Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 BSOD Issue Possibly due to Rootkit/Infection


  • Please log in to reply
24 replies to this topic

#1 Jogi

Jogi

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 04:46 PM

Mod Edit:Moved to Am I Infected~~ boopme

Hello. This issue started about 2-3 weeks ago. Two weeks ago, my laptop suddenly crashed while I was playing minecraft. Additionally, I was on skype with other players. The BSOD exactly happened when I clicked a link that was posted in the skype chat. Im not sure whether that guy posted a virus as the link was to a youtube video.

Then on from there I did multiple Scans with Norton at first. Nothing popped up. I posted my problem on the BSOD crash forum(on sevenforums.com). They analyzed the data but they did not find a sure cause. I uninstalled Norton, and installed Avast as well as Malewarebytes. A boot time scan with Avast showed no viruses. On the other hand the Malewarebytes keeps showing 2 trojan.agents in the system. One is a memory process and a file. svchost.exe

Recently I pinpointed the exact time when my pc crashes. Whenever I try to install the Windows Security Updates, the system crashes. Yesterday while posting a reply on the bsod thread, Avast blocked like 20-25 malicious urls. with the process pointed to \\.\globalroot\systemroot\svchost.exe. One of the members of the BSOD team said that a rootkit might have made a logical storage partition. My question is, How do I go about finding out whether a Rootkit Intrusion is the cause of the BSOD error 0x00000050?

P.s. I did use system restore to a point i think 9.23.12 the farthest I could go. Doesnt seem to work. One thing I did notice is that during the update... the system crashes exactly when it attempts to create a restore point. I really think this is a viable cause. Please assist my situation. Thanks. Let me know what additional data you need.

P.s.P.s. The blocking of malicious url has been regular every time I use the computer. Its as if a process itself is trying to visit some malicious websites that will invite more viruses and gunk. Every 10-15 minutes, Avast blocks 10-12 accesses to those urls. What can I use to remove this control over the system.

Let me know what files you will want to see so that it helps to find out the cause.

Edited by boopme, 18 November 2012 - 04:57 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 18 November 2012 - 04:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 18 November 2012 - 05:14 PM.


#3 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 04:51 PM

Currently I am scanning my laptop with the Malewarebytes Anti Rootkit Utility but I wont perform the "cleanup" action until I get confirmation from other signs. If i find anything that is...

#4 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 05:05 PM

As some people from sevenforums.com suggested, a rootkit has created a forged disk partition as detected by the Mbar Anti-rootkit software. What can I do now? Points to rootkit.pihar.c.MBR

This is what the results say:
MBR on drive 0 (Rootkit.Pihar.c.MBR)
Physical Sector 7 on drive 0 (Rootkit.Pihar.c.MBR)
Physical Sector 1465148770 on drive 0 (Forged Physical Sector)
C:\Windows\svchost.exe(Trojan.Agent)
C:\Windows\svchost.exe(Trojan.Agent)

I'm not sure whether to cleanup Now or Later. When One of you reply. Please reply soon. :(

Should I follow your first comment? Or does this information change that?

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 18 November 2012 - 05:05 PM

I dont want you to run any other scans.If you want to remove malware on your own let me know.

#6 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 05:09 PM

I just ran the TDLFS program. It detects two threats. should I click continue? it has the option for Rootkit.Boot.Pihar.c to Cure... I will follow your instructions

Edited by Jogi, 18 November 2012 - 05:10 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 18 November 2012 - 05:14 PM

Go ahead and cure it and follow the given instructions :)

#8 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 05:23 PM

Just did the Tdlfs reboot. I think it worked, but still started the second step. Should I just copy paste it?

Edited by Jogi, 18 November 2012 - 05:27 PM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 18 November 2012 - 05:24 PM

I just need the log report.That was part of the instruction :thumbup2:

#10 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 05:29 PM

Step 2 ->

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-18 17:14:58
-----------------------------
17:14:58.815 OS Version: Windows x64 6.1.7601 Service Pack 1
17:14:58.815 Number of processors: 4 586 0x2A07
17:14:58.815 ComputerName: JOGIS-PC UserName:
17:15:00.172 Initialize success
17:15:00.313 AVAST engine defs: 12111801
17:15:14.712 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:15:14.712 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
17:15:14.727 Disk 0 MBR read successfully
17:15:14.727 Disk 0 MBR scan
17:15:14.743 Disk 0 Windows VISTA default MBR code
17:15:14.758 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
17:15:14.790 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 698434 MB offset 3074048
17:15:14.961 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15469 MB offset 1433466880
17:15:15.039 Disk 0 scanning C:\windows\system32\drivers
17:15:26.193 Service scanning
17:16:01.496 Modules scanning
17:16:01.496 Disk 0 trace - called modules:
17:16:01.496 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
17:16:02.011 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80078e1790]
17:16:02.011 3 CLASSPNP.SYS[fffff88001d3f43f] -> nt!IofCallDriver -> [0xfffffa8005db2950]
17:16:02.026 5 ACPI.sys[fffff88000f1b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005db7050]
17:16:03.134 AVAST engine scan C:\windows
17:16:05.443 AVAST engine scan C:\windows\system32
17:18:26.062 AVAST engine scan C:\windows\system32\drivers
17:18:37.153 AVAST engine scan C:\Users\Jogi Usage
17:22:20.011 AVAST engine scan C:\ProgramData
17:23:19.472 Scan finished successfully
17:23:55.837 Disk 0 MBR has been saved successfully to "C:\Users\Jogi Usage\Desktop\MBR.dat"
17:23:55.842 The log file has been saved successfully to "C:\Users\Jogi Usage\Desktop\aswMBR.txt"

#11 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 06:48 PM

Topic: Results from ESET scan:
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0000\tdlfs0000\trz9839.tmp a variant of Win32/Rootkit.Kryptik.PR trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0000\tdlfs0000\trzA94A.tmp Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0000\tdlfs0000\trzA9A9.tmp Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0000\tdlfs0000\trzA9D9.tmp Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0001\tdlfs0000\trz31B2.tmp a variant of Win32/Rootkit.Kryptik.PR trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0001\tdlfs0000\trz3A2C.tmp Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0001\tdlfs0000\trz3A3C.tmp Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0001\tdlfs0000\trz3A4D.tmp Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0001\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\mbr0001\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\tdlfs0000\trzAB60.tmp a variant of Win32/Rootkit.Kryptik.PR trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\tdlfs0000\trzAB80.tmp Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\tdlfs0000\trzAB90.tmp Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\tdlfs0000\trzABB1.tmp Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.11.2012_17.06.40\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined

Let me Know if you need anything else.

#12 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 06:51 PM

Thank you for helping resolving this issue. My final question will be

What was this Rootkit and what is it's functionality. How did it infect my computer - I mean what are some ways It can infect the system files, and finally- how can i be more cautious for things like this? What can I do be aware of these things?

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 AM

Posted 18 November 2012 - 06:52 PM

I would explain you after finishing scans.

Please run TDSSkiller again and do not forget to post the log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#14 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 07:21 PM

Ok I clicked on the report icon. This is what it shows:

19:18:32.0310 2124 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:18:32.0588 2124 ============================================================
19:18:32.0588 2124 Current date / time: 2012/11/18 19:18:32.0588
19:18:32.0588 2124 SystemInfo:
19:18:32.0588 2124
19:18:32.0588 2124 OS Version: 6.1.7601 ServicePack: 1.0
19:18:32.0589 2124 Product type: Workstation
19:18:32.0589 2124 ComputerName: JOGIS-PC
19:18:32.0589 2124 UserName: Jogi Usage
19:18:32.0589 2124 Windows directory: C:\windows
19:18:32.0589 2124 System windows directory: C:\windows
19:18:32.0589 2124 Running under WOW64
19:18:32.0589 2124 Processor architecture: Intel x64
19:18:32.0589 2124 Number of processors: 4
19:18:32.0589 2124 Page size: 0x1000
19:18:32.0589 2124 Boot type: Normal boot
19:18:32.0589 2124 ============================================================
19:18:32.0799 2124 BG loaded
19:18:33.0122 2124 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:33.0135 2124 ============================================================
19:18:33.0135 2124 \Device\Harddisk0\DR0:
19:18:33.0135 2124 MBR partitions:
19:18:33.0135 2124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x55421000
19:18:33.0135 2124 ============================================================
19:18:33.0181 2124 C: <-> \Device\Harddisk0\DR0\Partition1
19:18:33.0182 2124 ============================================================
19:18:33.0182 2124 Initialize success
19:18:33.0182 2124 ============================================================
19:18:41.0804 5564 ============================================================
19:18:41.0804 5564 Scan started
19:18:41.0804 5564 Mode: Manual; TDLFS;
19:18:41.0804 5564 ============================================================
19:18:42.0489 5564 ================ Scan system memory ========================
19:18:42.0489 5564 System memory - ok
19:18:42.0490 5564 ================ Scan services =============================
19:18:42.0735 5564 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:18:42.0739 5564 1394ohci - ok
19:18:42.0781 5564 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:18:42.0788 5564 ACPI - ok
19:18:42.0820 5564 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:18:42.0821 5564 AcpiPmi - ok
19:18:42.0903 5564 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:18:42.0906 5564 AdobeARMservice - ok
19:18:43.0048 5564 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:18:43.0054 5564 AdobeFlashPlayerUpdateSvc - ok
19:18:43.0136 5564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
19:18:43.0141 5564 adp94xx - ok
19:18:43.0182 5564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
19:18:43.0186 5564 adpahci - ok
19:18:43.0240 5564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
19:18:43.0242 5564 adpu320 - ok
19:18:43.0286 5564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:18:43.0288 5564 AeLookupSvc - ok
19:18:43.0348 5564 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:18:43.0357 5564 AFD - ok
19:18:43.0400 5564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:18:43.0401 5564 agp440 - ok
19:18:43.0441 5564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:18:43.0443 5564 ALG - ok
19:18:43.0486 5564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:18:43.0488 5564 aliide - ok
19:18:43.0497 5564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:18:43.0499 5564 amdide - ok
19:18:43.0535 5564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
19:18:43.0537 5564 AmdK8 - ok
19:18:43.0554 5564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
19:18:43.0556 5564 AmdPPM - ok
19:18:43.0603 5564 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:18:43.0606 5564 amdsata - ok
19:18:43.0626 5564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
19:18:43.0629 5564 amdsbs - ok
19:18:43.0651 5564 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:18:43.0653 5564 amdxata - ok
19:18:43.0687 5564 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:18:43.0689 5564 AppID - ok
19:18:43.0726 5564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:18:43.0728 5564 AppIDSvc - ok
19:18:43.0761 5564 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:18:43.0764 5564 Appinfo - ok
19:18:43.0881 5564 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:18:43.0885 5564 Apple Mobile Device - ok
19:18:43.0935 5564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
19:18:43.0937 5564 arc - ok
19:18:43.0956 5564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
19:18:43.0958 5564 arcsas - ok
19:18:44.0129 5564 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:18:44.0131 5564 aspnet_state - ok
19:18:44.0175 5564 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
19:18:44.0176 5564 aswFsBlk - ok
19:18:44.0241 5564 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
19:18:44.0242 5564 aswMonFlt - ok
19:18:44.0278 5564 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
19:18:44.0279 5564 aswRdr - ok
19:18:44.0348 5564 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
19:18:44.0360 5564 aswSnx - ok
19:18:44.0395 5564 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
19:18:44.0397 5564 aswSP - ok
19:18:44.0436 5564 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
19:18:44.0437 5564 aswTdi - ok
19:18:44.0474 5564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:18:44.0475 5564 AsyncMac - ok
19:18:44.0524 5564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:18:44.0525 5564 atapi - ok
19:18:44.0573 5564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:18:44.0577 5564 AudioEndpointBuilder - ok
19:18:44.0588 5564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:18:44.0593 5564 AudioSrv - ok
19:18:44.0686 5564 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:18:44.0689 5564 avast! Antivirus - ok
19:18:44.0747 5564 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:18:44.0749 5564 AxInstSV - ok
19:18:44.0816 5564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
19:18:44.0820 5564 b06bdrv - ok
19:18:44.0850 5564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:18:44.0853 5564 b57nd60a - ok
19:18:44.0912 5564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:18:44.0915 5564 BDESVC - ok
19:18:44.0948 5564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:18:44.0949 5564 Beep - ok
19:18:45.0047 5564 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:18:45.0059 5564 BFE - ok
19:18:45.0288 5564 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
19:18:45.0307 5564 BHDrvx64 - ok
19:18:45.0419 5564 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
19:18:45.0428 5564 BITS - ok
19:18:45.0448 5564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:18:45.0449 5564 blbdrive - ok
19:18:45.0535 5564 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:18:45.0539 5564 Bonjour Service - ok
19:18:45.0565 5564 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:18:45.0566 5564 bowser - ok
19:18:45.0607 5564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
19:18:45.0608 5564 BrFiltLo - ok
19:18:45.0624 5564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
19:18:45.0625 5564 BrFiltUp - ok
19:18:45.0676 5564 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:18:45.0678 5564 Browser - ok
19:18:45.0724 5564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:18:45.0730 5564 Brserid - ok
19:18:45.0784 5564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:18:45.0786 5564 BrSerWdm - ok
19:18:45.0818 5564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:18:45.0820 5564 BrUsbMdm - ok
19:18:45.0835 5564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:18:45.0836 5564 BrUsbSer - ok
19:18:45.0852 5564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
19:18:45.0854 5564 BTHMODEM - ok
19:18:45.0909 5564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:18:45.0912 5564 bthserv - ok
19:18:45.0949 5564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:18:45.0951 5564 cdfs - ok
19:18:45.0991 5564 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
19:18:45.0994 5564 cdrom - ok
19:18:46.0038 5564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:18:46.0040 5564 CertPropSvc - ok
19:18:46.0083 5564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
19:18:46.0085 5564 circlass - ok
19:18:46.0114 5564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:18:46.0120 5564 CLFS - ok
19:18:46.0179 5564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:18:46.0183 5564 clr_optimization_v2.0.50727_32 - ok
19:18:46.0217 5564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:18:46.0221 5564 clr_optimization_v2.0.50727_64 - ok
19:18:46.0295 5564 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:18:46.0300 5564 clr_optimization_v4.0.30319_32 - ok
19:18:46.0317 5564 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:18:46.0322 5564 clr_optimization_v4.0.30319_64 - ok
19:18:46.0359 5564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:18:46.0359 5564 CmBatt - ok
19:18:46.0395 5564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:18:46.0396 5564 cmdide - ok
19:18:46.0461 5564 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
19:18:46.0465 5564 CNG - ok
19:18:46.0496 5564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
19:18:46.0496 5564 Compbatt - ok
19:18:46.0519 5564 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
19:18:46.0520 5564 CompositeBus - ok
19:18:46.0534 5564 COMSysApp - ok
19:18:46.0550 5564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
19:18:46.0551 5564 crcdisk - ok
19:18:46.0591 5564 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:18:46.0594 5564 CryptSvc - ok
19:18:46.0637 5564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:18:46.0644 5564 DcomLaunch - ok
19:18:46.0712 5564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:18:46.0719 5564 defragsvc - ok
19:18:46.0774 5564 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:18:46.0777 5564 DfsC - ok
19:18:46.0875 5564 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:18:46.0883 5564 Dhcp - ok
19:18:46.0914 5564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:18:46.0916 5564 discache - ok
19:18:46.0961 5564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
19:18:46.0964 5564 Disk - ok
19:18:47.0008 5564 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:18:47.0015 5564 Dnscache - ok
19:18:47.0063 5564 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:18:47.0066 5564 dot3svc - ok
19:18:47.0089 5564 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:18:47.0092 5564 DPS - ok
19:18:47.0131 5564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:18:47.0131 5564 drmkaud - ok
19:18:47.0199 5564 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:18:47.0220 5564 DXGKrnl - ok
19:18:47.0257 5564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:18:47.0262 5564 EapHost - ok
19:18:47.0407 5564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
19:18:47.0462 5564 ebdrv - ok
19:18:47.0541 5564 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:18:47.0550 5564 eeCtrl - ok
19:18:47.0585 5564 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:18:47.0590 5564 EFS - ok
19:18:47.0683 5564 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:18:47.0698 5564 ehRecvr - ok
19:18:47.0722 5564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:18:47.0725 5564 ehSched - ok
19:18:47.0783 5564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
19:18:47.0788 5564 elxstor - ok
19:18:47.0798 5564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:18:47.0798 5564 ErrDev - ok
19:18:47.0853 5564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:18:47.0856 5564 EventSystem - ok
19:18:47.0880 5564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:18:47.0881 5564 exfat - ok
19:18:47.0912 5564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:18:47.0913 5564 fastfat - ok
19:18:47.0952 5564 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:18:47.0956 5564 Fax - ok
19:18:47.0970 5564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
19:18:47.0971 5564 fdc - ok
19:18:48.0013 5564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:18:48.0016 5564 fdPHost - ok
19:18:48.0037 5564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:18:48.0040 5564 FDResPub - ok
19:18:48.0089 5564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:18:48.0092 5564 FileInfo - ok
19:18:48.0108 5564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:18:48.0110 5564 Filetrace - ok
19:18:48.0139 5564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
19:18:48.0141 5564 flpydisk - ok
19:18:48.0165 5564 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:18:48.0168 5564 FltMgr - ok
19:18:48.0256 5564 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:18:48.0271 5564 FontCache - ok
19:18:48.0324 5564 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:18:48.0325 5564 FontCache3.0.0.0 - ok
19:18:48.0349 5564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:18:48.0351 5564 FsDepends - ok
19:18:48.0433 5564 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:18:48.0434 5564 Fs_Rec - ok
19:18:48.0479 5564 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:18:48.0484 5564 fvevol - ok
19:18:48.0518 5564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
19:18:48.0521 5564 gagp30kx - ok
19:18:48.0556 5564 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:18:48.0557 5564 GEARAspiWDM - ok
19:18:48.0631 5564 [ FA07EC01952729DDDDC5BF4BAE06B09E ] GFNEXSrv C:\Windows\System32\GFNEXSrv.exe
19:18:48.0638 5564 GFNEXSrv - ok
19:18:48.0710 5564 [ 9BA22AEE7F531EF9CE085CC2E1112BC4 ] GIDv2 C:\windows\system32\drivers\GIDv2.sys
19:18:48.0712 5564 GIDv2 - ok
19:18:48.0819 5564 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:18:48.0836 5564 gpsvc - ok
19:18:48.0936 5564 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:18:48.0939 5564 gupdate - ok
19:18:48.0947 5564 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:18:48.0950 5564 gupdatem - ok
19:18:49.0043 5564 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:18:49.0048 5564 gusvc - ok
19:18:49.0090 5564 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
19:18:49.0091 5564 hamachi - ok
19:18:49.0136 5564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:18:49.0138 5564 hcw85cir - ok
19:18:49.0187 5564 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:18:49.0190 5564 HdAudAddService - ok
19:18:49.0224 5564 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
19:18:49.0225 5564 HDAudBus - ok
19:18:49.0238 5564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
19:18:49.0238 5564 HidBatt - ok
19:18:49.0275 5564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
19:18:49.0277 5564 HidBth - ok
19:18:49.0302 5564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
19:18:49.0302 5564 HidIr - ok
19:18:49.0336 5564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
19:18:49.0337 5564 hidserv - ok
19:18:49.0376 5564 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:18:49.0378 5564 HidUsb - ok
19:18:49.0395 5564 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:18:49.0401 5564 hkmsvc - ok
19:18:49.0441 5564 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:18:49.0445 5564 HomeGroupListener - ok
19:18:49.0481 5564 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:18:49.0486 5564 HomeGroupProvider - ok
19:18:49.0526 5564 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:18:49.0528 5564 HpSAMD - ok
19:18:49.0576 5564 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:18:49.0586 5564 HTTP - ok
19:18:49.0608 5564 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:18:49.0609 5564 hwpolicy - ok
19:18:49.0632 5564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
19:18:49.0634 5564 i8042prt - ok
19:18:49.0687 5564 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:18:49.0691 5564 iaStor - ok
19:18:49.0757 5564 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:18:49.0763 5564 iaStorV - ok
19:18:49.0845 5564 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:18:49.0860 5564 idsvc - ok
19:18:50.0001 5564 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120921.001\IDSvia64.sys
19:18:50.0014 5564 IDSVia64 - ok
19:18:50.0479 5564 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:18:50.0690 5564 igfx - ok
19:18:50.0722 5564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
19:18:50.0723 5564 iirsp - ok
19:18:50.0765 5564 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:18:50.0786 5564 IKEEXT - ok
19:18:50.0934 5564 [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:18:51.0015 5564 IntcAzAudAddService - ok
19:18:51.0090 5564 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
19:18:51.0097 5564 IntcDAud - ok
19:18:51.0126 5564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:18:51.0128 5564 intelide - ok
19:18:51.0156 5564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:18:51.0158 5564 intelppm - ok
19:18:51.0196 5564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:18:51.0201 5564 IPBusEnum - ok
19:18:51.0246 5564 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:18:51.0249 5564 IpFilterDriver - ok
19:18:51.0292 5564 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:18:51.0304 5564 iphlpsvc - ok
19:18:51.0323 5564 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:18:51.0325 5564 IPMIDRV - ok
19:18:51.0344 5564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:18:51.0347 5564 IPNAT - ok
19:18:51.0417 5564 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:18:51.0427 5564 iPod Service - ok
19:18:51.0471 5564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:18:51.0472 5564 IRENUM - ok
19:18:51.0481 5564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:18:51.0482 5564 isapnp - ok
19:18:51.0502 5564 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:18:51.0506 5564 iScsiPrt - ok
19:18:51.0530 5564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:18:51.0531 5564 kbdclass - ok
19:18:51.0543 5564 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:18:51.0544 5564 kbdhid - ok
19:18:51.0563 5564 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:18:51.0565 5564 KeyIso - ok
19:18:51.0590 5564 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:18:51.0592 5564 KSecDD - ok
19:18:51.0623 5564 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:18:51.0627 5564 KSecPkg - ok
19:18:51.0667 5564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:18:51.0669 5564 ksthunk - ok
19:18:51.0715 5564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:18:51.0724 5564 KtmRm - ok
19:18:51.0778 5564 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
19:18:51.0791 5564 LanmanServer - ok
19:18:51.0834 5564 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:18:51.0847 5564 LanmanWorkstation - ok
19:18:51.0914 5564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:18:51.0916 5564 lltdio - ok
19:18:51.0954 5564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:18:51.0964 5564 lltdsvc - ok
19:18:51.0996 5564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:18:51.0999 5564 lmhosts - ok
19:18:52.0102 5564 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:18:52.0109 5564 LMS - ok
19:18:52.0152 5564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
19:18:52.0156 5564 LSI_FC - ok
19:18:52.0183 5564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
19:18:52.0185 5564 LSI_SAS - ok
19:18:52.0202 5564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
19:18:52.0203 5564 LSI_SAS2 - ok
19:18:52.0211 5564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
19:18:52.0214 5564 LSI_SCSI - ok
19:18:52.0230 5564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:18:52.0233 5564 luafv - ok
19:18:52.0257 5564 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:18:52.0260 5564 Mcx2Svc - ok
19:18:52.0298 5564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
19:18:52.0299 5564 megasas - ok
19:18:52.0339 5564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
19:18:52.0343 5564 MegaSR - ok
19:18:52.0372 5564 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:18:52.0374 5564 MEIx64 - ok
19:18:52.0451 5564 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:18:52.0455 5564 Microsoft Office Groove Audit Service - ok
19:18:52.0493 5564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:18:52.0501 5564 MMCSS - ok
19:18:52.0542 5564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:18:52.0545 5564 Modem - ok
19:18:52.0566 5564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:18:52.0568 5564 monitor - ok
19:18:52.0593 5564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:18:52.0596 5564 mouclass - ok
19:18:52.0627 5564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:18:52.0629 5564 mouhid - ok
19:18:52.0658 5564 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:18:52.0660 5564 mountmgr - ok
19:18:52.0676 5564 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:18:52.0679 5564 mpio - ok
19:18:52.0697 5564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:18:52.0699 5564 mpsdrv - ok
19:18:52.0744 5564 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:18:52.0757 5564 MpsSvc - ok
19:18:52.0820 5564 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:18:52.0825 5564 MRxDAV - ok
19:18:52.0859 5564 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:18:52.0864 5564 mrxsmb - ok
19:18:52.0895 5564 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:18:52.0902 5564 mrxsmb10 - ok
19:18:52.0928 5564 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:18:52.0930 5564 mrxsmb20 - ok
19:18:52.0940 5564 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
19:18:52.0942 5564 msahci - ok
19:18:52.0958 5564 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:18:52.0961 5564 msdsm - ok
19:18:52.0974 5564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:18:52.0979 5564 MSDTC - ok
19:18:53.0013 5564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:18:53.0014 5564 Msfs - ok
19:18:53.0051 5564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:18:53.0052 5564 mshidkmdf - ok
19:18:53.0074 5564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:18:53.0075 5564 msisadrv - ok
19:18:53.0099 5564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:18:53.0103 5564 MSiSCSI - ok
19:18:53.0108 5564 msiserver - ok
19:18:53.0170 5564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:18:53.0172 5564 MSKSSRV - ok
19:18:53.0190 5564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:18:53.0192 5564 MSPCLOCK - ok
19:18:53.0220 5564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:18:53.0221 5564 MSPQM - ok
19:18:53.0246 5564 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:18:53.0249 5564 MsRPC - ok
19:18:53.0275 5564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
19:18:53.0275 5564 mssmbios - ok
19:18:53.0285 5564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:18:53.0285 5564 MSTEE - ok
19:18:53.0303 5564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
19:18:53.0303 5564 MTConfig - ok
19:18:53.0319 5564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:18:53.0320 5564 Mup - ok
19:18:53.0403 5564 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
19:18:53.0404 5564 N360 - ok
19:18:53.0442 5564 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:18:53.0449 5564 napagent - ok
19:18:53.0482 5564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:18:53.0489 5564 NativeWifiP - ok
19:18:53.0581 5564 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120922.008\ENG64.SYS
19:18:53.0583 5564 NAVENG - ok
19:18:53.0708 5564 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120922.008\EX64.SYS
19:18:53.0725 5564 NAVEX15 - ok
19:18:53.0807 5564 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
19:18:53.0821 5564 NDIS - ok
19:18:53.0865 5564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:18:53.0867 5564 NdisCap - ok
19:18:53.0895 5564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:18:53.0896 5564 NdisTapi - ok
19:18:53.0907 5564 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:18:53.0909 5564 Ndisuio - ok
19:18:53.0930 5564 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:18:53.0934 5564 NdisWan - ok
19:18:53.0967 5564 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:18:53.0970 5564 NDProxy - ok
19:18:54.0004 5564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:18:54.0006 5564 NetBIOS - ok
19:18:54.0030 5564 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:18:54.0035 5564 NetBT - ok
19:18:54.0052 5564 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:18:54.0056 5564 Netlogon - ok
19:18:54.0100 5564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:18:54.0108 5564 Netman - ok
19:18:54.0149 5564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:54.0154 5564 NetMsmqActivator - ok
19:18:54.0165 5564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:54.0169 5564 NetPipeActivator - ok
19:18:54.0180 5564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:18:54.0187 5564 netprofm - ok
19:18:54.0193 5564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:54.0194 5564 NetTcpActivator - ok
19:18:54.0198 5564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:54.0200 5564 NetTcpPortSharing - ok
19:18:54.0236 5564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
19:18:54.0239 5564 nfrd960 - ok
19:18:54.0323 5564 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
19:18:54.0336 5564 NlaSvc - ok
19:18:54.0359 5564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:18:54.0360 5564 Npfs - ok
19:18:54.0382 5564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:18:54.0385 5564 nsi - ok
19:18:54.0430 5564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:18:54.0432 5564 nsiproxy - ok
19:18:54.0510 5564 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:18:54.0538 5564 Ntfs - ok
19:18:54.0572 5564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:18:54.0573 5564 Null - ok
19:18:54.0598 5564 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:18:54.0601 5564 nvraid - ok
19:18:54.0629 5564 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:18:54.0632 5564 nvstor - ok
19:18:54.0652 5564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:18:54.0654 5564 nv_agp - ok
19:18:54.0743 5564 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:18:54.0749 5564 odserv - ok
19:18:54.0828 5564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:18:54.0830 5564 ohci1394 - ok
19:18:54.0861 5564 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:18:54.0862 5564 ose - ok
19:18:54.0965 5564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:18:54.0979 5564 p2pimsvc - ok
19:18:55.0013 5564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:18:55.0023 5564 p2psvc - ok
19:18:55.0060 5564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
19:18:55.0063 5564 Parport - ok
19:18:55.0086 5564 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:18:55.0089 5564 partmgr - ok
19:18:55.0118 5564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:18:55.0124 5564 PcaSvc - ok
19:18:55.0207 5564 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
19:18:55.0211 5564 PCCUJobMgr - ok
19:18:55.0238 5564 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:18:55.0244 5564 pci - ok
19:18:55.0262 5564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
19:18:55.0264 5564 pciide - ok
19:18:55.0300 5564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
19:18:55.0305 5564 pcmcia - ok
19:18:55.0326 5564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:18:55.0329 5564 pcw - ok
19:18:55.0360 5564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:18:55.0372 5564 PEAUTH - ok
19:18:55.0452 5564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:18:55.0457 5564 PerfHost - ok
19:18:55.0503 5564 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
19:18:55.0505 5564 PGEffect - ok
19:18:55.0552 5564 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:18:55.0565 5564 pla - ok
19:18:55.0618 5564 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:18:55.0624 5564 PlugPlay - ok
19:18:55.0717 5564 [ B597C2C966B447E011B4AE1B4D053677 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
19:18:55.0727 5564 PMBDeviceInfoProvider - ok
19:18:55.0771 5564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:18:55.0779 5564 PNRPAutoReg - ok
19:18:55.0821 5564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:18:55.0833 5564 PNRPsvc - ok
19:18:55.0892 5564 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\windows\system32\DRIVERS\point64.sys
19:18:55.0895 5564 Point64 - ok
19:18:55.0934 5564 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:18:55.0948 5564 PolicyAgent - ok
19:18:55.0989 5564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:18:55.0999 5564 Power - ok
19:18:56.0039 5564 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:18:56.0043 5564 PptpMiniport - ok
19:18:56.0067 5564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
19:18:56.0070 5564 Processor - ok
19:18:56.0113 5564 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:18:56.0123 5564 ProfSvc - ok
19:18:56.0141 5564 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:18:56.0146 5564 ProtectedStorage - ok
19:18:56.0165 5564 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:18:56.0167 5564 Psched - ok
19:18:56.0238 5564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
19:18:56.0257 5564 ql2300 - ok
19:18:56.0274 5564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
19:18:56.0276 5564 ql40xx - ok
19:18:56.0309 5564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:18:56.0315 5564 QWAVE - ok
19:18:56.0324 5564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:18:56.0325 5564 QWAVEdrv - ok
19:18:56.0346 5564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:18:56.0348 5564 RasAcd - ok
19:18:56.0380 5564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:18:56.0382 5564 RasAgileVpn - ok
19:18:56.0411 5564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:18:56.0416 5564 RasAuto - ok
19:18:56.0438 5564 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:18:56.0441 5564 Rasl2tp - ok
19:18:56.0464 5564 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:18:56.0472 5564 RasMan - ok
19:18:56.0512 5564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:18:56.0516 5564 RasPppoe - ok
19:18:56.0550 5564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:18:56.0554 5564 RasSstp - ok
19:18:56.0582 5564 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:18:56.0590 5564 rdbss - ok
19:18:56.0613 5564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
19:18:56.0614 5564 rdpbus - ok
19:18:56.0638 5564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:18:56.0639 5564 RDPCDD - ok
19:18:56.0648 5564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:18:56.0649 5564 RDPENCDD - ok
19:18:56.0656 5564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:18:56.0657 5564 RDPREFMP - ok
19:18:56.0676 5564 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:18:56.0678 5564 RDPWD - ok
19:18:56.0720 5564 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:18:56.0724 5564 rdyboost - ok
19:18:56.0758 5564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:18:56.0762 5564 RemoteAccess - ok
19:18:56.0799 5564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:18:56.0805 5564 RemoteRegistry - ok
19:18:56.0831 5564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:18:56.0836 5564 RpcEptMapper - ok
19:18:56.0865 5564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:18:56.0868 5564 RpcLocator - ok
19:18:56.0964 5564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:18:56.0979 5564 RpcSs - ok
19:18:57.0029 5564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:18:57.0031 5564 rspndr - ok
19:18:57.0071 5564 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
19:18:57.0075 5564 RSUSBSTOR - ok
19:18:57.0112 5564 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
19:18:57.0120 5564 RTL8167 - ok
19:18:57.0189 5564 [ E7D79600575F755614DD5D79B044D588 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
19:18:57.0207 5564 RTL8192Ce - ok
19:18:57.0230 5564 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:18:57.0232 5564 SamSs - ok
19:18:57.0265 5564 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:18:57.0267 5564 sbp2port - ok
19:18:57.0306 5564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:18:57.0311 5564 SCardSvr - ok
19:18:57.0329 5564 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:18:57.0330 5564 scfilter - ok
19:18:57.0387 5564 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:18:57.0401 5564 Schedule - ok
19:18:57.0427 5564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:18:57.0428 5564 SCPolicySvc - ok
19:18:57.0456 5564 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:18:57.0460 5564 SDRSVC - ok
19:18:57.0496 5564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:18:57.0496 5564 secdrv - ok
19:18:57.0513 5564 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:18:57.0516 5564 seclogon - ok
19:18:57.0554 5564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
19:18:57.0557 5564 SENS - ok
19:18:57.0597 5564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:18:57.0604 5564 SensrSvc - ok
19:18:57.0635 5564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
19:18:57.0637 5564 Serenum - ok
19:18:57.0675 5564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
19:18:57.0679 5564 Serial - ok
19:18:57.0696 5564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
19:18:57.0698 5564 sermouse - ok
19:18:57.0730 5564 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:18:57.0734 5564 SessionEnv - ok
19:18:57.0737 5564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:18:57.0738 5564 sffdisk - ok
19:18:57.0756 5564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:18:57.0757 5564 sffp_mmc - ok
19:18:57.0759 5564 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:18:57.0760 5564 sffp_sd - ok
19:18:57.0771 5564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
19:18:57.0772 5564 sfloppy - ok
19:18:57.0814 5564 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:18:57.0824 5564 SharedAccess - ok
19:18:57.0869 5564 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:18:57.0882 5564 ShellHWDetection - ok
19:18:57.0910 5564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
19:18:57.0912 5564 SiSRaid2 - ok
19:18:57.0940 5564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
19:18:57.0943 5564 SiSRaid4 - ok
19:18:58.0018 5564 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:18:58.0022 5564 SkypeUpdate - ok
19:18:58.0050 5564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:18:58.0054 5564 Smb - ok
19:18:58.0095 5564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:18:58.0100 5564 SNMPTRAP - ok
19:18:58.0124 5564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:18:58.0126 5564 spldr - ok
19:18:58.0228 5564 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:18:58.0241 5564 Spooler - ok
19:18:58.0348 5564 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:18:58.0372 5564 sppsvc - ok
19:18:58.0392 5564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:18:58.0395 5564 sppuinotify - ok
19:18:58.0511 5564 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
19:18:58.0519 5564 SRTSP - ok
19:18:58.0556 5564 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
19:18:58.0559 5564 SRTSPX - ok
19:18:58.0615 5564 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:18:58.0621 5564 srv - ok
19:18:58.0643 5564 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:18:58.0648 5564 srv2 - ok
19:18:58.0664 5564 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:18:58.0667 5564 srvnet - ok
19:18:58.0703 5564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:18:58.0709 5564 SSDPSRV - ok
19:18:58.0733 5564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:18:58.0737 5564 SstpSvc - ok
19:18:58.0821 5564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
19:18:58.0824 5564 stexstor - ok
19:18:58.0893 5564 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:18:58.0913 5564 stisvc - ok
19:18:58.0938 5564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
19:18:58.0940 5564 swenum - ok
19:18:58.0985 5564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:18:59.0004 5564 swprv - ok
19:18:59.0041 5564 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
19:18:59.0044 5564 SymDS - ok
19:18:59.0118 5564 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
19:18:59.0137 5564 SymEFA - ok
19:18:59.0184 5564 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
19:18:59.0187 5564 SymEvent - ok
19:18:59.0229 5564 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
19:18:59.0232 5564 SymIRON - ok
19:18:59.0287 5564 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
19:18:59.0294 5564 SymNetS - ok
19:18:59.0388 5564 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:18:59.0408 5564 SynTP - ok
19:18:59.0553 5564 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:18:59.0577 5564 SysMain - ok
19:18:59.0619 5564 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:18:59.0622 5564 TabletInputService - ok
19:18:59.0642 5564 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:18:59.0647 5564 TapiSrv - ok
19:18:59.0665 5564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:18:59.0668 5564 TBS - ok
19:18:59.0820 5564 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:18:59.0871 5564 Tcpip - ok
19:18:59.0909 5564 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:18:59.0920 5564 TCPIP6 - ok
19:18:59.0953 5564 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:18:59.0954 5564 tcpipreg - ok
19:18:59.0988 5564 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
19:18:59.0990 5564 tdcmdpst - ok
19:19:00.0008 5564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:19:00.0010 5564 TDPIPE - ok
19:19:00.0040 5564 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:19:00.0041 5564 TDTCP - ok
19:19:00.0085 5564 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:19:00.0087 5564 tdx - ok
19:19:00.0101 5564 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
19:19:00.0103 5564 TermDD - ok
19:19:00.0140 5564 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:19:00.0149 5564 TermService - ok
19:19:00.0185 5564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:19:00.0188 5564 Themes - ok
19:19:00.0216 5564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:19:00.0218 5564 THREADORDER - ok
19:19:00.0309 5564 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:19:00.0311 5564 TMachInfo - ok
19:19:00.0332 5564 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
19:19:00.0343 5564 TODDSrv - ok
19:19:00.0498 5564 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:19:00.0509 5564 TosCoSrv - ok
19:19:00.0572 5564 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:19:00.0579 5564 TOSHIBA eco Utility Service - ok
19:19:00.0620 5564 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:19:00.0622 5564 TOSHIBA HDD SSD Alert Service - ok
19:19:00.0663 5564 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
19:19:00.0674 5564 tos_sps64 - ok
19:19:00.0723 5564 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:19:00.0730 5564 TPCHSrv - ok
19:19:00.0793 5564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:19:00.0804 5564 TrkWks - ok
19:19:00.0858 5564 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:19:00.0861 5564 TrustedInstaller - ok
19:19:00.0875 5564 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:19:00.0877 5564 tssecsrv - ok
19:19:00.0905 5564 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:19:00.0907 5564 TsUsbFlt - ok
19:19:00.0931 5564 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
19:19:00.0933 5564 TsUsbGD - ok
19:19:00.0948 5564 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:19:00.0952 5564 tunnel - ok
19:19:01.0010 5564 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:19:01.0012 5564 TVALZ - ok
19:19:01.0045 5564 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
19:19:01.0047 5564 TVALZFL - ok
19:19:01.0067 5564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
19:19:01.0071 5564 uagp35 - ok
19:19:01.0102 5564 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:19:01.0108 5564 udfs - ok
19:19:01.0135 5564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:19:01.0141 5564 UI0Detect - ok
19:19:01.0155 5564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:19:01.0157 5564 uliagpkx - ok
19:19:01.0190 5564 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
19:19:01.0192 5564 umbus - ok
19:19:01.0227 5564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:19:01.0229 5564 UmPass - ok
19:19:01.0488 5564 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:19:01.0504 5564 UNS - ok
19:19:01.0549 5564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:19:01.0554 5564 upnphost - ok
19:19:01.0602 5564 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
19:19:01.0606 5564 USBAAPL64 - ok
19:19:01.0649 5564 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
19:19:01.0654 5564 usbaudio - ok
19:19:01.0679 5564 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:19:01.0682 5564 usbccgp - ok
19:19:01.0697 5564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:19:01.0699 5564 usbcir - ok
19:19:01.0713 5564 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
19:19:01.0716 5564 usbehci - ok
19:19:01.0732 5564 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:19:01.0738 5564 usbhub - ok
19:19:01.0752 5564 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:19:01.0754 5564 usbohci - ok
19:19:01.0784 5564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:19:01.0786 5564 usbprint - ok
19:19:01.0819 5564 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:19:01.0821 5564 usbscan - ok
19:19:01.0833 5564 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:19:01.0835 5564 USBSTOR - ok
19:19:01.0852 5564 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:19:01.0854 5564 usbuhci - ok
19:19:01.0872 5564 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
19:19:01.0876 5564 usbvideo - ok
19:19:01.0911 5564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:19:01.0918 5564 UxSms - ok
19:19:01.0954 5564 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:19:01.0958 5564 VaultSvc - ok
19:19:01.0990 5564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:19:01.0993 5564 vdrvroot - ok
19:19:02.0029 5564 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:19:02.0045 5564 vds - ok
19:19:02.0073 5564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:19:02.0074 5564 vga - ok
19:19:02.0086 5564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:19:02.0087 5564 VgaSave - ok
19:19:02.0100 5564 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:19:02.0103 5564 vhdmp - ok
19:19:02.0118 5564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:19:02.0119 5564 viaide - ok
19:19:02.0132 5564 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:19:02.0134 5564 volmgr - ok
19:19:02.0146 5564 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:19:02.0150 5564 volmgrx - ok
19:19:02.0172 5564 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
19:19:02.0176 5564 volsnap - ok
19:19:02.0219 5564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
19:19:02.0223 5564 vsmraid - ok
19:19:02.0305 5564 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:19:02.0323 5564 VSS - ok
19:19:02.0335 5564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:19:02.0336 5564 vwifibus - ok
19:19:02.0371 5564 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:19:02.0373 5564 vwififlt - ok
19:19:02.0442 5564 [ E13B31E0ADA64CF1513D993F436CA39D ] VX3000 C:\windows\system32\DRIVERS\VX3000.sys
19:19:02.0468 5564 VX3000 - ok
19:19:02.0505 5564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:19:02.0513 5564 W32Time - ok
19:19:02.0551 5564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
19:19:02.0553 5564 WacomPen - ok
19:19:02.0582 5564 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:19:02.0584 5564 WANARP - ok
19:19:02.0589 5564 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:19:02.0590 5564 Wanarpv6 - ok
19:19:02.0677 5564 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:19:02.0691 5564 WatAdminSvc - ok
19:19:02.0758 5564 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:19:02.0786 5564 wbengine - ok
19:19:02.0827 5564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:19:02.0837 5564 WbioSrvc - ok
19:19:02.0861 5564 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:19:02.0872 5564 wcncsvc - ok
19:19:02.0891 5564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:19:02.0897 5564 WcsPlugInService - ok
19:19:02.0928 5564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
19:19:02.0930 5564 Wd - ok
19:19:02.0964 5564 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:19:02.0971 5564 Wdf01000 - ok
19:19:03.0003 5564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:19:03.0007 5564 WdiServiceHost - ok
19:19:03.0013 5564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:19:03.0016 5564 WdiSystemHost - ok
19:19:03.0049 5564 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:19:03.0055 5564 WebClient - ok
19:19:03.0067 5564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:19:03.0071 5564 Wecsvc - ok
19:19:03.0083 5564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:19:03.0087 5564 wercplsupport - ok
19:19:03.0112 5564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:19:03.0116 5564 WerSvc - ok
19:19:03.0143 5564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:19:03.0144 5564 WfpLwf - ok
19:19:03.0162 5564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:19:03.0163 5564 WIMMount - ok
19:19:03.0186 5564 WinDefend - ok
19:19:03.0204 5564 WinHttpAutoProxySvc - ok
19:19:03.0272 5564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:19:03.0279 5564 Winmgmt - ok
19:19:03.0387 5564 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:19:03.0412 5564 WinRM - ok
19:19:03.0460 5564 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
19:19:03.0461 5564 WinUSB - ok
19:19:03.0512 5564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:19:03.0523 5564 Wlansvc - ok
19:19:03.0575 5564 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:19:03.0575 5564 wlcrasvc - ok
19:19:03.0709 5564 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:19:03.0734 5564 wlidsvc - ok
19:19:03.0758 5564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
19:19:03.0759 5564 WmiAcpi - ok
19:19:03.0793 5564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:19:03.0796 5564 wmiApSrv - ok
19:19:03.0834 5564 WMPNetworkSvc - ok
19:19:03.0899 5564 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
19:19:03.0906 5564 WMZuneComm - ok
19:19:03.0951 5564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:19:03.0955 5564 WPCSvc - ok
19:19:03.0972 5564 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:19:03.0979 5564 WPDBusEnum - ok
19:19:04.0008 5564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:19:04.0010 5564 ws2ifsl - ok
19:19:04.0044 5564 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
19:19:04.0055 5564 wscsvc - ok
19:19:04.0062 5564 WSearch - ok
19:19:04.0229 5564 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:19:04.0281 5564 wuauserv - ok
19:19:04.0302 5564 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:19:04.0304 5564 WudfPf - ok
19:19:04.0322 5564 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:19:04.0326 5564 WUDFRd - ok
19:19:04.0349 5564 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:19:04.0355 5564 wudfsvc - ok
19:19:04.0390 5564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:19:04.0398 5564 WwanSvc - ok
19:19:04.0690 5564 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
19:19:04.0728 5564 ZuneNetworkSvc - ok
19:19:04.0814 5564 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
19:19:04.0824 5564 ZuneWlanCfgSvc - ok
19:19:04.0856 5564 ================ Scan global ===============================
19:19:04.0881 5564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:19:04.0921 5564 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:19:04.0945 5564 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:19:04.0971 5564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:19:05.0005 5564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:19:05.0020 5564 [Global] - ok
19:19:05.0021 5564 ================ Scan MBR ==================================
19:19:05.0049 5564 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:19:05.0456 5564 \Device\Harddisk0\DR0 - ok
19:19:05.0456 5564 ================ Scan VBR ==================================
19:19:05.0485 5564 [ 730C9E8D04F0439AA716E5A1D0474EC1 ] \Device\Harddisk0\DR0\Partition1
19:19:05.0487 5564 \Device\Harddisk0\DR0\Partition1 - ok
19:19:05.0488 5564 ============================================================
19:19:05.0488 5564 Scan finished
19:19:05.0488 5564 ============================================================
19:19:05.0503 1056 Detected object count: 0
19:19:05.0503 1056 Actual detected object count: 0

I will now follow the next set of things.

Edited by Jogi, 18 November 2012 - 07:21 PM.


#15 Jogi

Jogi
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 18 November 2012 - 08:35 PM

Malewarebytes Scan results:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jogi Usage :: JOGIS-PC [administrator]

11/18/2012 7:36:14 PM
mbam-log-2012-11-18 (19-36-14).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 397584
Time elapsed: 43 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\TDSSKiller_Quarantine\18.11.2012_18.45.28\tdlfs0000\trzEC43.tmp (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Minitoolbox results:

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Jogi Usage (administrator) on 18-11-2012 at 20:32:59
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jogis-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 74-DE-2B-B1-67-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3d94:daab:6198:db8d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 18, 2012 8:30:19 PM
Lease Expires . . . . . . . . . . : Monday, November 19, 2012 8:30:25 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242540075
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-61-44-8F-74-DE-2B-B1-67-78
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{535BE296-3865-4777-A362-B01A17FDBA23}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:38d0:3a9f:bbde:bc6e(Preferred)
Link-local IPv6 Address . . . . . : fe80::38d0:3a9f:bbde:bc6e%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:801::100e
74.125.228.72
74.125.228.73
74.125.228.78
74.125.228.64
74.125.228.66
74.125.228.71
74.125.228.67
74.125.228.69
74.125.228.70
74.125.228.65
74.125.228.68


Pinging google.com [74.125.228.33] with 32 bytes of data:
Reply from 74.125.228.33: bytes=32 time=19ms TTL=54
Reply from 74.125.228.33: bytes=32 time=17ms TTL=54

Ping statistics for 74.125.228.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 19ms, Average = 18ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=102ms TTL=48
Reply from 72.30.38.140: bytes=32 time=103ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 102ms, Maximum = 103ms, Average = 102ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...74 de 2b b1 67 78 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.12 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.12 281
192.168.1.12 255.255.255.255 On-link 192.168.1.12 281
192.168.1.255 255.255.255.255 On-link 192.168.1.12 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.12 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.12 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:38d0:3a9f:bbde:bc6e/128
On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::38d0:3a9f:bbde:bc6e/128
On-link
11 281 fe80::3d94:daab:6198:db8d/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/18/2012 08:30:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2012 07:34:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2012 07:18:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 07:12:36 PM) (Source: MsiInstaller) (User: JOGIS-PC)
Description: Product: Steam -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (11/18/2012 05:25:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 05:25:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 05:25:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 05:13:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2012 05:05:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/18/2012 04:33:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/18/2012 08:30:44 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
SymIRON

Error: (11/18/2012 07:34:52 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
SymIRON

Error: (11/18/2012 07:10:14 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (11/18/2012 07:10:14 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (11/18/2012 07:02:03 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (11/18/2012 07:02:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (11/18/2012 05:13:41 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
SymIRON

Error: (11/18/2012 04:33:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
SymIRON

Error: (11/18/2012 04:32:33 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0xffffffffc0000005, 0xfffff800030bb7ef, 0x0000000000000000, 0x000000007efa0000)C:\windows\MEMORY.DMP111812-19359-01

Error: (11/18/2012 04:32:24 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:31:45 PM on ?11/?18/?2012 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Akamai NetSession Interface
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1474.0)
Bonjour (Version: 3.0.0.10)
Camtasia Studio 7 (Version: 7.1.1)
CCleaner (Version: 3.22)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.09)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 23.0.1271.64)
Google Update Helper (Version: 1.3.21.123)
GuardedID (Version: 0.03.1038)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2509)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Java™ 7 Update 5 (Version: 7.0.50)
Java™ SE Development Kit 6 Update 31 (64-bit) (Version: 1.6.0.310)
JavaFX 2.1.1 (Version: 2.1.1)
JCreator LE 5.00
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
LADSPA_plugins-win-0.4.15
LAME v3.99.3 (for Windows)
Lorex Client 10 (Version: 10)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton Security Suite (Version: 5.2.2.3)
NVIDIA PhysX (Version: 9.12.0213)
Picasa 3 (Version: 3.8)
PlayMemories Home (Version: 6.0.02.14151)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6410)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Realtek WLAN Driver (Version: 2.00.0013)
Skype Launcher (Version: 2.01)
Skype™ 5.10 (Version: 5.10.116)
Stellarium 0.11.3
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 3.0.9490)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.5.64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 2.00.0014)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.8.0)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.9.64)
TOSHIBA Quality Application (Version: 1.0.4)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2)
TOSHIBA Service Station (Version: 2.2.13)
TOSHIBA Sleep Utility (Version: 1.4.2.8)
TOSHIBA Supervisor Password (Version: 2.00.0006)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBARegistration (Version: 1.0.7)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VISA Shared Components 64-Bit (Version: 1.3.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 6055.98 MB
Available physical RAM: 4427.39 MB
Total Pagefile: 12110.14 MB
Available Pagefile: 10314.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.6 MB

========================= Partitions: =====================================

1 Drive c: (TI106303W0D) (Fixed) (Total:682.06 GB) (Free:602.23 GB) NTFS

========================= Users: ========================================

User accounts for \\JOGIS-PC

Administrator Costco Guest
Jogi Usage

========================= Restore Points ==================================

11-10-2012 02:47:24 Windows Update
18-11-2012 23:57:13 Windows Update

**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users