Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Win64-Sirefef (Windows 7 - 64bit) [Solved]

Started by AnthonyOhio , Aug 27 2012 06:28 PM

This topic is locked

#1
AnthonyOhio

Posted 27 August 2012 - 06:28 PM

Member

Member
39 posts

I noticed that Windows defender was not running, it would not turn on so I installed it again. Windows defender detected 4 instances of Win64-Sirefef. Then my computer shut down, as soon as it would reboot, it would shut down and reboot.
I was able to Restore back to a previous and run OTL.

The results are attached.

Thank you,

Anthony

Attached Files

OTL.Txt 108.63KB 160 downloads

#2
WhiteHat

Posted 27 August 2012 - 07:33 PM

Trusted Helper

Retired Staff
1,925 posts

Hello AnthonyOhio and welcome to GeeksToGo

My nickname is WhiteHat and I'm going to help you fix your problem.

Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
Please do not try to fix anything without being asked
I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
Do not put your logs inside <Quote> and/or <Code> *important*
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
The fixes are specific to your problem and should only be used for this issue on this machine!
Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

In order to be notified when your topic has been replied to:

Click My Settings at the top of the page. An Option page will open. In the left hand column click Notification Options. On the new page that opens under the Notification Preferences section click Watch every topic I reply to and set the notification type to Immediate Notification.

#3
WhiteHat

Posted 27 August 2012 - 07:42 PM

Trusted Helper

Retired Staff
1,925 posts

Please reopen Posted Image

on your desktop.

Under the

box at the bottom, paste in the following

:Files
C:\windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\
C:\Users\A\AppData\Local\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\
C:\Users\A\AppData\Local\pmiohlayu.exe
ipconfig /flushdns /c

:Commands
[CREATERESTOREPOINT]
[REBOOT]

Then click the button at the top
Let the program run unhindered, reboot the PC when it is done
Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

NEXT:

Please go to: VirusTotal
Posted Image

Click the Choose File button and search for the following file (one by one):

C:\windows\SysNative\services.exe.69392835565CCA1A
Click Open > Scan It!.
Please be patient while the file is scanned.
Copy and past the Link (URL) with the results.

THEN:

Download aswMBR.exe ( 4.8mb ) to your desktop.

Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

FINALLY:

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure SKIP is selected. We only want the log
Note: do not choose Delete unless instructed.
Get the report by selecting Reports

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

#4
AnthonyOhio

Posted 27 August 2012 - 09:24 PM

Member

Topic Starter
Member
39 posts

Thank You White Hat,

Step one:
OTL LOG

========== FILES ==========
C:\windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\U folder moved successfully.
C:\windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\L folder moved successfully.
Folder move failed. C:\windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e} scheduled to be moved on reboot.
C:\Users\A\AppData\Local\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\U folder moved successfully.
C:\Users\A\AppData\Local\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\L folder moved successfully.
C:\Users\A\AppData\Local\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e} folder moved successfully.
C:\Users\A\AppData\Local\pmiohlayu.exe moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.59.1 log created on 08272012_231518

Files\Folders moved on Reboot...
C:\windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\U folder moved successfully.
Folder move failed. C:\windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e} scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#5
AnthonyOhio

Posted 27 August 2012 - 09:35 PM

Member

Topic Starter
Member
39 posts

I cannot find the file

C:\windows\SysNative\services.exe.69392835565CCA1A

And I do not have a folder

C:\windows\SysNative\

Want should my next step be?

Thank You,

Anthony

#6
WhiteHat

Posted 28 August 2012 - 03:07 PM

Trusted Helper

Retired Staff
1,925 posts

I cannot find the file

C:\windows\SysNative\services.exe.69392835565CCA1A

Sorry, take a look at C:\Windows\System32\services.exe.69392835565CCA1A

If you don't find the services.exe, no problem. Just go to the next step.

:thumbsup:

#7
AnthonyOhio

Posted 29 August 2012 - 07:08 AM

Member

Topic Starter
Member
39 posts

WhiteHat,

Here are the results.

VirusTotal link:

https://www.virustot...sis/1346244491/

TDSSKiller Report

08:58:51.0054 6860 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:58:51.0322 6860 ============================================================
08:58:51.0322 6860 Current date / time: 2012/08/29 08:58:51.0322
08:58:51.0322 6860 SystemInfo:
08:58:51.0322 6860
08:58:51.0322 6860 OS Version: 6.1.7601 ServicePack: 1.0
08:58:51.0322 6860 Product type: Workstation
08:58:51.0322 6860 ComputerName: A-QOSMIO
08:58:51.0323 6860 UserName: A
08:58:51.0323 6860 Windows directory: C:\windows
08:58:51.0323 6860 System windows directory: C:\windows
08:58:51.0323 6860 Running under WOW64
08:58:51.0323 6860 Processor architecture: Intel x64
08:58:51.0323 6860 Number of processors: 8
08:58:51.0323 6860 Page size: 0x1000
08:58:51.0323 6860 Boot type: Normal boot
08:58:51.0323 6860 ============================================================
08:58:51.0675 6860 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:58:52.0121 6860 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:58:52.0127 6860 Drive \Device\Harddisk2\DR6 - Size: 0x1E6C60000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:58:52.0129 6860 ============================================================
08:58:52.0129 6860 \Device\Harddisk0\DR0:
08:58:52.0130 6860 MBR partitions:
08:58:52.0130 6860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38469000
08:58:52.0130 6860 \Device\Harddisk1\DR1:
08:58:52.0130 6860 MBR partitions:
08:58:52.0140 6860 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1000, BlocksNum 0x57545000
08:58:52.0140 6860 \Device\Harddisk2\DR6:
08:58:52.0141 6860 MBR partitions:
08:58:52.0141 6860 \Device\Harddisk2\DR6\Partition1: MBR, Type 0xC, StartLBA 0x2D78, BlocksNum 0xF33588
08:58:52.0141 6860 ============================================================
08:58:52.0149 6860 C: <-> \Device\Harddisk0\DR0\Partition1
08:58:52.0167 6860 D: <-> \Device\Harddisk1\DR1\Partition1
08:58:52.0167 6860 ============================================================
08:58:52.0167 6860 Initialize success
08:58:52.0167 6860 ============================================================
08:59:40.0644 6200 ============================================================
08:59:40.0644 6200 Scan started
08:59:40.0644 6200 Mode: Manual; SigCheck; TDLFS;
08:59:40.0644 6200 ============================================================
08:59:40.0869 6200 ================ Scan system memory ========================
08:59:40.0869 6200 System memory - ok
08:59:40.0870 6200 ================ Scan services =============================
08:59:41.0061 6200 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:59:41.0118 6200 1394ohci - ok
08:59:41.0147 6200 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:59:41.0160 6200 ACPI - ok
08:59:41.0172 6200 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:59:41.0199 6200 AcpiPmi - ok
08:59:41.0280 6200 [ 861D18775087A286F53ADE05D0F31396 ] ActService C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
08:59:41.0302 6200 ActService ( UnsignedFile.Multi.Generic ) - warning
08:59:41.0303 6200 ActService - detected UnsignedFile.Multi.Generic (1)
08:59:41.0309 6200 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:59:41.0316 6200 AdobeARMservice - ok
08:59:41.0346 6200 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
08:59:41.0362 6200 adp94xx - ok
08:59:41.0378 6200 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
08:59:41.0392 6200 adpahci - ok
08:59:41.0406 6200 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
08:59:41.0416 6200 adpu320 - ok
08:59:41.0422 6200 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:59:41.0453 6200 AeLookupSvc - ok
08:59:41.0506 6200 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
08:59:41.0546 6200 AFD - ok
08:59:41.0551 6200 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
08:59:41.0559 6200 agp440 - ok
08:59:41.0564 6200 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
08:59:41.0574 6200 ALG - ok
08:59:41.0578 6200 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
08:59:41.0585 6200 aliide - ok
08:59:41.0588 6200 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
08:59:41.0595 6200 amdide - ok
08:59:41.0614 6200 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
08:59:41.0642 6200 AmdK8 - ok
08:59:41.0646 6200 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
08:59:41.0734 6200 AmdPPM - ok
08:59:41.0761 6200 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:59:41.0770 6200 amdsata - ok
08:59:41.0778 6200 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
08:59:41.0789 6200 amdsbs - ok
08:59:41.0792 6200 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:59:41.0800 6200 amdxata - ok
08:59:41.0804 6200 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
08:59:41.0831 6200 AppID - ok
08:59:41.0834 6200 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:59:41.0862 6200 AppIDSvc - ok
08:59:41.0868 6200 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
08:59:41.0909 6200 Appinfo - ok
08:59:41.0982 6200 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
08:59:41.0994 6200 AppMgmt - ok
08:59:42.0009 6200 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
08:59:42.0018 6200 arc - ok
08:59:42.0022 6200 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
08:59:42.0031 6200 arcsas - ok
08:59:42.0034 6200 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:59:42.0082 6200 AsyncMac - ok
08:59:42.0108 6200 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
08:59:42.0115 6200 atapi - ok
08:59:42.0172 6200 [ B2931C83CFB12A3223A47B180473AE1A ] athr C:\windows\system32\DRIVERS\athrx.sys
08:59:42.0235 6200 athr - ok
08:59:42.0256 6200 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:59:42.0292 6200 AudioEndpointBuilder - ok
08:59:42.0314 6200 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
08:59:42.0346 6200 AudioSrv - ok
08:59:42.0364 6200 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
08:59:42.0395 6200 AxInstSV - ok
08:59:42.0423 6200 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
08:59:42.0460 6200 b06bdrv - ok
08:59:42.0485 6200 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:59:42.0526 6200 b57nd60a - ok
08:59:42.0548 6200 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
08:59:42.0560 6200 BDESVC - ok
08:59:42.0563 6200 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
08:59:42.0607 6200 Beep - ok
08:59:42.0611 6200 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
08:59:42.0620 6200 blbdrive - ok
08:59:42.0625 6200 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:59:42.0650 6200 bowser - ok
08:59:42.0669 6200 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
08:59:42.0703 6200 BrFiltLo - ok
08:59:42.0707 6200 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
08:59:42.0717 6200 BrFiltUp - ok
08:59:42.0742 6200 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
08:59:42.0790 6200 Browser - ok
08:59:42.0807 6200 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:59:42.0821 6200 Brserid - ok
08:59:42.0824 6200 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:59:42.0852 6200 BrSerWdm - ok
08:59:42.0856 6200 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:59:42.0867 6200 BrUsbMdm - ok
08:59:42.0870 6200 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:59:42.0890 6200 BrUsbSer - ok
08:59:42.0894 6200 [ 2347ABBD13BADA65826FDAB4CAAFE357 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
08:59:42.0902 6200 BtFilter - ok
08:59:42.0926 6200 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
08:59:42.0952 6200 BTHMODEM - ok
08:59:42.0959 6200 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
08:59:42.0997 6200 bthserv - ok
08:59:43.0002 6200 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:59:43.0047 6200 cdfs - ok
08:59:43.0053 6200 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
08:59:43.0064 6200 cdrom - ok
08:59:43.0091 6200 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys
08:59:43.0097 6200 CeKbFilter - ok
08:59:43.0102 6200 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
08:59:43.0143 6200 CertPropSvc - ok
08:59:43.0148 6200 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
08:59:43.0178 6200 circlass - ok
08:59:43.0204 6200 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
08:59:43.0218 6200 CLFS - ok
08:59:43.0242 6200 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:59:43.0249 6200 clr_optimization_v2.0.50727_32 - ok
08:59:43.0261 6200 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:59:43.0269 6200 clr_optimization_v2.0.50727_64 - ok
08:59:43.0314 6200 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:59:43.0322 6200 clr_optimization_v4.0.30319_32 - ok
08:59:43.0345 6200 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:59:43.0354 6200 clr_optimization_v4.0.30319_64 - ok
08:59:43.0376 6200 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
08:59:43.0405 6200 CmBatt - ok
08:59:43.0428 6200 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
08:59:43.0435 6200 cmdide - ok
08:59:43.0472 6200 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
08:59:43.0493 6200 CNG - ok
08:59:43.0520 6200 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
08:59:43.0528 6200 Compbatt - ok
08:59:43.0543 6200 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
08:59:43.0573 6200 CompositeBus - ok
08:59:43.0576 6200 COMSysApp - ok
08:59:43.0591 6200 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
08:59:43.0599 6200 crcdisk - ok
08:59:43.0619 6200 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
08:59:43.0631 6200 CryptSvc - ok
08:59:43.0670 6200 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
08:59:43.0702 6200 CSC - ok
08:59:43.0758 6200 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
08:59:43.0795 6200 CscService - ok
08:59:43.0826 6200 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
08:59:43.0882 6200 DcomLaunch - ok
08:59:43.0960 6200 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
08:59:44.0061 6200 defragsvc - ok
08:59:44.0067 6200 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:59:44.0109 6200 DfsC - ok
08:59:44.0136 6200 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
08:59:44.0187 6200 Dhcp - ok
08:59:44.0191 6200 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
08:59:44.0218 6200 discache - ok
08:59:44.0225 6200 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
08:59:44.0234 6200 Disk - ok
08:59:44.0241 6200 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:59:44.0252 6200 Dnscache - ok
08:59:44.0273 6200 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
08:59:44.0304 6200 dot3svc - ok
08:59:44.0329 6200 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
08:59:44.0377 6200 DPS - ok
08:59:44.0380 6200 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:59:44.0410 6200 drmkaud - ok
08:59:44.0449 6200 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:59:44.0467 6200 DXGKrnl - ok
08:59:44.0473 6200 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
08:59:44.0502 6200 EapHost - ok
08:59:44.0556 6200 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
08:59:44.0637 6200 ebdrv - ok
08:59:44.0641 6200 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
08:59:44.0651 6200 EFS - ok
08:59:44.0696 6200 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:59:44.0716 6200 ehRecvr - ok
08:59:44.0722 6200 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
08:59:44.0732 6200 ehSched - ok
08:59:44.0748 6200 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
08:59:44.0764 6200 elxstor - ok
08:59:44.0768 6200 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
08:59:44.0800 6200 ErrDev - ok
08:59:44.0834 6200 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
08:59:44.0867 6200 EventSystem - ok
08:59:44.0888 6200 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
08:59:44.0918 6200 exfat - ok
08:59:44.0928 6200 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
08:59:44.0959 6200 fastfat - ok
08:59:44.0989 6200 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
08:59:45.0008 6200 Fax - ok
08:59:45.0011 6200 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
08:59:45.0042 6200 fdc - ok
08:59:45.0046 6200 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
08:59:45.0074 6200 fdPHost - ok
08:59:45.0077 6200 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
08:59:45.0106 6200 FDResPub - ok
08:59:45.0111 6200 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:59:45.0120 6200 FileInfo - ok
08:59:45.0123 6200 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:59:45.0164 6200 Filetrace - ok
08:59:45.0167 6200 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
08:59:45.0175 6200 flpydisk - ok
08:59:45.0185 6200 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:59:45.0197 6200 FltMgr - ok
08:59:45.0245 6200 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
08:59:45.0270 6200 FontCache - ok
08:59:45.0278 6200 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:59:45.0284 6200 FontCache3.0.0.0 - ok
08:59:45.0288 6200 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:59:45.0296 6200 FsDepends - ok
08:59:45.0299 6200 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:59:45.0306 6200 Fs_Rec - ok
08:59:45.0322 6200 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:59:45.0336 6200 fvevol - ok
08:59:45.0340 6200 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
08:59:45.0349 6200 gagp30kx - ok
08:59:45.0402 6200 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:59:45.0412 6200 GamesAppService - ok
08:59:45.0437 6200 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
08:59:45.0473 6200 gpsvc - ok
08:59:45.0506 6200 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:59:45.0514 6200 gupdate - ok
08:59:45.0516 6200 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:59:45.0523 6200 gupdatem - ok
08:59:45.0541 6200 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:59:45.0568 6200 hcw85cir - ok
08:59:45.0611 6200 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:59:45.0628 6200 HdAudAddService - ok
08:59:45.0645 6200 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
08:59:45.0674 6200 HDAudBus - ok
08:59:45.0677 6200 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
08:59:45.0690 6200 HidBatt - ok
08:59:45.0708 6200 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
08:59:45.0721 6200 HidBth - ok
08:59:45.0724 6200 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
08:59:45.0735 6200 HidIr - ok
08:59:45.0738 6200 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
08:59:45.0766 6200 hidserv - ok
08:59:45.0801 6200 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
08:59:45.0810 6200 HidUsb - ok
08:59:45.0825 6200 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
08:59:45.0869 6200 hkmsvc - ok
08:59:45.0877 6200 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:59:45.0895 6200 HomeGroupListener - ok
08:59:45.0903 6200 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:59:45.0924 6200 HomeGroupProvider - ok
08:59:45.0927 6200 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:59:45.0935 6200 HpSAMD - ok
08:59:45.0964 6200 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:59:46.0019 6200 HTTP - ok
08:59:46.0022 6200 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:59:46.0036 6200 hwpolicy - ok
08:59:46.0057 6200 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
08:59:46.0067 6200 i8042prt - ok
08:59:46.0119 6200 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
08:59:46.0130 6200 iaStor - ok
08:59:46.0147 6200 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:59:46.0162 6200 iaStorV - ok
08:59:46.0209 6200 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:59:46.0229 6200 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:59:46.0229 6200 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:59:46.0263 6200 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:59:46.0284 6200 idsvc - ok
08:59:46.0288 6200 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
08:59:46.0296 6200 iirsp - ok
08:59:46.0321 6200 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
08:59:46.0378 6200 IKEEXT - ok
08:59:46.0455 6200 [ A1FA448078C94E4D011EBD241821FF9E ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:59:46.0494 6200 IntcAzAudAddService - ok
08:59:46.0522 6200 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
08:59:46.0530 6200 intelide - ok
08:59:46.0533 6200 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:59:46.0563 6200 intelppm - ok
08:59:46.0587 6200 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:59:46.0628 6200 IPBusEnum - ok
08:59:46.0632 6200 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:59:46.0659 6200 IpFilterDriver - ok
08:59:46.0662 6200 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:59:46.0671 6200 IPMIDRV - ok
08:59:46.0689 6200 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:59:46.0735 6200 IPNAT - ok
08:59:46.0751 6200 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
08:59:46.0764 6200 IRENUM - ok
08:59:46.0768 6200 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:59:46.0775 6200 isapnp - ok
08:59:46.0785 6200 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:59:46.0797 6200 iScsiPrt - ok
08:59:46.0818 6200 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:59:46.0825 6200 IviRegMgr - ok
08:59:46.0836 6200 [ 935301DD8306CEEAEF0B84DD6ABFFDC6 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
08:59:46.0844 6200 JMCR - ok
08:59:46.0858 6200 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
08:59:46.0866 6200 kbdclass - ok
08:59:46.0869 6200 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:59:46.0879 6200 kbdhid - ok
08:59:46.0882 6200 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
08:59:46.0891 6200 KeyIso - ok
08:59:46.0895 6200 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:59:46.0904 6200 KSecDD - ok
08:59:46.0911 6200 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:59:46.0920 6200 KSecPkg - ok
08:59:46.0924 6200 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:59:46.0951 6200 ksthunk - ok
08:59:46.0970 6200 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
08:59:47.0020 6200 KtmRm - ok
08:59:47.0044 6200 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
08:59:47.0092 6200 LanmanServer - ok
08:59:47.0097 6200 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:59:47.0126 6200 LanmanWorkstation - ok
08:59:47.0156 6200 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:59:47.0208 6200 lltdio - ok
08:59:47.0238 6200 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
08:59:47.0284 6200 lltdsvc - ok
08:59:47.0288 6200 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
08:59:47.0315 6200 lmhosts - ok
08:59:47.0348 6200 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:59:47.0360 6200 LMS - ok
08:59:47.0378 6200 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
08:59:47.0385 6200 LPCFilter - ok
08:59:47.0391 6200 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
08:59:47.0400 6200 LSI_FC - ok
08:59:47.0420 6200 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
08:59:47.0429 6200 LSI_SAS - ok
08:59:47.0432 6200 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
08:59:47.0440 6200 LSI_SAS2 - ok
08:59:47.0444 6200 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
08:59:47.0452 6200 LSI_SCSI - ok
08:59:47.0468 6200 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
08:59:47.0515 6200 luafv - ok
08:59:47.0524 6200 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:59:47.0535 6200 Mcx2Svc - ok
08:59:47.0567 6200 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
08:59:47.0580 6200 MDM - ok
08:59:47.0583 6200 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
08:59:47.0591 6200 megasas - ok
08:59:47.0639 6200 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
08:59:47.0652 6200 MegaSR - ok
08:59:47.0656 6200 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
08:59:47.0662 6200 MEIx64 - ok
08:59:47.0675 6200 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
08:59:47.0704 6200 MMCSS - ok
08:59:47.0707 6200 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
08:59:47.0744 6200 Modem - ok
08:59:47.0748 6200 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:59:47.0759 6200 monitor - ok
08:59:47.0765 6200 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
08:59:47.0773 6200 mouclass - ok
08:59:47.0776 6200 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:59:47.0785 6200 mouhid - ok
08:59:47.0790 6200 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:59:47.0799 6200 mountmgr - ok
08:59:47.0831 6200 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:59:47.0840 6200 MozillaMaintenance - ok
08:59:47.0858 6200 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
08:59:47.0872 6200 MpFilter - ok
08:59:47.0898 6200 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
08:59:47.0910 6200 mpio - ok
08:59:47.0915 6200 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:59:47.0943 6200 mpsdrv - ok
08:59:47.0949 6200 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:59:47.0983 6200 MRxDAV - ok
08:59:48.0011 6200 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:59:48.0037 6200 mrxsmb - ok
08:59:48.0067 6200 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:59:48.0080 6200 mrxsmb10 - ok
08:59:48.0085 6200 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:59:48.0095 6200 mrxsmb20 - ok
08:59:48.0099 6200 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
08:59:48.0106 6200 msahci - ok
08:59:48.0128 6200 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:59:48.0138 6200 msdsm - ok
08:59:48.0155 6200 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
08:59:48.0168 6200 MSDTC - ok
08:59:48.0174 6200 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:59:48.0201 6200 Msfs - ok
08:59:48.0204 6200 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:59:48.0231 6200 mshidkmdf - ok
08:59:48.0234 6200 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:59:48.0242 6200 msisadrv - ok
08:59:48.0248 6200 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:59:48.0279 6200 MSiSCSI - ok
08:59:48.0281 6200 msiserver - ok
08:59:48.0302 6200 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:59:48.0329 6200 MSKSSRV - ok
08:59:48.0332 6200 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:59:48.0377 6200 MSPCLOCK - ok
08:59:48.0380 6200 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:59:48.0422 6200 MSPQM - ok
08:59:48.0462 6200 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:59:48.0476 6200 MsRPC - ok
08:59:48.0482 6200 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
08:59:48.0490 6200 mssmbios - ok
08:59:48.0497 6200 MSSQL$ACT7 - ok
08:59:48.0522 6200 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
08:59:48.0529 6200 MSSQLServerADHelper100 - ok
08:59:48.0532 6200 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:59:48.0577 6200 MSTEE - ok
08:59:48.0595 6200 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
08:59:48.0605 6200 MTConfig - ok
08:59:48.0611 6200 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
08:59:48.0619 6200 Mup - ok
08:59:48.0645 6200 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
08:59:48.0696 6200 napagent - ok
08:59:48.0726 6200 NasPmService - ok
08:59:48.0745 6200 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:59:48.0763 6200 NativeWifiP - ok
08:59:48.0812 6200 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
08:59:48.0851 6200 NDIS - ok
08:59:48.0855 6200 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:59:48.0902 6200 NdisCap - ok
08:59:48.0905 6200 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:59:48.0932 6200 NdisTapi - ok
08:59:48.0937 6200 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:59:48.0968 6200 Ndisuio - ok
08:59:48.0975 6200 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:59:49.0013 6200 NdisWan - ok
08:59:49.0018 6200 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:59:49.0044 6200 NDProxy - ok
08:59:49.0048 6200 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:59:49.0075 6200 NetBIOS - ok
08:59:49.0088 6200 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:59:49.0117 6200 NetBT - ok
08:59:49.0120 6200 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
08:59:49.0129 6200 Netlogon - ok
08:59:49.0156 6200 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
08:59:49.0210 6200 Netman - ok
08:59:49.0255 6200 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
08:59:49.0306 6200 netprofm - ok
08:59:49.0333 6200 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:59:49.0342 6200 NetTcpPortSharing - ok
08:59:49.0358 6200 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
08:59:49.0366 6200 nfrd960 - ok
08:59:49.0384 6200 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:59:49.0392 6200 NisDrv - ok
08:59:49.0406 6200 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
08:59:49.0417 6200 NisSrv - ok
08:59:49.0457 6200 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
08:59:49.0505 6200 NlaSvc - ok
08:59:49.0509 6200 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
08:59:49.0536 6200 Npfs - ok
08:59:49.0540 6200 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
08:59:49.0587 6200 nsi - ok
08:59:49.0590 6200 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:59:49.0617 6200 nsiproxy - ok
08:59:49.0674 6200 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:59:49.0717 6200 Ntfs - ok
08:59:49.0721 6200 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
08:59:49.0747 6200 Null - ok
08:59:49.0754 6200 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
08:59:49.0762 6200 nusb3hub - ok
08:59:49.0768 6200 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
08:59:49.0777 6200 nusb3xhc - ok
08:59:49.0805 6200 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
08:59:49.0814 6200 NVHDA - ok
08:59:50.0017 6200 [ 24E1BF08E1FDDBE2398EE38F59274E75 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
08:59:50.0179 6200 nvlddmkm - ok
08:59:50.0214 6200 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
08:59:50.0223 6200 nvraid - ok
08:59:50.0253 6200 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
08:59:50.0263 6200 nvstor - ok
08:59:50.0284 6200 [ 6099EBAE6545719A601410CB25234746 ] NvStUSB C:\windows\system32\DRIVERS\nvstusb.sys
08:59:50.0292 6200 NvStUSB - ok
08:59:50.0320 6200 [ B2B419D2C55ED6ED560E662BBE7D29F3 ] NVSvc C:\windows\system32\nvvsvc.exe
08:59:50.0350 6200 NVSvc - ok
08:59:50.0379 6200 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:59:50.0389 6200 nv_agp - ok
08:59:50.0393 6200 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:59:50.0423 6200 ohci1394 - ok
08:59:50.0455 6200 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:59:50.0462 6200 ose - ok
08:59:50.0474 6200 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:59:50.0503 6200 p2pimsvc - ok
08:59:50.0533 6200 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
08:59:50.0548 6200 p2psvc - ok
08:59:50.0561 6200 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
08:59:50.0571 6200 Parport - ok
08:59:50.0576 6200 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
08:59:50.0584 6200 partmgr - ok
08:59:50.0592 6200 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
08:59:50.0608 6200 PcaSvc - ok
08:59:50.0616 6200 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
08:59:50.0624 6200 PCCUJobMgr - ok
08:59:50.0631 6200 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
08:59:50.0641 6200 pci - ok
08:59:50.0644 6200 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
08:59:50.0652 6200 pciide - ok
08:59:50.0662 6200 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
08:59:50.0673 6200 pcmcia - ok
08:59:50.0677 6200 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
08:59:50.0685 6200 pcw - ok
08:59:50.0704 6200 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:59:50.0741 6200 PEAUTH - ok
08:59:50.0801 6200 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
08:59:50.0854 6200 PeerDistSvc - ok
08:59:50.0929 6200 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
08:59:50.0940 6200 PerfHost - ok
08:59:50.0947 6200 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
08:59:50.0953 6200 PGEffect - ok
08:59:50.0991 6200 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
08:59:51.0063 6200 pla - ok
08:59:51.0115 6200 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:59:51.0131 6200 PlugPlay - ok
08:59:51.0147 6200 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:59:51.0158 6200 PNRPAutoReg - ok
08:59:51.0163 6200 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:59:51.0175 6200 PNRPsvc - ok
08:59:51.0213 6200 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:59:51.0248 6200 PolicyAgent - ok
08:59:51.0282 6200 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
08:59:51.0324 6200 Power - ok
08:59:51.0358 6200 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:59:51.0400 6200 PptpMiniport - ok
08:59:51.0404 6200 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
08:59:51.0433 6200 Processor - ok
08:59:51.0456 6200 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
08:59:51.0491 6200 ProfSvc - ok
08:59:51.0494 6200 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
08:59:51.0502 6200 ProtectedStorage - ok
08:59:51.0508 6200 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:59:51.0537 6200 Psched - ok
08:59:51.0547 6200 [ 7712267DBAD69820E0766B17D8F6543E ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
08:59:51.0557 6200 PSI_SVC_2 - ok
08:59:51.0606 6200 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
08:59:51.0649 6200 ql2300 - ok
08:59:51.0653 6200 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
08:59:51.0662 6200 ql40xx - ok
08:59:51.0685 6200 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
08:59:51.0701 6200 QWAVE - ok
08:59:51.0705 6200 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:59:51.0718 6200 QWAVEdrv - ok
08:59:51.0755 6200 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\windows\WindowsMobile\rapimgr.dll
08:59:51.0765 6200 RapiMgr - ok
08:59:51.0770 6200 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:59:51.0817 6200 RasAcd - ok
08:59:51.0827 6200 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:59:51.0855 6200 RasAgileVpn - ok
08:59:51.0900 6200 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
08:59:51.0928 6200 RasAuto - ok
08:59:51.0934 6200 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:59:51.0981 6200 Rasl2tp - ok
08:59:52.0006 6200 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
08:59:52.0039 6200 RasMan - ok
08:59:52.0044 6200 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:59:52.0089 6200 RasPppoe - ok
08:59:52.0094 6200 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:59:52.0121 6200 RasSstp - ok
08:59:52.0146 6200 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:59:52.0176 6200 rdbss - ok
08:59:52.0180 6200 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
08:59:52.0216 6200 rdpbus - ok
08:59:52.0219 6200 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:59:52.0246 6200 RDPCDD - ok
08:59:52.0254 6200 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
08:59:52.0265 6200 RDPDR - ok
08:59:52.0268 6200 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:59:52.0294 6200 RDPENCDD - ok
08:59:52.0298 6200 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:59:52.0324 6200 RDPREFMP - ok
08:59:52.0355 6200 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:59:52.0369 6200 RDPWD - ok
08:59:52.0387 6200 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:59:52.0398 6200 rdyboost - ok
08:59:52.0406 6200 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
08:59:52.0413 6200 regi - ok
08:59:52.0419 6200 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
08:59:52.0468 6200 RemoteAccess - ok
08:59:52.0475 6200 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:59:52.0504 6200 RemoteRegistry - ok
08:59:52.0513 6200 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
08:59:52.0539 6200 ROOTMODEM - ok
08:59:52.0544 6200 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:59:52.0583 6200 RpcEptMapper - ok
08:59:52.0586 6200 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
08:59:52.0595 6200 RpcLocator - ok
08:59:52.0614 6200 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
08:59:52.0644 6200 RpcSs - ok
08:59:52.0652 6200 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:59:52.0680 6200 rspndr - ok
08:59:52.0721 6200 [ 39A719875F572241C585A629EE62EB14 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:59:52.0735 6200 RTL8167 - ok
08:59:52.0763 6200 [ 50BC0E3FF1C61FEA769949AB5355FD2A ] Sage ACT! Scheduler C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe
08:59:52.0767 6200 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - warning
08:59:52.0767 6200 Sage ACT! Scheduler - detected UnsignedFile.Multi.Generic (1)
08:59:52.0770 6200 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
08:59:52.0778 6200 SamSs - ok
08:59:52.0790 6200 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:59:52.0799 6200 sbp2port - ok
08:59:52.0816 6200 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
08:59:52.0847 6200 SCardSvr - ok
08:59:52.0851 6200 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:59:52.0889 6200 scfilter - ok
08:59:52.0934 6200 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
08:59:53.0005 6200 Schedule - ok
08:59:53.0010 6200 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
08:59:53.0037 6200 SCPolicySvc - ok
08:59:53.0041 6200 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
08:59:53.0063 6200 sdbus - ok
08:59:53.0070 6200 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:59:53.0081 6200 SDRSVC - ok
08:59:53.0103 6200 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:59:53.0146 6200 secdrv - ok
08:59:53.0181 6200 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
08:59:53.0209 6200 seclogon - ok
08:59:53.0213 6200 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
08:59:53.0244 6200 SENS - ok
08:59:53.0248 6200 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
08:59:53.0257 6200 SensrSvc - ok
08:59:53.0264 6200 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\windows\System32\Drivers\Sentinel64.sys
08:59:53.0272 6200 Sentinel64 - ok
08:59:53.0313 6200 [ E80B91AEC007711B1EEC9C83487754E2 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
08:59:53.0323 6200 SentinelSecurityRuntime - ok
08:59:53.0326 6200 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
08:59:53.0355 6200 Serenum - ok
08:59:53.0377 6200 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
08:59:53.0404 6200 Serial - ok
08:59:53.0408 6200 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
08:59:53.0427 6200 sermouse - ok
08:59:53.0436 6200 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
08:59:53.0468 6200 SessionEnv - ok
08:59:53.0473 6200 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:59:53.0483 6200 sffdisk - ok
08:59:53.0485 6200 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:59:53.0495 6200 sffp_mmc - ok
08:59:53.0498 6200 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:59:53.0511 6200 sffp_sd - ok
08:59:53.0513 6200 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
08:59:53.0522 6200 sfloppy - ok
08:59:53.0553 6200 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:59:53.0585 6200 ShellHWDetection - ok
08:59:53.0590 6200 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
08:59:53.0598 6200 SiSRaid2 - ok
08:59:53.0601 6200 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
08:59:53.0609 6200 SiSRaid4 - ok
08:59:53.0633 6200 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:59:53.0673 6200 Smb - ok
08:59:53.0689 6200 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:59:53.0712 6200 SNMPTRAP - ok
08:59:53.0734 6200 [ 2D5576C01C8A34AA614870E745FE8F19 ] SNTUSB64 C:\windows\system32\DRIVERS\SNTUSB64.SYS
08:59:53.0741 6200 SNTUSB64 - ok
08:59:53.0744 6200 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
08:59:53.0752 6200 spldr - ok
08:59:53.0773 6200 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
08:59:53.0807 6200 Spooler - ok
08:59:53.0870 6200 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
08:59:53.0926 6200 sppsvc - ok
08:59:53.0931 6200 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:59:53.0959 6200 sppuinotify - ok
08:59:53.0999 6200 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$ACT7 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
08:59:54.0011 6200 SQLAgent$ACT7 - ok
08:59:54.0056 6200 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:59:54.0067 6200 SQLBrowser - ok
08:59:54.0092 6200 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:59:54.0101 6200 SQLWriter - ok
08:59:54.0115 6200 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
08:59:54.0130 6200 srv - ok
08:59:54.0156 6200 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:59:54.0171 6200 srv2 - ok
08:59:54.0178 6200 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:59:54.0187 6200 srvnet - ok
08:59:54.0223 6200 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:59:54.0254 6200 SSDPSRV - ok
08:59:54.0259 6200 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
08:59:54.0288 6200 SstpSvc - ok
08:59:54.0331 6200 [ C7C4B2E29B2E9F757929868278BE3235 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:59:54.0344 6200 Stereo Service - ok
08:59:54.0366 6200 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
08:59:54.0375 6200 stexstor - ok
08:59:54.0390 6200 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
08:59:54.0420 6200 StillCam - ok
08:59:54.0461 6200 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
08:59:54.0482 6200 stisvc - ok
08:59:54.0512 6200 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
08:59:54.0522 6200 StorSvc - ok
08:59:54.0525 6200 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
08:59:54.0533 6200 swenum - ok
08:59:54.0561 6200 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
08:59:54.0615 6200 swprv - ok
08:59:54.0650 6200 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:59:54.0673 6200 SynTP - ok
08:59:54.0718 6200 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
08:59:54.0787 6200 SysMain - ok
08:59:54.0794 6200 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
08:59:54.0810 6200 TabletInputService - ok
08:59:54.0837 6200 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
08:59:54.0885 6200 TapiSrv - ok
08:59:54.0889 6200 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
08:59:54.0917 6200 TBS - ok
08:59:54.0970 6200 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:59:55.0024 6200 Tcpip - ok
08:59:55.0085 6200 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:59:55.0115 6200 TCPIP6 - ok
08:59:55.0124 6200 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:59:55.0170 6200 tcpipreg - ok
08:59:55.0203 6200 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:59:55.0209 6200 tdcmdpst - ok
08:59:55.0221 6200 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:59:55.0245 6200 TDPIPE - ok
08:59:55.0274 6200 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:59:55.0283 6200 TDTCP - ok
08:59:55.0289 6200 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:59:55.0315 6200 tdx - ok
08:59:55.0357 6200 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
08:59:55.0365 6200 TermDD - ok
08:59:55.0386 6200 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
08:59:55.0439 6200 TermService - ok
08:59:55.0443 6200 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
08:59:55.0457 6200 Themes - ok
08:59:55.0506 6200 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
08:59:55.0512 6200 Thpdrv - ok
08:59:55.0515 6200 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
08:59:55.0521 6200 Thpevm - ok
08:59:55.0545 6200 [ 9B032A63A0553A2D872815C64A0288BE ] Thpsrv C:\windows\system32\ThpSrv.exe
08:59:55.0557 6200 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
08:59:55.0557 6200 Thpsrv - detected UnsignedFile.Multi.Generic (1)
08:59:55.0570 6200 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
08:59:55.0597 6200 THREADORDER - ok
08:59:55.0627 6200 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:59:55.0633 6200 TMachInfo - ok
08:59:55.0640 6200 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
08:59:55.0648 6200 TODDSrv - ok
08:59:55.0693 6200 [ 63B379F8885CB1C557771BB8B16162E3 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:59:55.0704 6200 TosCoSrv ( UnsignedFile.Multi.Generic ) - warning
08:59:55.0704 6200 TosCoSrv - detected UnsignedFile.Multi.Generic (1)
08:59:55.0717 6200 [ 8F099BE5DB17D025E19652851399B9F1 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
08:59:55.0726 6200 TOSHIBA Bluetooth Service - ok
08:59:55.0737 6200 [ 2ECC833EA37CECE0052D4D9ADC184177 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:59:55.0747 6200 TOSHIBA eco Utility Service - ok
08:59:55.0765 6200 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:59:55.0773 6200 TOSHIBA HDD SSD Alert Service - ok
08:59:55.0777 6200 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
08:59:55.0783 6200 tosporte - ok
08:59:55.0814 6200 [ 09CF82C0068C7CFF7E2B3797BE7F5CC2 ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
08:59:55.0823 6200 tosrfbd - ok
08:59:55.0828 6200 [ 90F0B1745ABF13F44C2A6ED79F7CE9FB ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
08:59:55.0834 6200 tosrfbnp - ok
08:59:55.0839 6200 [ 9E4E65EA51E34647340BD6007467AC54 ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
08:59:55.0845 6200 Tosrfcom - ok
08:59:55.0848 6200 [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec C:\windows\system32\DRIVERS\tosrfec.sys
08:59:55.0853 6200 tosrfec - ok
08:59:55.0858 6200 [ 7D2467D3EB9BAA4B69AE4A28C83DE57A ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
08:59:55.0864 6200 Tosrfhid - ok
08:59:55.0868 6200 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
08:59:55.0873 6200 tosrfnds - ok
08:59:55.0877 6200 [ 7052B10E54B48AF12BD5606596A8E039 ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
08:59:55.0904 6200 TosRfSnd - ok
08:59:55.0908 6200 [ 7A0048693F98460FF537BE31C741B927 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
08:59:55.0914 6200 Tosrfusb - ok
08:59:55.0957 6200 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
08:59:55.0972 6200 tos_sps64 - ok
08:59:56.0027 6200 [ 9F8410CCC72B3470C96DA415BE0CF423 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:59:56.0047 6200 TPCHSrv - ok
08:59:56.0053 6200 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
08:59:56.0082 6200 TrkWks - ok
08:59:56.0095 6200 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:59:56.0125 6200 TrustedInstaller - ok
08:59:56.0130 6200 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:59:56.0177 6200 tssecsrv - ok
08:59:56.0213 6200 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:59:56.0223 6200 TsUsbFlt - ok
08:59:56.0234 6200 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
08:59:56.0242 6200 TsUsbGD - ok
08:59:56.0261 6200 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:59:56.0305 6200 tunnel - ok
08:59:56.0331 6200 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:59:56.0337 6200 TVALZ - ok
08:59:56.0350 6200 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:59:56.0356 6200 TVALZFL - ok
08:59:56.0359 6200 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
08:59:56.0368 6200 uagp35 - ok
08:59:56.0388 6200 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:59:56.0435 6200 udfs - ok
08:59:56.0468 6200 [ D2B2AB4235B360A9CCAE8E891350A474 ] UDSS c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
08:59:56.0475 6200 UDSS - ok
08:59:56.0481 6200 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:59:56.0491 6200 UI0Detect - ok
08:59:56.0511 6200 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:59:56.0520 6200 uliagpkx - ok
08:59:56.0534 6200 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
08:59:56.0559 6200 umbus - ok
08:59:56.0562 6200 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
08:59:56.0579 6200 UmPass - ok
08:59:56.0622 6200 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
08:59:56.0652 6200 UmRdpService - ok
08:59:56.0710 6200 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:59:56.0778 6200 UNS - ok
08:59:56.0791 6200 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
08:59:56.0824 6200 upnphost - ok
08:59:56.0829 6200 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:59:56.0838 6200 usbccgp - ok
08:59:56.0843 6200 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
08:59:56.0855 6200 usbcir - ok
08:59:56.0872 6200 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
08:59:56.0897 6200 usbehci - ok
08:59:56.0940 6200 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:59:56.0973 6200 usbhub - ok
08:59:56.0991 6200 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
08:59:57.0016 6200 usbohci - ok
08:59:57.0019 6200 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
08:59:57.0033 6200 usbprint - ok
08:59:57.0038 6200 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:59:57.0053 6200 USBSTOR - ok
08:59:57.0056 6200 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:59:57.0069 6200 usbuhci - ok
08:59:57.0076 6200 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
08:59:57.0088 6200 usbvideo - ok
08:59:57.0092 6200 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\windows\system32\DRIVERS\usb8023x.sys
08:59:57.0103 6200 usb_rndisx - ok
08:59:57.0107 6200 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
08:59:57.0141 6200 UxSms - ok
08:59:57.0145 6200 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
08:59:57.0153 6200 VaultSvc - ok
08:59:57.0157 6200 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:59:57.0164 6200 vdrvroot - ok
08:59:57.0194 6200 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
08:59:57.0243 6200 vds - ok
08:59:57.0251 6200 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:59:57.0261 6200 vga - ok
08:59:57.0264 6200 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
08:59:57.0292 6200 VgaSave - ok
08:59:57.0323 6200 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:59:57.0336 6200 vhdmp - ok
08:59:57.0341 6200 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
08:59:57.0349 6200 viaide - ok
08:59:57.0354 6200 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:59:57.0362 6200 volmgr - ok
08:59:57.0390 6200 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:59:57.0404 6200 volmgrx - ok
08:59:57.0414 6200 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
08:59:57.0426 6200 volsnap - ok
08:59:57.0462 6200 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
08:59:57.0474 6200 vsmraid - ok
08:59:57.0517 6200 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
08:59:57.0607 6200 VSS - ok
08:59:57.0610 6200 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:59:57.0621 6200 vwifibus - ok
08:59:57.0633 6200 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:59:57.0646 6200 vwififlt - ok
08:59:57.0682 6200 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:59:57.0695 6200 vwifimp - ok
08:59:57.0729 6200 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
08:59:57.0762 6200 W32Time - ok
08:59:57.0766 6200 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
08:59:57.0799 6200 WacomPen - ok
08:59:57.0827 6200 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:59:57.0855 6200 WANARP - ok
08:59:57.0879 6200 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:59:57.0906 6200 Wanarpv6 - ok
08:59:57.0992 6200 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:59:58.0015 6200 WatAdminSvc - ok
08:59:58.0069 6200 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
08:59:58.0109 6200 wbengine - ok
08:59:58.0117 6200 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:59:58.0133 6200 WbioSrvc - ok
08:59:58.0188 6200 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\windows\WindowsMobile\wcescomm.dll
08:59:58.0202 6200 WcesComm - ok
08:59:58.0214 6200 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
08:59:58.0233 6200 wcncsvc - ok
08:59:58.0237 6200 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:59:58.0246 6200 WcsPlugInService - ok
08:59:58.0250 6200 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
08:59:58.0257 6200 Wd - ok
08:59:58.0284 6200 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:59:58.0303 6200 Wdf01000 - ok
08:59:58.0308 6200 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
08:59:58.0394 6200 WdiServiceHost - ok
08:59:58.0396 6200 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
08:59:58.0410 6200 WdiSystemHost - ok
08:59:58.0425 6200 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
08:59:58.0459 6200 WebClient - ok
08:59:58.0469 6200 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
08:59:58.0501 6200 Wecsvc - ok
08:59:58.0506 6200 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:59:58.0534 6200 wercplsupport - ok
08:59:58.0570 6200 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
08:59:58.0599 6200 WerSvc - ok
08:59:58.0605 6200 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:59:58.0631 6200 WfpLwf - ok
08:59:58.0635 6200 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:59:58.0642 6200 WIMMount - ok
08:59:58.0645 6200 WinHttpAutoProxySvc - ok
08:59:58.0665 6200 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:59:58.0695 6200 Winmgmt - ok
08:59:58.0758 6200 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
08:59:58.0825 6200 WinRM - ok
08:59:58.0874 6200 [ FE88B288356E7B47B74B13372ADD906D ] winusb C:\windows\system32\DRIVERS\winusb.sys
08:59:58.0886 6200 winusb - ok
08:59:58.0925 6200 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
08:59:58.0970 6200 Wlansvc - ok
08:59:58.0992 6200 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:59:58.0999 6200 wlcrasvc - ok
08:59:59.0050 6200 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:59:59.0107 6200 wlidsvc - ok
08:59:59.0111 6200 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:59:59.0138 6200 WmiAcpi - ok
08:59:59.0160 6200 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:59:59.0190 6200 wmiApSrv - ok
08:59:59.0193 6200 WMPNetworkSvc - ok
08:59:59.0237 6200 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
08:59:59.0250 6200 WMZuneComm - ok
08:59:59.0253 6200 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
08:59:59.0262 6200 WPCSvc - ok
08:59:59.0267 6200 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:59:59.0279 6200 WPDBusEnum - ok
08:59:59.0284 6200 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:59:59.0310 6200 ws2ifsl - ok
08:59:59.0312 6200 WSearch - ok
08:59:59.0319 6200 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:59:59.0346 6200 WudfPf - ok
08:59:59.0384 6200 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:59:59.0431 6200 WUDFRd - ok
08:59:59.0436 6200 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:59:59.0464 6200 wudfsvc - ok
08:59:59.0473 6200 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
08:59:59.0514 6200 WwanSvc - ok
08:59:59.0648 6200 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
08:59:59.0858 6200 ZuneNetworkSvc - ok
08:59:59.0883 6200 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
08:59:59.0899 6200 ZuneWlanCfgSvc - ok
08:59:59.0925 6200 ================ Scan global ===============================
08:59:59.0947 6200 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
08:59:59.0968 6200 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:59:59.0974 6200 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:59:59.0979 6200 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
09:00:00.0008 6200 [ 014A9CB92514E27C0107614DF764BC06 ] C:\windows\system32\services.exe
09:00:00.0014 6200 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
09:00:00.0014 6200 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
09:00:00.0014 6200 ================ Scan MBR ==================================
09:00:00.0017 6200 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
09:00:00.0520 6200 \Device\Harddisk0\DR0 - ok
09:00:00.0522 6200 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
09:00:01.0670 6200 \Device\Harddisk1\DR1 - ok
09:00:01.0673 6200 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR6
09:00:03.0560 6200 \Device\Harddisk2\DR6 - ok
09:00:03.0560 6200 ================ Scan VBR ==================================
09:00:03.0562 6200 [ 28DCF8208E1A6185114F40292BEA3DAF ] \Device\Harddisk0\DR0\Partition1
09:00:03.0564 6200 \Device\Harddisk0\DR0\Partition1 - ok
09:00:03.0601 6200 [ D2BFF469E7347C10C7D873494137D024 ] \Device\Harddisk1\DR1\Partition1
09:00:03.0603 6200 \Device\Harddisk1\DR1\Partition1 - ok
09:00:03.0605 6200 [ F3345EB40BE6DF8744ABAFD1BC3B9A0D ] \Device\Harddisk2\DR6\Partition1
09:00:03.0606 6200 \Device\Harddisk2\DR6\Partition1 - ok
09:00:03.0607 6200 ============================================================
09:00:03.0607 6200 Scan finished
09:00:03.0607 6200 ============================================================
09:00:03.0613 7100 Detected object count: 6
09:00:03.0613 7100 Actual detected object count: 6
09:01:31.0870 7100 ActService ( UnsignedFile.Multi.Generic ) - skipped by user
09:01:31.0870 7100 ActService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:01:31.0871 7100 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:01:31.0871 7100 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:01:31.0871 7100 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
09:01:31.0871 7100 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:01:31.0872 7100 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:01:31.0872 7100 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:01:31.0873 7100 TosCoSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:01:31.0873 7100 TosCoSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:01:31.0874 7100 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - skipped by user
09:01:31.0874 7100 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Skip

Thank You,

Anthony

#8
WhiteHat

Posted 29 August 2012 - 12:10 PM

Trusted Helper

Retired Staff
1,925 posts

Hi,

Do you have the Windows DVD?

I need to know if you have the Recovery Console in your computer. To see this, follow these steps:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
See if the option Repair your computer exist:

NEXT:

Run TDSSKiller again and when he found the file C:\Windows\System32\Services.exe, click in the Cure option. Do not choose Delete.

Send me the TDSSKiller log. :thumbsup:

#9
AnthonyOhio

Posted 29 August 2012 - 01:52 PM

Member

Topic Starter
Member
39 posts

WhiteHat,

I do not have a windows DVD.

I do have 'Repair Your Computer'

When 'Repair Your Computer' is selected I get the follow 6 options:

Startup Repair

System Restore

System Image Recovery

Windows Memory Diagnostic

Command Prompt

Toshiba Recovery Wizard

#10
WhiteHat

Posted 29 August 2012 - 07:39 PM

Trusted Helper

Retired Staff
1,925 posts

Hi,

You forgot to send me the TDSSKiller log:

Run TDSSKiller again and when he found the file C:\Windows\System32\Services.exe, click in the Cure option. Do not choose Delete.

Send me the TDSSKiller log.

NEXT

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select English as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#11
AnthonyOhio

Posted 29 August 2012 - 08:19 PM

Member

Topic Starter
Member
39 posts

Here is the TDSSKiller report:

22:14:20.0271 3624 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:14:21.0082 3624 ============================================================
22:14:21.0082 3624 Current date / time: 2012/08/29 22:14:21.0082
22:14:21.0082 3624 SystemInfo:
22:14:21.0082 3624
22:14:21.0082 3624 OS Version: 6.1.7601 ServicePack: 1.0
22:14:21.0082 3624 Product type: Workstation
22:14:21.0082 3624 ComputerName: A-QOSMIO
22:14:21.0082 3624 UserName: A
22:14:21.0082 3624 Windows directory: C:\windows
22:14:21.0082 3624 System windows directory: C:\windows
22:14:21.0082 3624 Running under WOW64
22:14:21.0082 3624 Processor architecture: Intel x64
22:14:21.0082 3624 Number of processors: 8
22:14:21.0082 3624 Page size: 0x1000
22:14:21.0082 3624 Boot type: Normal boot
22:14:21.0082 3624 ============================================================
22:14:22.0232 3624 BG loaded
22:14:22.0732 3624 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:14:22.0772 3624 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:14:22.0803 3624 Drive \Device\Harddisk2\DR2 - Size: 0x1E6C60000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:14:22.0803 3624 ============================================================
22:14:22.0803 3624 \Device\Harddisk0\DR0:
22:14:22.0803 3624 MBR partitions:
22:14:22.0803 3624 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38469000
22:14:22.0803 3624 \Device\Harddisk1\DR1:
22:14:22.0803 3624 MBR partitions:
22:14:22.0803 3624 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1000, BlocksNum 0x57545000
22:14:22.0803 3624 \Device\Harddisk2\DR2:
22:14:22.0803 3624 MBR partitions:
22:14:22.0803 3624 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2D78, BlocksNum 0xF33588
22:14:22.0803 3624 ============================================================
22:14:22.0819 3624 C: <-> \Device\Harddisk0\DR0\Partition1
22:14:22.0834 3624 D: <-> \Device\Harddisk1\DR1\Partition1
22:14:22.0834 3624 ============================================================
22:14:22.0834 3624 Initialize success
22:14:22.0834 3624 ============================================================
22:15:07.0591 4864 ============================================================
22:15:07.0591 4864 Scan started
22:15:07.0591 4864 Mode: Manual; SigCheck; TDLFS;
22:15:07.0591 4864 ============================================================
22:15:10.0227 4864 ================ Scan system memory ========================
22:15:10.0227 4864 System memory - ok
22:15:10.0227 4864 ================ Scan services =============================
22:15:10.0446 4864 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
22:15:10.0492 4864 1394ohci - ok
22:15:10.0524 4864 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
22:15:10.0539 4864 ACPI - ok
22:15:10.0555 4864 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
22:15:10.0633 4864 AcpiPmi - ok
22:15:10.0711 4864 [ 861D18775087A286F53ADE05D0F31396 ] ActService C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
22:15:10.0758 4864 ActService ( UnsignedFile.Multi.Generic ) - warning
22:15:10.0758 4864 ActService - detected UnsignedFile.Multi.Generic (1)
22:15:10.0773 4864 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:15:10.0773 4864 AdobeARMservice - ok
22:15:10.0804 4864 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
22:15:10.0820 4864 adp94xx - ok
22:15:10.0867 4864 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
22:15:10.0867 4864 adpahci - ok
22:15:10.0898 4864 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
22:15:10.0898 4864 adpu320 - ok
22:15:10.0914 4864 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:15:11.0007 4864 AeLookupSvc - ok
22:15:11.0085 4864 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
22:15:11.0101 4864 AFD - ok
22:15:11.0101 4864 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
22:15:11.0116 4864 agp440 - ok
22:15:11.0116 4864 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
22:15:11.0148 4864 ALG - ok
22:15:11.0148 4864 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
22:15:11.0163 4864 aliide - ok
22:15:11.0163 4864 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
22:15:11.0163 4864 amdide - ok
22:15:11.0179 4864 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
22:15:11.0194 4864 AmdK8 - ok
22:15:11.0210 4864 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
22:15:11.0210 4864 AmdPPM - ok
22:15:11.0226 4864 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:15:11.0226 4864 amdsata - ok
22:15:11.0241 4864 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
22:15:11.0257 4864 amdsbs - ok
22:15:11.0257 4864 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
22:15:11.0257 4864 amdxata - ok
22:15:11.0272 4864 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
22:15:11.0366 4864 AppID - ok
22:15:11.0366 4864 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
22:15:11.0397 4864 AppIDSvc - ok
22:15:11.0444 4864 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
22:15:11.0475 4864 Appinfo - ok
22:15:11.0538 4864 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
22:15:11.0553 4864 AppMgmt - ok
22:15:11.0553 4864 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
22:15:11.0569 4864 arc - ok
22:15:11.0569 4864 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
22:15:11.0584 4864 arcsas - ok
22:15:11.0584 4864 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:15:11.0616 4864 AsyncMac - ok
22:15:11.0616 4864 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
22:15:11.0631 4864 atapi - ok
22:15:11.0709 4864 [ B2931C83CFB12A3223A47B180473AE1A ] athr C:\windows\system32\DRIVERS\athrx.sys
22:15:11.0740 4864 athr - ok
22:15:11.0756 4864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:15:11.0787 4864 AudioEndpointBuilder - ok
22:15:11.0834 4864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
22:15:11.0865 4864 AudioSrv - ok
22:15:11.0896 4864 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
22:15:11.0943 4864 AxInstSV - ok
22:15:11.0974 4864 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
22:15:11.0990 4864 b06bdrv - ok
22:15:12.0006 4864 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
22:15:12.0021 4864 b57nd60a - ok
22:15:12.0037 4864 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
22:15:12.0037 4864 BDESVC - ok
22:15:12.0037 4864 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
22:15:12.0068 4864 Beep - ok
22:15:12.0084 4864 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
22:15:12.0084 4864 blbdrive - ok
22:15:12.0099 4864 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:15:12.0099 4864 bowser - ok
22:15:12.0099 4864 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
22:15:12.0115 4864 BrFiltLo - ok
22:15:12.0115 4864 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
22:15:12.0130 4864 BrFiltUp - ok
22:15:12.0130 4864 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
22:15:12.0177 4864 Browser - ok
22:15:12.0208 4864 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:15:12.0224 4864 Brserid - ok
22:15:12.0224 4864 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:15:12.0240 4864 BrSerWdm - ok
22:15:12.0240 4864 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:15:12.0255 4864 BrUsbMdm - ok
22:15:12.0255 4864 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:15:12.0271 4864 BrUsbSer - ok
22:15:12.0271 4864 [ 2347ABBD13BADA65826FDAB4CAAFE357 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
22:15:12.0286 4864 BtFilter - ok
22:15:12.0286 4864 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
22:15:12.0302 4864 BTHMODEM - ok
22:15:12.0302 4864 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
22:15:12.0333 4864 bthserv - ok
22:15:12.0333 4864 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:15:12.0364 4864 cdfs - ok
22:15:12.0380 4864 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:15:12.0380 4864 cdrom - ok
22:15:12.0442 4864 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys
22:15:12.0442 4864 CeKbFilter - ok
22:15:12.0458 4864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
22:15:12.0474 4864 CertPropSvc - ok
22:15:12.0489 4864 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
22:15:12.0489 4864 circlass - ok
22:15:12.0520 4864 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
22:15:12.0536 4864 CLFS - ok
22:15:12.0552 4864 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:15:12.0552 4864 clr_optimization_v2.0.50727_32 - ok
22:15:12.0567 4864 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:15:12.0567 4864 clr_optimization_v2.0.50727_64 - ok
22:15:12.0614 4864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:15:12.0645 4864 clr_optimization_v4.0.30319_32 - ok
22:15:12.0661 4864 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:15:12.0676 4864 clr_optimization_v4.0.30319_64 - ok
22:15:12.0676 4864 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
22:15:12.0676 4864 CmBatt - ok
22:15:12.0692 4864 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
22:15:12.0692 4864 cmdide - ok
22:15:12.0723 4864 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
22:15:12.0754 4864 CNG - ok
22:15:12.0770 4864 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
22:15:12.0770 4864 Compbatt - ok
22:15:12.0786 4864 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
22:15:12.0801 4864 CompositeBus - ok
22:15:12.0801 4864 COMSysApp - ok
22:15:12.0801 4864 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
22:15:12.0817 4864 crcdisk - ok
22:15:12.0817 4864 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
22:15:12.0832 4864 CryptSvc - ok
22:15:12.0848 4864 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
22:15:12.0879 4864 CSC - ok
22:15:12.0895 4864 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
22:15:12.0926 4864 CscService - ok
22:15:12.0957 4864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
22:15:12.0988 4864 DcomLaunch - ok
22:15:13.0035 4864 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
22:15:13.0066 4864 defragsvc - ok
22:15:13.0066 4864 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:15:13.0098 4864 DfsC - ok
22:15:13.0129 4864 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
22:15:13.0160 4864 Dhcp - ok
22:15:13.0160 4864 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
22:15:13.0191 4864 discache - ok
22:15:13.0207 4864 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
22:15:13.0222 4864 Disk - ok
22:15:13.0222 4864 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
22:15:13.0238 4864 Dnscache - ok
22:15:13.0254 4864 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
22:15:13.0285 4864 dot3svc - ok
22:15:13.0285 4864 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
22:15:13.0316 4864 DPS - ok
22:15:13.0332 4864 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:15:13.0347 4864 drmkaud - ok
22:15:13.0378 4864 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:15:13.0410 4864 DXGKrnl - ok
22:15:13.0410 4864 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
22:15:13.0441 4864 EapHost - ok
22:15:13.0519 4864 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
22:15:13.0597 4864 ebdrv - ok
22:15:13.0628 4864 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
22:15:13.0628 4864 EFS - ok
22:15:13.0675 4864 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:15:13.0690 4864 ehRecvr - ok
22:15:13.0706 4864 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
22:15:13.0722 4864 ehSched - ok
22:15:13.0737 4864 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
22:15:13.0753 4864 elxstor - ok
22:15:13.0768 4864 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
22:15:13.0768 4864 ErrDev - ok
22:15:13.0862 4864 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
22:15:13.0893 4864 EventSystem - ok
22:15:13.0893 4864 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
22:15:13.0924 4864 exfat - ok
22:15:13.0940 4864 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
22:15:13.0956 4864 fastfat - ok
22:15:14.0002 4864 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
22:15:14.0018 4864 Fax - ok
22:15:14.0018 4864 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
22:15:14.0034 4864 fdc - ok
22:15:14.0034 4864 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
22:15:14.0065 4864 fdPHost - ok
22:15:14.0065 4864 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
22:15:14.0096 4864 FDResPub - ok
22:15:14.0096 4864 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:15:14.0112 4864 FileInfo - ok
22:15:14.0112 4864 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:15:14.0143 4864 Filetrace - ok
22:15:14.0143 4864 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
22:15:14.0158 4864 flpydisk - ok
22:15:14.0174 4864 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:15:14.0174 4864 FltMgr - ok
22:15:14.0221 4864 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
22:15:14.0236 4864 FontCache - ok
22:15:14.0236 4864 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:15:14.0252 4864 FontCache3.0.0.0 - ok
22:15:14.0252 4864 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:15:14.0268 4864 FsDepends - ok
22:15:14.0268 4864 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:15:14.0268 4864 Fs_Rec - ok
22:15:14.0283 4864 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:15:14.0299 4864 fvevol - ok
22:15:14.0299 4864 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
22:15:14.0314 4864 gagp30kx - ok
22:15:14.0346 4864 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
22:15:14.0361 4864 GamesAppService - ok
22:15:14.0392 4864 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
22:15:14.0424 4864 gpsvc - ok
22:15:14.0439 4864 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:15:14.0439 4864 gupdate - ok
22:15:14.0439 4864 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:15:14.0455 4864 gupdatem - ok
22:15:14.0455 4864 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:15:14.0470 4864 hcw85cir - ok
22:15:14.0502 4864 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:15:14.0517 4864 HdAudAddService - ok
22:15:14.0533 4864 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
22:15:14.0533 4864 HDAudBus - ok
22:15:14.0548 4864 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
22:15:14.0548 4864 HidBatt - ok
22:15:14.0564 4864 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
22:15:14.0580 4864 HidBth - ok
22:15:14.0580 4864 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
22:15:14.0595 4864 HidIr - ok
22:15:14.0595 4864 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
22:15:14.0626 4864 hidserv - ok
22:15:14.0626 4864 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
22:15:14.0626 4864 HidUsb - ok
22:15:14.0658 4864 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
22:15:14.0689 4864 hkmsvc - ok
22:15:14.0704 4864 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:15:14.0704 4864 HomeGroupListener - ok
22:15:14.0720 4864 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:15:14.0736 4864 HomeGroupProvider - ok
22:15:14.0736 4864 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
22:15:14.0736 4864 HpSAMD - ok
22:15:14.0767 4864 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
22:15:14.0798 4864 HTTP - ok
22:15:14.0798 4864 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:15:14.0814 4864 hwpolicy - ok
22:15:14.0814 4864 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
22:15:14.0829 4864 i8042prt - ok
22:15:14.0845 4864 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
22:15:14.0860 4864 iaStor - ok
22:15:14.0876 4864 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:15:14.0892 4864 iaStorV - ok
22:15:14.0938 4864 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:15:14.0938 4864 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:15:14.0938 4864 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:15:14.0970 4864 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:15:14.0985 4864 idsvc - ok
22:15:14.0985 4864 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
22:15:15.0001 4864 iirsp - ok
22:15:15.0032 4864 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
22:15:15.0063 4864 IKEEXT - ok
22:15:15.0157 4864 [ A1FA448078C94E4D011EBD241821FF9E ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
22:15:15.0188 4864 IntcAzAudAddService - ok
22:15:15.0188 4864 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
22:15:15.0204 4864 intelide - ok
22:15:15.0204 4864 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
22:15:15.0219 4864 intelppm - ok
22:15:15.0219 4864 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:15:15.0250 4864 IPBusEnum - ok
22:15:15.0250 4864 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:15:15.0282 4864 IpFilterDriver - ok
22:15:15.0313 4864 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
22:15:15.0328 4864 IPMIDRV - ok
22:15:15.0328 4864 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:15:15.0360 4864 IPNAT - ok
22:15:15.0360 4864 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
22:15:15.0375 4864 IRENUM - ok
22:15:15.0375 4864 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
22:15:15.0391 4864 isapnp - ok
22:15:15.0391 4864 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
22:15:15.0406 4864 iScsiPrt - ok
22:15:15.0438 4864 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
22:15:15.0453 4864 IviRegMgr - ok
22:15:15.0453 4864 [ 935301DD8306CEEAEF0B84DD6ABFFDC6 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
22:15:15.0469 4864 JMCR - ok
22:15:15.0469 4864 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
22:15:15.0469 4864 kbdclass - ok
22:15:15.0484 4864 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
22:15:15.0484 4864 kbdhid - ok
22:15:15.0484 4864 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
22:15:15.0500 4864 KeyIso - ok
22:15:15.0500 4864 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:15:15.0516 4864 KSecDD - ok
22:15:15.0516 4864 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:15:15.0531 4864 KSecPkg - ok
22:15:15.0531 4864 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
22:15:15.0562 4864 ksthunk - ok
22:15:15.0578 4864 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
22:15:15.0609 4864 KtmRm - ok
22:15:15.0625 4864 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
22:15:15.0656 4864 LanmanServer - ok
22:15:15.0656 4864 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:15:15.0687 4864 LanmanWorkstation - ok
22:15:15.0687 4864 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:15:15.0718 4864 lltdio - ok
22:15:15.0750 4864 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
22:15:15.0781 4864 lltdsvc - ok
22:15:15.0781 4864 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
22:15:15.0812 4864 lmhosts - ok
22:15:15.0843 4864 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:15:15.0859 4864 LMS - ok
22:15:15.0890 4864 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
22:15:15.0890 4864 LPCFilter - ok
22:15:15.0906 4864 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
22:15:15.0906 4864 LSI_FC - ok
22:15:15.0921 4864 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
22:15:15.0921 4864 LSI_SAS - ok
22:15:15.0937 4864 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
22:15:15.0937 4864 LSI_SAS2 - ok
22:15:15.0952 4864 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
22:15:15.0952 4864 LSI_SCSI - ok
22:15:15.0952 4864 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
22:15:15.0984 4864 luafv - ok
22:15:15.0999 4864 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:15:15.0999 4864 Mcx2Svc - ok
22:15:16.0030 4864 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
22:15:16.0030 4864 MDM - ok
22:15:16.0030 4864 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
22:15:16.0046 4864 megasas - ok
22:15:16.0062 4864 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
22:15:16.0077 4864 MegaSR - ok
22:15:16.0077 4864 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
22:15:16.0093 4864 MEIx64 - ok
22:15:16.0093 4864 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
22:15:16.0124 4864 MMCSS - ok
22:15:16.0124 4864 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
22:15:16.0155 4864 Modem - ok
22:15:16.0155 4864 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:15:16.0171 4864 monitor - ok
22:15:16.0171 4864 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:15:16.0171 4864 mouclass - ok
22:15:16.0186 4864 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:15:16.0186 4864 mouhid - ok
22:15:16.0202 4864 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:15:16.0202 4864 mountmgr - ok
22:15:16.0218 4864 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:15:16.0233 4864 MozillaMaintenance - ok
22:15:16.0233 4864 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
22:15:16.0249 4864 MpFilter - ok
22:15:16.0249 4864 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
22:15:16.0264 4864 mpio - ok
22:15:16.0264 4864 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:15:16.0296 4864 mpsdrv - ok
22:15:16.0311 4864 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:15:16.0311 4864 MRxDAV - ok
22:15:16.0327 4864 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:15:16.0342 4864 mrxsmb - ok
22:15:16.0358 4864 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:15:16.0374 4864 mrxsmb10 - ok
22:15:16.0374 4864 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:15:16.0389 4864 mrxsmb20 - ok
22:15:16.0389 4864 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
22:15:16.0389 4864 msahci - ok
22:15:16.0405 4864 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
22:15:16.0405 4864 msdsm - ok
22:15:16.0420 4864 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
22:15:16.0420 4864 MSDTC - ok
22:15:16.0436 4864 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
22:15:16.0452 4864 Msfs - ok
22:15:16.0467 4864 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:15:16.0483 4864 mshidkmdf - ok
22:15:16.0483 4864 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
22:15:16.0498 4864 msisadrv - ok
22:15:16.0498 4864 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:15:16.0530 4864 MSiSCSI - ok
22:15:16.0530 4864 msiserver - ok
22:15:16.0545 4864 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:15:16.0561 4864 MSKSSRV - ok
22:15:16.0576 4864 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:15:16.0592 4864 MSPCLOCK - ok
22:15:16.0608 4864 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:15:16.0639 4864 MSPQM - ok
22:15:16.0670 4864 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:15:16.0670 4864 MsRPC - ok
22:15:16.0686 4864 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
22:15:16.0686 4864 mssmbios - ok
22:15:16.0701 4864 MSSQL$ACT7 - ok
22:15:16.0701 4864 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:15:16.0717 4864 MSSQLServerADHelper100 - ok
22:15:16.0717 4864 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:15:16.0748 4864 MSTEE - ok
22:15:16.0764 4864 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
22:15:16.0764 4864 MTConfig - ok
22:15:16.0764 4864 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
22:15:16.0779 4864 Mup - ok
22:15:16.0810 4864 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
22:15:16.0842 4864 napagent - ok
22:15:16.0857 4864 NasPmService - ok
22:15:16.0873 4864 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:15:16.0888 4864 NativeWifiP - ok
22:15:16.0920 4864 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
22:15:16.0966 4864 NDIS - ok
22:15:16.0966 4864 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:15:16.0998 4864 NdisCap - ok
22:15:16.0998 4864 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:15:17.0029 4864 NdisTapi - ok
22:15:17.0029 4864 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:15:17.0060 4864 Ndisuio - ok
22:15:17.0060 4864 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:15:17.0091 4864 NdisWan - ok
22:15:17.0091 4864 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:15:17.0122 4864 NDProxy - ok
22:15:17.0122 4864 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:15:17.0154 4864 NetBIOS - ok
22:15:17.0169 4864 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:15:17.0185 4864 NetBT - ok
22:15:17.0200 4864 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
22:15:17.0200 4864 Netlogon - ok
22:15:17.0216 4864 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
22:15:17.0247 4864 Netman - ok
22:15:17.0263 4864 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
22:15:17.0294 4864 netprofm - ok
22:15:17.0310 4864 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:15:17.0310 4864 NetTcpPortSharing - ok
22:15:17.0325 4864 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
22:15:17.0325 4864 nfrd960 - ok
22:15:17.0341 4864 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
22:15:17.0356 4864 NisDrv - ok
22:15:17.0372 4864 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
22:15:17.0372 4864 NisSrv - ok
22:15:17.0403 4864 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
22:15:17.0434 4864 NlaSvc - ok
22:15:17.0434 4864 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:15:17.0466 4864 Npfs - ok
22:15:17.0466 4864 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
22:15:17.0497 4864 nsi - ok
22:15:17.0497 4864 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:15:17.0512 4864 nsiproxy - ok
22:15:17.0559 4864 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:15:17.0606 4864 Ntfs - ok
22:15:17.0622 4864 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
22:15:17.0637 4864 Null - ok
22:15:17.0653 4864 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
22:15:17.0653 4864 nusb3hub - ok
22:15:17.0668 4864 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
22:15:17.0668 4864 nusb3xhc - ok
22:15:17.0684 4864 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
22:15:17.0684 4864 NVHDA - ok
22:15:17.0902 4864 [ 24E1BF08E1FDDBE2398EE38F59274E75 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
22:15:18.0074 4864 nvlddmkm - ok
22:15:18.0074 4864 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
22:15:18.0090 4864 nvraid - ok
22:15:18.0090 4864 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
22:15:18.0105 4864 nvstor - ok
22:15:18.0105 4864 [ 6099EBAE6545719A601410CB25234746 ] NvStUSB C:\windows\system32\DRIVERS\nvstusb.sys
22:15:18.0121 4864 NvStUSB - ok
22:15:18.0152 4864 [ B2B419D2C55ED6ED560E662BBE7D29F3 ] NVSvc C:\windows\system32\nvvsvc.exe
22:15:18.0168 4864 NVSvc - ok
22:15:18.0168 4864 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
22:15:18.0183 4864 nv_agp - ok
22:15:18.0183 4864 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
22:15:18.0199 4864 ohci1394 - ok
22:15:18.0199 4864 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:15:18.0214 4864 ose - ok
22:15:18.0230 4864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:15:18.0246 4864 p2pimsvc - ok
22:15:18.0261 4864 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
22:15:18.0277 4864 p2psvc - ok
22:15:18.0277 4864 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
22:15:18.0292 4864 Parport - ok
22:15:18.0292 4864 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
22:15:18.0308 4864 partmgr - ok
22:15:18.0308 4864 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
22:15:18.0324 4864 PcaSvc - ok
22:15:18.0339 4864 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
22:15:18.0339 4864 PCCUJobMgr - ok
22:15:18.0355 4864 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
22:15:18.0370 4864 pci - ok
22:15:18.0386 4864 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
22:15:18.0386 4864 pciide - ok
22:15:18.0402 4864 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
22:15:18.0417 4864 pcmcia - ok
22:15:18.0417 4864 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
22:15:18.0417 4864 pcw - ok
22:15:18.0448 4864 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:15:18.0480 4864 PEAUTH - ok
22:15:18.0558 4864 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
22:15:18.0604 4864 PeerDistSvc - ok
22:15:18.0667 4864 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
22:15:18.0682 4864 PerfHost - ok
22:15:18.0698 4864 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
22:15:18.0714 4864 PGEffect - ok
22:15:18.0729 4864 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
22:15:18.0792 4864 pla - ok
22:15:18.0823 4864 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:15:18.0838 4864 PlugPlay - ok
22:15:18.0838 4864 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:15:18.0854 4864 PNRPAutoReg - ok
22:15:18.0854 4864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:15:18.0870 4864 PNRPsvc - ok
22:15:18.0885 4864 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:15:18.0916 4864 PolicyAgent - ok
22:15:18.0948 4864 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
22:15:18.0979 4864 Power - ok
22:15:19.0041 4864 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:15:19.0072 4864 PptpMiniport - ok
22:15:19.0072 4864 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
22:15:19.0088 4864 Processor - ok
22:15:19.0104 4864 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
22:15:19.0104 4864 ProfSvc - ok
22:15:19.0119 4864 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
22:15:19.0119 4864 ProtectedStorage - ok
22:15:19.0119 4864 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:15:19.0150 4864 Psched - ok
22:15:19.0197 4864 [ 7712267DBAD69820E0766B17D8F6543E ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
22:15:19.0197 4864 PSI_SVC_2 - ok
22:15:19.0244 4864 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
22:15:19.0275 4864 ql2300 - ok
22:15:19.0291 4864 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
22:15:19.0291 4864 ql40xx - ok
22:15:19.0306 4864 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
22:15:19.0322 4864 QWAVE - ok
22:15:19.0322 4864 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:15:19.0338 4864 QWAVEdrv - ok
22:15:19.0369 4864 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\windows\WindowsMobile\rapimgr.dll
22:15:19.0369 4864 RapiMgr - ok
22:15:19.0369 4864 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:15:19.0400 4864 RasAcd - ok
22:15:19.0416 4864 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:15:19.0431 4864 RasAgileVpn - ok
22:15:19.0447 4864 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
22:15:19.0462 4864 RasAuto - ok
22:15:19.0478 4864 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:15:19.0509 4864 Rasl2tp - ok
22:15:19.0525 4864 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
22:15:19.0556 4864 RasMan - ok
22:15:19.0556 4864 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:15:19.0587 4864 RasPppoe - ok
22:15:19.0587 4864 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:15:19.0618 4864 RasSstp - ok
22:15:19.0650 4864 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:15:19.0665 4864 rdbss - ok
22:15:19.0681 4864 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
22:15:19.0696 4864 rdpbus - ok
22:15:19.0696 4864 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:15:19.0728 4864 RDPCDD - ok
22:15:19.0728 4864 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
22:15:19.0743 4864 RDPDR - ok
22:15:19.0743 4864 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:15:19.0774 4864 RDPENCDD - ok
22:15:19.0774 4864 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:15:19.0806 4864 RDPREFMP - ok
22:15:19.0806 4864 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:15:19.0821 4864 RDPWD - ok
22:15:19.0837 4864 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:15:19.0852 4864 rdyboost - ok
22:15:19.0852 4864 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
22:15:19.0868 4864 regi - ok
22:15:19.0868 4864 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
22:15:19.0899 4864 RemoteAccess - ok
22:15:19.0899 4864 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
22:15:19.0930 4864 RemoteRegistry - ok
22:15:19.0930 4864 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
22:15:19.0962 4864 ROOTMODEM - ok
22:15:19.0962 4864 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:15:19.0993 4864 RpcEptMapper - ok
22:15:19.0993 4864 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
22:15:20.0008 4864 RpcLocator - ok
22:15:20.0040 4864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
22:15:20.0071 4864 RpcSs - ok
22:15:20.0071 4864 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:15:20.0102 4864 rspndr - ok
22:15:20.0133 4864 [ 39A719875F572241C585A629EE62EB14 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
22:15:20.0149 4864 RTL8167 - ok
22:15:20.0180 4864 [ 50BC0E3FF1C61FEA769949AB5355FD2A ] Sage ACT! Scheduler C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe
22:15:20.0196 4864 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - warning
22:15:20.0196 4864 Sage ACT! Scheduler - detected UnsignedFile.Multi.Generic (1)
22:15:20.0196 4864 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
22:15:20.0196 4864 SamSs - ok
22:15:20.0211 4864 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
22:15:20.0211 4864 sbp2port - ok
22:15:20.0227 4864 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
22:15:20.0258 4864 SCardSvr - ok
22:15:20.0258 4864 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:15:20.0274 4864 scfilter - ok
22:15:20.0320 4864 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
22:15:20.0352 4864 Schedule - ok
22:15:20.0352 4864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
22:15:20.0383 4864 SCPolicySvc - ok
22:15:20.0383 4864 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
22:15:20.0398 4864 sdbus - ok
22:15:20.0398 4864 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:15:20.0414 4864 SDRSVC - ok
22:15:20.0414 4864 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
22:15:20.0445 4864 secdrv - ok
22:15:20.0461 4864 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
22:15:20.0476 4864 seclogon - ok
22:15:20.0476 4864 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
22:15:20.0508 4864 SENS - ok
22:15:20.0508 4864 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:15:20.0523 4864 SensrSvc - ok
22:15:20.0523 4864 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\windows\System32\Drivers\Sentinel64.sys
22:15:20.0539 4864 Sentinel64 - ok
22:15:20.0554 4864 [ E80B91AEC007711B1EEC9C83487754E2 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
22:15:20.0570 4864 SentinelSecurityRuntime - ok
22:15:20.0570 4864 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
22:15:20.0570 4864 Serenum - ok
22:15:20.0601 4864 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
22:15:20.0601 4864 Serial - ok
22:15:20.0632 4864 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
22:15:20.0632 4864 sermouse - ok
22:15:20.0648 4864 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
22:15:20.0679 4864 SessionEnv - ok
22:15:20.0679 4864 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
22:15:20.0695 4864 sffdisk - ok
22:15:20.0695 4864 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
22:15:20.0710 4864 sffp_mmc - ok
22:15:20.0710 4864 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
22:15:20.0726 4864 sffp_sd - ok
22:15:20.0726 4864 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
22:15:20.0726 4864 sfloppy - ok
22:15:20.0757 4864 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:15:20.0788 4864 ShellHWDetection - ok
22:15:20.0788 4864 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
22:15:20.0788 4864 SiSRaid2 - ok
22:15:20.0804 4864 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
22:15:20.0804 4864 SiSRaid4 - ok
22:15:20.0804 4864 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:15:20.0835 4864 Smb - ok
22:15:20.0851 4864 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:15:20.0851 4864 SNMPTRAP - ok
22:15:20.0866 4864 [ 2D5576C01C8A34AA614870E745FE8F19 ] SNTUSB64 C:\windows\system32\DRIVERS\SNTUSB64.SYS
22:15:20.0866 4864 SNTUSB64 - ok
22:15:20.0866 4864 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
22:15:20.0882 4864 spldr - ok
22:15:20.0898 4864 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
22:15:20.0929 4864 Spooler - ok
22:15:20.0991 4864 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
22:15:21.0100 4864 sppsvc - ok
22:15:21.0100 4864 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
22:15:21.0132 4864 sppuinotify - ok
22:15:21.0163 4864 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$ACT7 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
22:15:21.0178 4864 SQLAgent$ACT7 - ok
22:15:21.0194 4864 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:15:21.0194 4864 SQLBrowser - ok
22:15:21.0210 4864 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:15:21.0210 4864 SQLWriter - ok
22:15:21.0225 4864 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
22:15:21.0241 4864 srv - ok
22:15:21.0272 4864 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:15:21.0272 4864 srv2 - ok
22:15:21.0288 4864 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:15:21.0288 4864 srvnet - ok
22:15:21.0303 4864 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:15:21.0334 4864 SSDPSRV - ok
22:15:21.0334 4864 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
22:15:21.0366 4864 SstpSvc - ok
22:15:21.0397 4864 [ C7C4B2E29B2E9F757929868278BE3235 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:15:21.0397 4864 Stereo Service - ok
22:15:21.0412 4864 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
22:15:21.0412 4864 stexstor - ok
22:15:21.0412 4864 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
22:15:21.0428 4864 StillCam - ok
22:15:21.0444 4864 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
22:15:21.0459 4864 stisvc - ok
22:15:21.0490 4864 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
22:15:21.0506 4864 StorSvc - ok
22:15:21.0506 4864 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
22:15:21.0506 4864 swenum - ok
22:15:21.0522 4864 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
22:15:21.0553 4864 swprv - ok
22:15:21.0600 4864 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
22:15:21.0615 4864 SynTP - ok
22:15:21.0678 4864 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
22:15:21.0709 4864 SysMain - ok
22:15:21.0709 4864 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
22:15:21.0724 4864 TabletInputService - ok
22:15:21.0740 4864 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
22:15:21.0771 4864 TapiSrv - ok
22:15:21.0771 4864 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
22:15:21.0802 4864 TBS - ok
22:15:21.0834 4864 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:15:21.0896 4864 Tcpip - ok
22:15:21.0927 4864 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:15:21.0958 4864 TCPIP6 - ok
22:15:21.0958 4864 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:15:21.0990 4864 tcpipreg - ok
22:15:22.0005 4864 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
22:15:22.0005 4864 tdcmdpst - ok
22:15:22.0005 4864 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
22:15:22.0021 4864 TDPIPE - ok
22:15:22.0021 4864 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
22:15:22.0036 4864 TDTCP - ok
22:15:22.0052 4864 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:15:22.0068 4864 tdx - ok
22:15:22.0083 4864 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
22:15:22.0083 4864 TermDD - ok
22:15:22.0130 4864 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
22:15:22.0161 4864 TermService - ok
22:15:22.0177 4864 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
22:15:22.0177 4864 Themes - ok
22:15:22.0208 4864 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
22:15:22.0208 4864 Thpdrv - ok
22:15:22.0224 4864 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
22:15:22.0224 4864 Thpevm - ok
22:15:22.0255 4864 [ 9B032A63A0553A2D872815C64A0288BE ] Thpsrv C:\windows\system32\ThpSrv.exe
22:15:22.0255 4864 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
22:15:22.0255 4864 Thpsrv - detected UnsignedFile.Multi.Generic (1)
22:15:22.0270 4864 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
22:15:22.0286 4864 THREADORDER - ok
22:15:22.0317 4864 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:15:22.0317 4864 TMachInfo - ok
22:15:22.0333 4864 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
22:15:22.0333 4864 TODDSrv - ok
22:15:22.0364 4864 [ 63B379F8885CB1C557771BB8B16162E3 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
22:15:22.0395 4864 TosCoSrv ( UnsignedFile.Multi.Generic ) - warning
22:15:22.0395 4864 TosCoSrv - detected UnsignedFile.Multi.Generic (1)
22:15:22.0411 4864 [ 8F099BE5DB17D025E19652851399B9F1 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
22:15:22.0411 4864 TOSHIBA Bluetooth Service - ok
22:15:22.0442 4864 [ 2ECC833EA37CECE0052D4D9ADC184177 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
22:15:22.0458 4864 TOSHIBA eco Utility Service - ok
22:15:22.0458 4864 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
22:15:22.0473 4864 TOSHIBA HDD SSD Alert Service - ok
22:15:22.0473 4864 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
22:15:22.0473 4864 tosporte - ok
22:15:22.0489 4864 [ 09CF82C0068C7CFF7E2B3797BE7F5CC2 ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
22:15:22.0504 4864 tosrfbd - ok
22:15:22.0504 4864 [ 90F0B1745ABF13F44C2A6ED79F7CE9FB ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
22:15:22.0520 4864 tosrfbnp - ok
22:15:22.0520 4864 [ 9E4E65EA51E34647340BD6007467AC54 ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
22:15:22.0520 4864 Tosrfcom - ok
22:15:22.0536 4864 [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec C:\windows\system32\DRIVERS\tosrfec.sys
22:15:22.0536 4864 tosrfec - ok
22:15:22.0536 4864 [ 7D2467D3EB9BAA4B69AE4A28C83DE57A ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
22:15:22.0551 4864 Tosrfhid - ok
22:15:22.0551 4864 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
22:15:22.0551 4864 tosrfnds - ok
22:15:22.0567 4864 [ 7052B10E54B48AF12BD5606596A8E039 ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
22:15:22.0567 4864 TosRfSnd - ok
22:15:22.0582 4864 [ 7A0048693F98460FF537BE31C741B927 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
22:15:22.0582 4864 Tosrfusb - ok
22:15:22.0598 4864 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
22:15:22.0614 4864 tos_sps64 - ok
22:15:22.0629 4864 [ 9F8410CCC72B3470C96DA415BE0CF423 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
22:15:22.0660 4864 TPCHSrv - ok
22:15:22.0660 4864 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
22:15:22.0692 4864 TrkWks - ok
22:15:22.0692 4864 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:15:22.0723 4864 TrustedInstaller - ok
22:15:22.0723 4864 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
22:15:22.0754 4864 tssecsrv - ok
22:15:22.0754 4864 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
22:15:22.0770 4864 TsUsbFlt - ok
22:15:22.0770 4864 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
22:15:22.0801 4864 TsUsbGD - ok
22:15:22.0801 4864 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:15:22.0832 4864 tunnel - ok
22:15:22.0863 4864 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
22:15:22.0863 4864 TVALZ - ok
22:15:22.0879 4864 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
22:15:22.0879 4864 TVALZFL - ok
22:15:22.0879 4864 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
22:15:22.0894 4864 uagp35 - ok
22:15:22.0910 4864 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:15:22.0941 4864 udfs - ok
22:15:22.0941 4864 [ D2B2AB4235B360A9CCAE8E891350A474 ] UDSS c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
22:15:22.0957 4864 UDSS - ok
22:15:22.0957 4864 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
22:15:22.0972 4864 UI0Detect - ok
22:15:22.0972 4864 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
22:15:22.0988 4864 uliagpkx - ok
22:15:22.0988 4864 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
22:15:23.0004 4864 umbus - ok
22:15:23.0004 4864 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
22:15:23.0004 4864 UmPass - ok
22:15:23.0035 4864 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
22:15:23.0050 4864 UmRdpService - ok
22:15:23.0113 4864 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:15:23.0175 4864 UNS - ok
22:15:23.0191 4864 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
22:15:23.0222 4864 upnphost - ok
22:15:23.0238 4864 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
22:15:23.0238 4864 usbccgp - ok
22:15:23.0253 4864 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
22:15:23.0269 4864 usbcir - ok
22:15:23.0269 4864 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
22:15:23.0284 4864 usbehci - ok
22:15:23.0300 4864 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
22:15:23.0316 4864 usbhub - ok
22:15:23.0316 4864 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
22:15:23.0316 4864 usbohci - ok
22:15:23.0331 4864 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
22:15:23.0347 4864 usbprint - ok
22:15:23.0347 4864 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
22:15:23.0362 4864 USBSTOR - ok
22:15:23.0362 4864 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
22:15:23.0362 4864 usbuhci - ok
22:15:23.0378 4864 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
22:15:23.0378 4864 usbvideo - ok
22:15:23.0394 4864 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\windows\system32\DRIVERS\usb8023x.sys
22:15:23.0394 4864 usb_rndisx - ok
22:15:23.0409 4864 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
22:15:23.0425 4864 UxSms - ok
22:15:23.0440 4864 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
22:15:23.0440 4864 VaultSvc - ok
22:15:23.0456 4864 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
22:15:23.0472 4864 vdrvroot - ok
22:15:23.0487 4864 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
22:15:23.0534 4864 vds - ok
22:15:23.0534 4864 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
22:15:23.0550 4864 vga - ok
22:15:23.0550 4864 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
22:15:23.0581 4864 VgaSave - ok
22:15:23.0581 4864 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
22:15:23.0596 4864 vhdmp - ok
22:15:23.0596 4864 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
22:15:23.0612 4864 viaide - ok
22:15:23.0612 4864 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
22:15:23.0628 4864 volmgr - ok
22:15:23.0643 4864 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:15:23.0659 4864 volmgrx - ok
22:15:23.0659 4864 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
22:15:23.0674 4864 volsnap - ok
22:15:23.0690 4864 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
22:15:23.0706 4864 vsmraid - ok
22:15:23.0737 4864 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
22:15:23.0799 4864 VSS - ok
22:15:23.0799 4864 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
22:15:23.0815 4864 vwifibus - ok
22:15:23.0815 4864 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:15:23.0830 4864 vwififlt - ok
22:15:23.0830 4864 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
22:15:23.0846 4864 vwifimp - ok
22:15:23.0862 4864 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
22:15:23.0893 4864 W32Time - ok
22:15:23.0908 4864 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
22:15:23.0924 4864 WacomPen - ok
22:15:23.0924 4864 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
22:15:23.0955 4864 WANARP - ok
22:15:23.0955 4864 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
22:15:23.0971 4864 Wanarpv6 - ok
22:15:24.0064 4864 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
22:15:24.0111 4864 WatAdminSvc - ok
22:15:24.0142 4864 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
22:15:24.0189 4864 wbengine - ok
22:15:24.0189 4864 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
22:15:24.0205 4864 WbioSrvc - ok
22:15:24.0252 4864 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\windows\WindowsMobile\wcescomm.dll
22:15:24.0267 4864 WcesComm - ok
22:15:24.0267 4864 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
22:15:24.0298 4864 wcncsvc - ok
22:15:24.0298 4864 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:15:24.0314 4864 WcsPlugInService - ok
22:15:24.0314 4864 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
22:15:24.0314 4864 Wd - ok
22:15:24.0361 4864 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
22:15:24.0376 4864 Wdf01000 - ok
22:15:24.0376 4864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
22:15:24.0439 4864 WdiServiceHost - ok
22:15:24.0439 4864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
22:15:24.0454 4864 WdiSystemHost - ok
22:15:24.0454 4864 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
22:15:24.0470 4864 WebClient - ok
22:15:24.0486 4864 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
22:15:24.0517 4864 Wecsvc - ok
22:15:24.0532 4864 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
22:15:24.0548 4864 wercplsupport - ok
22:15:24.0564 4864 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
22:15:24.0595 4864 WerSvc - ok
22:15:24.0595 4864 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
22:15:24.0626 4864 WfpLwf - ok
22:15:24.0626 4864 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
22:15:24.0626 4864 WIMMount - ok
22:15:24.0642 4864 WinHttpAutoProxySvc - ok
22:15:24.0657 4864 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
22:15:24.0688 4864 Winmgmt - ok
22:15:24.0751 4864 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
22:15:24.0829 4864 WinRM - ok
22:15:24.0876 4864 [ FE88B288356E7B47B74B13372ADD906D ] winusb C:\windows\system32\DRIVERS\winusb.sys
22:15:24.0891 4864 winusb - ok
22:15:24.0922 4864 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
22:15:24.0954 4864 Wlansvc - ok
22:15:24.0969 4864 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:15:24.0969 4864 wlcrasvc - ok
22:15:25.0047 4864 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:15:25.0078 4864 wlidsvc - ok
22:15:25.0078 4864 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
22:15:25.0094 4864 WmiAcpi - ok
22:15:25.0110 4864 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
22:15:25.0110 4864 wmiApSrv - ok
22:15:25.0125 4864 WMPNetworkSvc - ok
22:15:25.0141 4864 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
22:15:25.0141 4864 WMZuneComm - ok
22:15:25.0156 4864 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
22:15:25.0172 4864 WPCSvc - ok
22:15:25.0172 4864 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
22:15:25.0188 4864 WPDBusEnum - ok
22:15:25.0188 4864 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
22:15:25.0219 4864 ws2ifsl - ok
22:15:25.0219 4864 WSearch - ok
22:15:25.0219 4864 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
22:15:25.0250 4864 WudfPf - ok
22:15:25.0250 4864 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
22:15:25.0281 4864 WUDFRd - ok
22:15:25.0281 4864 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
22:15:25.0312 4864 wudfsvc - ok
22:15:25.0312 4864 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
22:15:25.0328 4864 WwanSvc - ok
22:15:25.0484 4864 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
22:15:25.0656 4864 ZuneNetworkSvc - ok
22:15:25.0687 4864 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
22:15:25.0702 4864 ZuneWlanCfgSvc - ok
22:15:25.0702 4864 ================ Scan global ===============================
22:15:25.0718 4864 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
22:15:25.0718 4864 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
22:15:25.0718 4864 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
22:15:25.0734 4864 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
22:15:25.0734 4864 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
22:15:25.0749 4864 [Global] - ok
22:15:25.0749 4864 ================ Scan MBR ==================================
22:15:25.0749 4864 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
22:15:26.0982 4864 \Device\Harddisk0\DR0 - ok
22:15:27.0528 4864 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
22:15:28.0261 4864 \Device\Harddisk1\DR1 - ok
22:15:28.0261 4864 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
22:15:30.0133 4864 \Device\Harddisk2\DR2 - ok
22:15:30.0133 4864 ================ Scan VBR ==================================
22:15:30.0133 4864 [ 28DCF8208E1A6185114F40292BEA3DAF ] \Device\Harddisk0\DR0\Partition1
22:15:30.0133 4864 \Device\Harddisk0\DR0\Partition1 - ok
22:15:30.0164 4864 [ D2BFF469E7347C10C7D873494137D024 ] \Device\Harddisk1\DR1\Partition1
22:15:30.0164 4864 \Device\Harddisk1\DR1\Partition1 - ok
22:15:30.0164 4864 [ 2325B33262288510BD8CD4FDCDDB2814 ] \Device\Harddisk2\DR2\Partition1
22:15:30.0164 4864 \Device\Harddisk2\DR2\Partition1 - ok
22:15:30.0164 4864 ============================================================
22:15:30.0164 4864 Scan finished
22:15:30.0164 4864 ============================================================
22:15:30.0180 4712 Detected object count: 5
22:15:30.0180 4712 Actual detected object count: 5
22:15:40.0086 4712 ActService ( UnsignedFile.Multi.Generic ) - skipped by user
22:15:40.0086 4712 ActService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:15:40.0086 4712 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:15:40.0086 4712 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:15:40.0086 4712 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
22:15:40.0086 4712 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:15:40.0086 4712 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:15:40.0086 4712 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:15:40.0086 4712 TosCoSrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:15:40.0086 4712 TosCoSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

Should I move to the next step?

Thank you,

Anthony

#12
AnthonyOhio

Posted 29 August 2012 - 08:30 PM

Member

Topic Starter
Member
39 posts

Thank you.

Here is the Farbar scan:

Scan result of Farbar Recovery Scan Tool Version: 29-08-2012 03
Ran by SYSTEM at 29-08-2012 22:27:28
Running from G:\
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11831400 2011-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3 [2209896 2011-04-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] %ProgramFiles%\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2011-03-10] (TOSHIBA Corporation.)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [TOSHIBA Face Recognition] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2011-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [x]
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [532480 2010-11-09] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [x]
HKLM-x32\...\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [x]
HKLM-x32\...\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED [3218792 2010-08-17] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Act.Outlook.Service] "C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe" [18432 2011-11-15] (Sage Software, Inc.)
HKLM-x32\...\Run: [Act! Preloader] "C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe" -preload [337224 2011-11-15] (Sage Software, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Startup: C:\Users\A\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\A\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Sage ACT! Integration.lnk
ShortcutTarget: Sage ACT! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Sage.ACT.Integration.exe (Sage Software, Inc)

==================== Services (Whitelisted) ======

2 ActService; "C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe" [18432 2011-11-15] (Microsoft)
2 MSSQL$ACT7; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe" -sACT7 [42884448 2010-05-05] (Microsoft Corporation)
2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 [251256 2011-03-26] (BUFFALO INC.)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\diMaster.dll" /prefetch:1 [132984 2011-02-03] (Symantec Corporation)
2 PSI_SVC_2; "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [251832 2010-12-02] (arvato digital services llc)
2 Sage ACT! Scheduler; "C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe" [81920 2011-11-15] (Sage Software, Inc.)
2 SentinelSecurityRuntime; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe" [292128 2009-09-16] (SafeNet, Inc.)
4 SQLAgent$ACT7; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE" -i ACT7 [367456 2010-05-05] (Microsoft Corporation)
2 UDSS; "C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe" [30064 2011-03-11] ()

==================== Drivers (Whitelisted) ===================

3 NvStUSB; C:\Windows\System32\Drivers\NvStUSB.sys [122472 2011-03-27] ()
2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
3 SNTUSB64; C:\Windows\System32\Drivers\SNTUSB64.sys [58792 2009-09-17] (SafeNet, Inc.)

==================== NetSvcs (Whitelisted) =================

==================== One Month Created Files and Folders ======================

2012-08-29 22:27 - 2012-08-29 22:27 - 00000000 ____D C:\FRST
2012-08-29 18:12 - 2012-08-29 18:12 - 00000000 ____D C:\TDSSKiller_Quarantine
2012-08-29 06:28 - 2012-08-29 06:28 - 00021261 ____A C:\Users\A\Documents\Longboard instructions.odt
2012-08-29 04:58 - 2012-08-29 04:58 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\A\Downloads\tdsskiller.exe
2012-08-29 04:54 - 2012-08-29 04:54 - 04731392 ____A (AVAST Software) C:\Users\A\Downloads\aswMBR.exe
2012-08-28 06:20 - 2012-08-28 06:20 - 00000000 ____D C:\Users\A\AppData\Local\{AE2A952C-3585-4DDF-B231-28FBF95CBFB9}
2012-08-27 19:31 - 2012-08-27 19:46 - 93654616 ____A C:\Users\A\Downloads\avast_free_antivirus_setup.exe
2012-08-27 15:26 - 2012-08-27 15:26 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.69392835565CCA1A
2012-08-27 15:22 - 2012-08-27 15:22 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1EECBA2799552935
2012-08-27 15:13 - 2012-08-27 15:13 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.9E29FCA1DC23C527
2012-08-27 15:10 - 2012-08-27 15:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.6BBE8A9D50016F6C
2012-08-27 14:58 - 2012-08-27 14:58 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1D20D55258697088
2012-08-27 14:54 - 2012-08-27 14:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.D2572B6840421C42
2012-08-27 14:51 - 2012-08-27 14:51 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.0B553932B6A5B2D8
2012-08-27 14:39 - 2012-08-27 14:39 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.18A4B8C3421E4888
2012-08-27 14:36 - 2012-08-27 14:36 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.9A262E1D8E227D5D
2012-08-27 14:26 - 2012-08-27 14:26 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.BB3F9B495DFB2ABC
2012-08-27 14:23 - 2012-08-27 14:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.82F482C2A89FA5B4
2012-08-27 14:17 - 2012-08-27 14:17 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7DDC24E20A9F023C
2012-08-27 14:14 - 2012-08-27 14:14 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.F1B5ED1E93CA0949
2012-08-27 13:13 - 2012-08-27 13:13 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.0299C3CA1BBE3CDC
2012-08-27 12:54 - 2012-08-27 12:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.9360E5CC7ED5733F
2012-08-27 12:51 - 2012-08-27 12:51 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1F45FBBDFC8374F7
2012-08-27 12:23 - 2012-08-27 12:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.52345588DE7A9EFE
2012-08-27 12:20 - 2012-08-27 12:20 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.28AEC47ADB4C8F4D
2012-08-27 12:11 - 2012-08-27 12:11 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.DA2054E67E3D7D7F
2012-08-27 12:08 - 2012-08-27 12:08 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.92E62C29B9380C15
2012-08-27 12:02 - 2012-08-27 12:02 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A462F3A0FABE2EAC
2012-08-20 07:05 - 2012-08-20 07:05 - 00000000 ____D C:\Users\A\AppData\Local\{7CA147FB-B26F-4750-9439-D249947B6F10}
2012-08-15 07:51 - 2012-08-15 07:51 - 00000728 ____A C:\Users\A\Desktop\Longboard facts.txt

==================== 3 Months Modified Files ================================

2012-08-29 18:21 - 2009-07-13 20:45 - 00030288 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-29 18:21 - 2009-07-13 20:45 - 00030288 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-29 18:18 - 2009-07-13 21:13 - 00822470 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-29 18:14 - 2012-07-03 00:55 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-29 18:13 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-29 18:13 - 2009-07-13 20:51 - 00070053 ____A C:\Windows\setupact.log
2012-08-29 18:13 - 2009-07-13 15:19 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2012-08-29 18:11 - 2012-07-03 00:55 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-29 11:56 - 2010-11-20 19:47 - 00280016 ____A C:\Windows\PFRO.log
2012-08-29 06:28 - 2012-08-29 06:28 - 00021261 ____A C:\Users\A\Documents\Longboard instructions.odt
2012-08-29 04:58 - 2012-08-29 04:58 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\A\Downloads\tdsskiller.exe
2012-08-29 04:54 - 2012-08-29 04:54 - 04731392 ____A (AVAST Software) C:\Users\A\Downloads\aswMBR.exe
2012-08-27 19:46 - 2012-08-27 19:31 - 93654616 ____A C:\Users\A\Downloads\avast_free_antivirus_setup.exe
2012-08-27 15:26 - 2012-08-27 15:26 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.69392835565CCA1A
2012-08-27 15:22 - 2012-08-27 15:22 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1EECBA2799552935
2012-08-27 15:13 - 2012-08-27 15:13 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.9E29FCA1DC23C527
2012-08-27 15:10 - 2012-08-27 15:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.6BBE8A9D50016F6C
2012-08-27 14:58 - 2012-08-27 14:58 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1D20D55258697088
2012-08-27 14:54 - 2012-08-27 14:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.D2572B6840421C42
2012-08-27 14:51 - 2012-08-27 14:51 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.0B553932B6A5B2D8
2012-08-27 14:39 - 2012-08-27 14:39 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.18A4B8C3421E4888
2012-08-27 14:36 - 2012-08-27 14:36 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.9A262E1D8E227D5D
2012-08-27 14:26 - 2012-08-27 14:26 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.BB3F9B495DFB2ABC
2012-08-27 14:23 - 2012-08-27 14:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.82F482C2A89FA5B4
2012-08-27 14:17 - 2012-08-27 14:17 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7DDC24E20A9F023C
2012-08-27 14:14 - 2012-08-27 14:14 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.F1B5ED1E93CA0949
2012-08-27 13:13 - 2012-08-27 13:13 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.0299C3CA1BBE3CDC
2012-08-27 12:54 - 2012-08-27 12:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.9360E5CC7ED5733F
2012-08-27 12:51 - 2012-08-27 12:51 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1F45FBBDFC8374F7
2012-08-27 12:23 - 2012-08-27 12:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.52345588DE7A9EFE
2012-08-27 12:20 - 2012-08-27 12:20 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.28AEC47ADB4C8F4D
2012-08-27 12:11 - 2012-08-27 12:11 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.DA2054E67E3D7D7F
2012-08-27 12:08 - 2012-08-27 12:08 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.92E62C29B9380C15
2012-08-27 12:02 - 2012-08-27 12:02 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A462F3A0FABE2EAC
2012-08-15 07:51 - 2012-08-15 07:51 - 00000728 ____A C:\Users\A\Desktop\Longboard facts.txt
2012-08-01 05:12 - 2009-07-13 21:08 - 00032614 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-24 09:34 - 2012-04-06 05:11 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-24 09:34 - 2012-02-28 05:45 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-23 06:50 - 2011-06-21 02:19 - 01647947 ____A C:\Windows\WindowsUpdate.log
2012-07-12 06:40 - 2009-07-13 20:45 - 00465176 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-11 13:15 - 2011-11-23 05:51 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-11 13:14 - 2009-07-13 18:34 - 00000499 ____A C:\Windows\win.ini
2012-07-03 05:32 - 2012-07-03 05:32 - 00036394 ____A C:\Users\A\AppData\Roaming\Comma Separated Values (Windows).ADR
2012-07-03 05:29 - 2012-07-03 05:29 - 00036944 ____A C:\Users\A\Downloads\WLMContacts.csv
2012-07-03 01:34 - 2012-07-03 01:34 - 00000053 ____A C:\Users\A\Downloads\google95d32e95bae290bd.html
2012-07-02 19:00 - 2012-07-02 18:59 - 01165008 ____A C:\Users\A\Downloads\googlecalendarsync_installer.exe
2012-07-02 17:15 - 2012-07-02 17:14 - 03326176 ____A (Microsoft Corporation) C:\Users\A\Downloads\OutlookConnector.exe
2012-07-02 14:39 - 2012-07-02 14:39 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2012-07-02 14:39 - 2012-07-02 14:39 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_winusb_01009.Wdf
2012-06-14 10:36 - 2012-06-14 10:36 - 00000022 ____A C:\Users\A\Downloads\Hotmail.zip
2012-06-11 19:08 - 2012-07-11 13:17 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 21:43 - 2012-07-11 12:11 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-11 12:11 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-11 12:11 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-11 12:11 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-11 12:10 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-11 12:11 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-11 12:11 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-11 12:11 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-06-27 08:51 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-27 08:51 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-27 08:51 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-27 08:51 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-27 08:51 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-27 08:51 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-27 08:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-27 08:51 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-27 08:51 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 04:49 - 2012-07-11 13:15 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-11 13:15 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-11 13:15 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-11 13:15 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:05 - 2012-07-11 13:15 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:04 - 2012-07-11 13:15 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-11 13:15 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-11 13:15 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-11 13:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-11 13:15 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-11 13:15 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-11 13:15 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-11 13:15 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-11 13:15 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-11 13:15 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-11 13:15 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-11 13:15 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-11 13:15 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-11 13:15 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-11 13:15 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-11 13:15 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-11 13:15 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-11 13:15 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-11 13:15 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-11 13:15 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-11 13:15 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-11 13:15 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-11 13:15 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-11 12:11 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-11 12:11 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-11 12:11 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-11 12:11 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-11 12:11 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-11 12:11 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-11 12:11 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-11 12:11 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-11 12:11 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

ZeroAccess:
C:\Windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}
C:\Windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\U

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-07-23 07:13:48
Restore point made on: 2012-07-30 06:04:29
Restore point made on: 2012-08-06 11:23:53
Restore point made on: 2012-08-13 07:05:03
Restore point made on: 2012-08-20 05:00:17
Restore point made on: 2012-08-27 06:17:08
Restore point made on: 2012-08-27 16:15:10
Restore point made on: 2012-08-27 19:15:37

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8168.69 MB
Available physical RAM: 7320.89 MB
Total Pagefile: 8166.89 MB
Available Pagefile: 7301.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions ============================

1 Drive c: (TI106169W0D) (Fixed) (Total:450.21 GB) (Free:339.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (ANTHONY_PNY) (Removable) (Total:7.59 GB) (Free:7.54 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: () (Fixed) (Total:698.63 GB) (Free:33.07 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 1024 KB
Disk 1 Online 465 GB 0 B
Disk 2 Online 7788 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 0 Extended 698 GB 1024 KB
Partition 1 Logical 698 GB 2048 KB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y NTFS Partition 698 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 450 GB 1501 MB
Partition 3 Primary 14 GB 451 GB

==================================================================================

Disk: 1
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E System NTFS Partition 1500 MB Healthy Hidden

==================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C TI106169W0D NTFS Partition 450 GB Healthy

==================================================================================

Disk: 1
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

==================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7782 MB 5820 KB

==================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G ANTHONY_PNY FAT32 Removable 7782 MB Healthy

==================================================================================

Last Boot: 2012-08-27 06:54

==================== End Of Log =============================

#13
WhiteHat

Posted 30 August 2012 - 02:43 PM

Trusted Helper

Retired Staff
1,925 posts

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
Right-click in the open notepad and select Paste.
Save it on the flashdrive as fixlist.txt

C:\Windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemOn Vista or Windows 7

Now please enter System Recovery Options and select Command prompt
Posted Image

Run FRST and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply.

#14
AnthonyOhio

Posted 30 August 2012 - 03:40 PM

Member

Topic Starter
Member
39 posts

Thank You, WhiteHat.
The results are below:

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 29-08-2012 03
Ran by SYSTEM at 2012-08-30 17:37:26 Run:1
Running from G:\

==============================================

C:\Windows\Installer\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e} moved successfully.

==== End of Fixlog ====