:46.0401 3692 SkypeUpdate - ok
17:39:46.0439 3692 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:39:46.0442 3692 Smb - ok
17:39:46.0498 3692 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:39:46.0501 3692 SNMPTRAP - ok
17:39:46.0519 3692 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:39:46.0520 3692 spldr - ok
17:39:46.0566 3692 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:39:46.0574 3692 Spooler - ok
17:39:46.0664 3692 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:39:46.0684 3692 sppsvc - ok
17:39:46.0712 3692 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:39:46.0714 3692 sppuinotify - ok
17:39:46.0804 3692 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
17:39:46.0816 3692 SRTSP - ok
17:39:46.0838 3692 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
17:39:46.0839 3692 SRTSPX - ok
17:39:46.0877 3692 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:39:46.0883 3692 srv - ok
17:39:46.0908 3692 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:39:46.0911 3692 srv2 - ok
17:39:46.0928 3692 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:39:46.0930 3692 srvnet - ok
17:39:46.0980 3692 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:39:46.0982 3692 SSDPSRV - ok
17:39:46.0998 3692 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:39:47.0001 3692 SstpSvc - ok
17:39:47.0018 3692 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:39:47.0018 3692 stexstor - ok
17:39:47.0087 3692 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:39:47.0098 3692 stisvc - ok
17:39:47.0122 3692 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:39:47.0122 3692 swenum - ok
17:39:47.0153 3692 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:39:47.0159 3692 swprv - ok
17:39:47.0195 3692 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
17:39:47.0201 3692 SymDS - ok
17:39:47.0262 3692 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
17:39:47.0280 3692 SymEFA - ok
17:39:47.0340 3692 [ 894579207E39C465737E850A252CE4F2 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
17:39:47.0344 3692 SymEvent - ok
17:39:47.0376 3692 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
17:39:47.0378 3692 SymIRON - ok
17:39:47.0432 3692 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
17:39:47.0436 3692 SymNetS - ok
17:39:47.0513 3692 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:39:47.0518 3692 SynTP - ok
17:39:47.0588 3692 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:39:47.0605 3692 SysMain - ok
17:39:47.0619 3692 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:39:47.0622 3692 TabletInputService - ok
17:39:47.0638 3692 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:39:47.0642 3692 TapiSrv - ok
17:39:47.0673 3692 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:39:47.0674 3692 TBS - ok
17:39:47.0789 3692 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:39:47.0811 3692 Tcpip - ok
17:39:47.0841 3692 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:39:47.0851 3692 TCPIP6 - ok
17:39:47.0893 3692 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:39:47.0894 3692 tcpipreg - ok
17:39:47.0934 3692 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
17:39:47.0935 3692 tdcmdpst - ok
17:39:47.0957 3692 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:39:47.0958 3692 TDPIPE - ok
17:39:47.0990 3692 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:39:47.0990 3692 TDTCP - ok
17:39:48.0045 3692 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:39:48.0047 3692 tdx - ok
17:39:48.0072 3692 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:39:48.0074 3692 TermDD - ok
17:39:48.0115 3692 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:39:48.0127 3692 TermService - ok
17:39:48.0146 3692 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:39:48.0149 3692 Themes - ok
17:39:48.0183 3692 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:39:48.0184 3692 THREADORDER - ok
17:39:48.0292 3692 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:39:48.0294 3692 TMachInfo - ok
17:39:48.0325 3692 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
17:39:48.0330 3692 TODDSrv - ok
17:39:48.0426 3692 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
17:39:48.0435 3692 TosCoSrv - ok
17:39:48.0504 3692 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:39:48.0507 3692 TOSHIBA HDD SSD Alert Service - ok
17:39:48.0583 3692 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
17:39:48.0593 3692 tos_sps64 - ok
17:39:48.0654 3692 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:39:48.0657 3692 TrkWks - ok
17:39:48.0720 3692 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:39:48.0725 3692 TrustedInstaller - ok
17:39:48.0762 3692 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:39:48.0764 3692 tssecsrv - ok
17:39:48.0809 3692 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:39:48.0811 3692 TsUsbFlt - ok
17:39:48.0828 3692 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:39:48.0830 3692 TsUsbGD - ok
17:39:48.0909 3692 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:39:48.0912 3692 tunnel - ok
17:39:48.0970 3692 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:39:48.0972 3692 TVALZ - ok
17:39:48.0992 3692 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:39:48.0994 3692 uagp35 - ok
17:39:49.0015 3692 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:39:49.0022 3692 udfs - ok
17:39:49.0062 3692 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:39:49.0065 3692 UI0Detect - ok
17:39:49.0098 3692 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:39:49.0100 3692 uliagpkx - ok
17:39:49.0133 3692 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:39:49.0134 3692 umbus - ok
17:39:49.0139 3692 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:39:49.0140 3692 UmPass - ok
17:39:49.0273 3692 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:39:49.0294 3692 UNS - ok
17:39:49.0320 3692 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:39:49.0323 3692 upnphost - ok
17:39:49.0380 3692 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:39:49.0381 3692 USBAAPL64 - ok
17:39:49.0419 3692 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:39:49.0421 3692 usbccgp - ok
17:39:49.0463 3692 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:39:49.0466 3692 usbcir - ok
17:39:49.0490 3692 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:39:49.0492 3692 usbehci - ok
17:39:49.0548 3692 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:39:49.0553 3692 usbhub - ok
17:39:49.0576 3692 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:39:49.0577 3692 usbohci - ok
17:39:49.0641 3692 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:39:49.0642 3692 usbprint - ok
17:39:49.0672 3692 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
17:39:49.0674 3692 usbscan - ok
17:39:49.0703 3692 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:39:49.0705 3692 USBSTOR - ok
17:39:49.0730 3692 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:39:49.0731 3692 usbuhci - ok
17:39:49.0783 3692 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:39:49.0786 3692 usbvideo - ok
17:39:49.0811 3692 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:39:49.0814 3692 UxSms - ok
17:39:49.0834 3692 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:39:49.0837 3692 VaultSvc - ok
17:39:49.0885 3692 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:39:49.0887 3692 vdrvroot - ok
17:39:49.0919 3692 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:39:49.0930 3692 vds - ok
17:39:49.0958 3692 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:39:49.0959 3692 vga - ok
17:39:49.0976 3692 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:39:49.0977 3692 VgaSave - ok
17:39:50.0002 3692 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:39:50.0006 3692 vhdmp - ok
17:39:50.0013 3692 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:39:50.0016 3692 viaide - ok
17:39:50.0040 3692 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:39:50.0041 3692 volmgr - ok
17:39:50.0116 3692 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:39:50.0124 3692 volmgrx - ok
17:39:50.0153 3692 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
17:39:50.0157 3692 volsnap - ok
17:39:50.0216 3692 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:39:50.0220 3692 vsmraid - ok
17:39:50.0291 3692 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:39:50.0316 3692 VSS - ok
17:39:50.0324 3692 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:39:50.0325 3692 vwifibus - ok
17:39:50.0336 3692 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:39:50.0337 3692 vwififlt - ok
17:39:50.0364 3692 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:39:50.0369 3692 W32Time - ok
17:39:50.0393 3692 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:39:50.0394 3692 WacomPen - ok
17:39:50.0439 3692 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:39:50.0441 3692 WANARP - ok
17:39:50.0462 3692 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:39:50.0464 3692 Wanarpv6 - ok
17:39:50.0552 3692 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:39:50.0569 3692 WatAdminSvc - ok
17:39:50.0634 3692 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:39:50.0655 3692 wbengine - ok
17:39:50.0673 3692 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:39:50.0677 3692 WbioSrvc - ok
17:39:50.0699 3692 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:39:50.0705 3692 wcncsvc - ok
17:39:50.0727 3692 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:39:50.0730 3692 WcsPlugInService - ok
17:39:50.0755 3692 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:39:50.0756 3692 Wd - ok
17:39:50.0778 3692 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:39:50.0785 3692 Wdf01000 - ok
17:39:50.0799 3692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:39:50.0802 3692 WdiServiceHost - ok
17:39:50.0805 3692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:39:50.0808 3692 WdiSystemHost - ok
17:39:50.0823 3692 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:39:50.0827 3692 WebClient - ok
17:39:50.0852 3692 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:39:50.0856 3692 Wecsvc - ok
17:39:50.0874 3692 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:39:50.0876 3692 wercplsupport - ok
17:39:50.0914 3692 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:39:50.0916 3692 WerSvc - ok
17:39:50.0926 3692 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:39:50.0926 3692 WfpLwf - ok
17:39:50.0966 3692 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:39:50.0967 3692 WIMMount - ok
17:39:50.0971 3692 WinHttpAutoProxySvc - ok
17:39:51.0029 3692 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:39:51.0033 3692 Winmgmt - ok
17:39:51.0120 3692 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:39:51.0145 3692 WinRM - ok
17:39:51.0213 3692 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:39:51.0214 3692 WinUsb - ok
17:39:51.0263 3692 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:39:51.0277 3692 Wlansvc - ok
17:39:51.0360 3692 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:39:51.0362 3692 wlcrasvc - ok
17:39:51.0458 3692 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:39:51.0475 3692 wlidsvc - ok
17:39:51.0488 3692 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:39:51.0489 3692 WmiAcpi - ok
17:39:51.0515 3692 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:39:51.0518 3692 wmiApSrv - ok
17:39:51.0566 3692 WMPNetworkSvc - ok
17:39:51.0596 3692 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:39:51.0600 3692 WPCSvc - ok
17:39:51.0626 3692 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:39:51.0629 3692 WPDBusEnum - ok
17:39:51.0662 3692 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:39:51.0663 3692 ws2ifsl - ok
17:39:51.0667 3692 WSearch - ok
17:39:51.0767 3692 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:39:51.0792 3692 wuauserv - ok
17:39:51.0811 3692 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:39:51.0812 3692 WudfPf - ok
17:39:51.0859 3692 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:39:51.0864 3692 WUDFRd - ok
17:39:51.0898 3692 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:39:51.0902 3692 wudfsvc - ok
17:39:51.0927 3692 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:39:51.0933 3692 WwanSvc - ok
17:39:51.0971 3692 ================ Scan global ===============================
17:39:52.0009 3692 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:39:52.0045 3692 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:39:52.0051 3692 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:39:52.0082 3692 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:39:52.0126 3692 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:39:52.0134 3692 [Global] - ok
17:39:52.0135 3692 ================ Scan MBR ==================================
17:39:52.0175 3692 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:39:52.0338 3692 \Device\Harddisk0\DR0 - ok
17:39:52.0339 3692 ================ Scan VBR ==================================
17:39:52.0355 3692 [ F35360472A297C6EDD472B5A8FE5D58B ] \Device\Harddisk0\DR0\Partition1
17:39:52.0356 3692 \Device\Harddisk0\DR0\Partition1 - ok
17:39:52.0357 3692 ============================================================
17:39:52.0357 3692 Scan finished
17:39:52.0357 3692 ============================================================
17:39:52.0367 1008 Detected object count: 0
17:39:52.0367 1008 Actual detected object count: 0







aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-30 17:22:25
-----------------------------
17:22:25.442 OS Version: Windows x64 6.1.7601 Service Pack 1
17:22:25.442 Number of processors: 2 586 0x2A07
17:22:25.443 ComputerName: GINABINASLAPTOP UserName: ginabina
17:22:28.096 Initialize success
17:37:51.864 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:37:51.872 Disk 0 Vendor: TOSHIBA_ GT00 Size: 305245MB BusType: 3
17:37:51.888 Disk 0 MBR read successfully
17:37:51.893 Disk 0 MBR scan
17:37:51.898 Disk 0 Windows XP default MBR code
17:37:51.912 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
17:37:51.933 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289747 MB offset 3074048
17:37:51.970 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 13997 MB offset 596475904
17:37:52.020 Disk 0 scanning C:\windows\system32\drivers
17:37:57.547 Service scanning
17:38:24.090 Modules scanning
17:38:24.106 Disk 0 trace - called modules:
17:38:24.146 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:38:24.155 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80067e2380]
17:38:24.498 3 CLASSPNP.SYS[fffff88001b7d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004afb050]
17:38:24.508 Scan finished successfully
17:38:35.864 Disk 0 MBR has been saved successfully to "C:\Users\ginabina\Desktop\MBR.dat"
17:38:35.869 The log file has been saved successfully to "C:\Users\ginabina\Desktop\aswMBR.txt"


running ESET scanner now

#11 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 05:38 PM

C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0009.dta probably a variant of Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.10.2012_17.13.14\mbr0000\tdlfs0000\tsk0022.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:13 PM

Posted 30 October 2012 - 05:51 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#13 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 06:46 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.30.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ginabina :: GINABINASLAPTOP [administrator]

10/30/2012 7:03:43 PM
mbam-log-2012-10-30 (19-03-43).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 315348
Time elapsed: 37 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\ginabina\AppData\Local\Temp\B35E7A54-8A43-4D51-854B-6CA3366EDB71.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\ginabina\AppData\Local\Temp\B5FE16AF-BEDE-4D0D-8C88-0CD5747DE48F.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\ginabina\Downloads\tdssfix.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.

(end)

#14 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 06:50 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by ginabina (administrator) on 30-10-2012 at 19:49:53
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ginabinaslaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-EA-19-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 74-DE-2B-F4-0E-17
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bdd1:5c54:b038:4e80%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 30, 2012 7:47:13 PM
Lease Expires . . . . . . . . . . : Wednesday, October 31, 2012 7:47:12 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242540075
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-79-BE-42-74-DE-2B-F4-0E-17
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{16B9C2B3-81F8-45F7-A43A-258BA73C9AFE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:800::1009
74.125.228.40
74.125.228.32
74.125.228.33
74.125.228.41
74.125.228.38
74.125.228.46
74.125.228.34
74.125.228.37
74.125.228.35
74.125.228.39
74.125.228.36


Pinging google.com [74.125.228.72] with 32 bytes of data:
Reply from 74.125.228.72: bytes=32 time=73ms TTL=55
Reply from 74.125.228.72: bytes=32 time=73ms TTL=55

Ping statistics for 74.125.228.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 73ms, Maximum = 73ms, Average = 73ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=184ms TTL=48
Reply from 98.139.183.24: bytes=32 time=204ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 184ms, Maximum = 204ms, Average = 194ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 6c ea 19 68 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...74 de 2b f4 0e 17 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.11 281
192.168.1.11 255.255.255.255 On-link 192.168.1.11 281
192.168.1.255 255.255.255.255 On-link 192.168.1.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.11 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::bdd1:5c54:b038:4e80/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/30/2012 07:48:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 07:47:48 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/30/2012 05:41:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 05:41:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 05:41:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 05:20:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 05:20:28 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/30/2012 05:13:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 05:12:58 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/30/2012 05:01:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/30/2012 07:47:50 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/30/2012 07:47:50 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/30/2012 07:47:17 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (10/30/2012 07:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/30/2012 07:47:11 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

Error: (10/30/2012 05:20:20 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/30/2012 05:20:20 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/30/2012 05:19:27 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (10/30/2012 05:19:26 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (10/30/2012 05:19:26 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (10/30/2012 07:48:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 07:47:48 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/30/2012 05:41:14 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ginabina\Downloads\esetsmartinstaller_enu.exe

Error: (10/30/2012 05:41:10 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ginabina\Downloads\esetsmartinstaller_enu.exe

Error: (10/30/2012 05:41:10 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ginabina\Downloads\esetsmartinstaller_enu.exe

Error: (10/30/2012 05:20:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 05:20:28 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/30/2012 05:13:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 05:12:58 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/30/2012 05:01:59 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ginabina\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X MUI (Version: 10.0.0)
AIM for Windows
Amazon Links (Version: 2.02)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.1.42)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2221)
AVG 2013 (Version: 13.0.2667)
AVG 2013 (Version: 2013.0.2742)
Bonjour (Version: 3.0.0.10)
Conexant HD Audio (Version: 8.54.4.53)
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.9)
eMusic Download Manager (Version: 5.0.5)
ESET Online Scanner v3
FrostWire 5.4.0 (Version: 5.4.0.0)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
iCloud (Version: 2.0.2.187)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5139.5005)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton Internet Security (Version: 19.9.0.9)
Norton PC Checkup (Version: 3.0.2.90.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30124)
Realtek WLAN Driver (Version: 2.00.0016)
Skype Launcher (Version: 2.01)
Skype™ 5.10 (Version: 5.10.116)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 2.2.7530)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 2.1.0.3)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.5)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA Quality Application (Version: 1.0.4)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2001)
TOSHIBA Service Station (Version: 2.2.13)
TOSHIBA Supervisor Password (Version: 2.1.0.2)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBARegistration (Version: 1.0.7)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 4043.86 MB
Available physical RAM: 2533.44 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 6439.12 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.55 MB

========================= Partitions: =====================================

1 Drive c: (TI106321W0B) (Fixed) (Total:282.96 GB) (Free:227.77 GB) NTFS

========================= Users: ========================================

User accounts for \\GINABINASLAPTOP

Administrator ginabina Guest

========================= Restore Points ==================================

24-10-2012 02:19:28 Installed Connect Service
26-10-2012 22:22:03 Installed Connect Service
27-10-2012 02:48:34 Installed Connect Service
27-10-2012 02:58:06 Removed VideoImpression
27-10-2012 12:59:24 original
29-10-2012 01:39:58 Removed AVG 2013
29-10-2012 01:41:53 Removed AVG 2013
29-10-2012 01:52:11 Removed AVG 2013
29-10-2012 02:28:57 RegRun Virus Scan
29-10-2012 02:36:23 RegRun Virus Scan
29-10-2012 05:16:01 RegRun Virus Scan
29-10-2012 12:22:12 RegRun Virus Scan
30-10-2012 17:00:03 Removed AVG 2013

**** End of log ****

#15 gduggs

gduggs
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 30 October 2012 - 06:52 PM

Farbar Service Scanner Version: 27-10-2012
Ran by ginabina (administrator) on 30-10-2012 at 19:51:37
Running from "C:\Users\ginabina\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users