Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"Trojan.Zer​oaccess!in​f! infection". [Sol


  • This topic is locked This topic is locked

#1
debo79

debo79

    New Member

  • Member
  • Pip
  • 9 posts
I have the Trojanaccessinf! virus and I would like some help getting rid of it.

Edited by debo79, 19 September 2012 - 05:50 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there lets have a look to see where it is hiding

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
thanks i'll try this
  • 0

#4
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
The OTL only generated one txt file which I attached.Attached File  OTL.Txt   166.36KB   33 downloads

OTL logfile created on: 9/20/2012 9:55:06 PM - Run 3
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\TVG\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 73.68% Memory free
7.49 Gb Paging File | 6.76 Gb Available in Paging File | 90.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.70 Gb Total Space | 209.51 Gb Free Space | 72.82% Space Free | Partition Type: NTFS
Drive E: | 7.46 Gb Total Space | 3.36 Gb Free Space | 44.99% Space Free | Partition Type: FAT32

Computer Name: TVG-PC | User Name: TVG | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/16 00:06:22 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\TVG\Desktop\OTL.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/07/25 19:30:43 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/09/17 15:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/09/14 00:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009/09/14 00:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009/08/27 15:38:22 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/08/21 11:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/04 13:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/07/30 01:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/07 11:38:24 | 000,065,904 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\rselect\RSelSvc.exe -- (RSELSVC)
SRV:64bit: - [2009/03/27 20:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/07/26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/03 23:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/07/25 19:28:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 13:28:00 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/10 21:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/08/21 21:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2011/08/21 21:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/08/03 23:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/12 15:56:13 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/04/29 00:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/26 17:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010/04/21 21:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/21 21:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009/08/29 19:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 19:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/30 14:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/24 17:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/21 16:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/20 19:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/02 16:55:38 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/23 00:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/05 02:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Stopped] -- C:\windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2012/09/15 11:10:52 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\ex64.sys -- (NAVEX15)
DRV - [2012/09/15 11:10:52 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\eng64.sys -- (NAVENG)
DRV - [2012/09/14 08:41:34 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120914.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/09 12:27:18 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 12:27:18 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/07/11 01:00:46 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120803.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Stopped] -- C:\windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E4C3FC50-81A3-4237-A52A-83B1C05879E6}
IE:64bit: - HKLM\..\SearchScopes\{E4C3FC50-81A3-4237-A52A-83B1C05879E6}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\..\SearchScopes,DefaultScope = {345D233A-5623-436C-AEC2-AD1EB2D5D80C}
IE - HKLM\..\SearchScopes\{345D233A-5623-436C-AEC2-AD1EB2D5D80C}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA


IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {345D233A-5623-436C-AEC2-AD1EB2D5D80C}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {345D233A-5623-436C-AEC2-AD1EB2D5D80C}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.2\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes,DefaultScope = {6AC5BA8C-5269-4E02-A1C7-0AF2BCE8DBA1}
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{000B4DCD-F699-4557-8582-A569BBD0B455}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{04904862-6FE2-4C99-B1A6-5A612F8DAD1E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{345D233A-5623-436C-AEC2-AD1EB2D5D80C}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{497FA234-16E4-4ACF-9701-6B2A4B70A66E}: "URL" = http://www.google.co...TSNA_en___US388
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{59F66055-C68F-466F-BC90-8AC58AEB1637}: "URL" = http://www.careerbui...r&ipath=osrchbr
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{656B1B8A-2A81-492C-B686-06C60A386C87}: "URL" = http://www.hulu.com/...chTerms}&ref=os
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{6AC5BA8C-5269-4E02-A1C7-0AF2BCE8DBA1}: "URL" = http://www.google.co...NA_enUS388US388
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{C702CA6C-62C1-43B8-889A-89B386D12A60}: "URL" = http://www.facebook....q={searchTerms}
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\SearchScopes\{CCCCDACF-1039-4963-970A-FF6F875B6A31}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
IE - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2010.9.0.6
FF - prefs.js..extensions.enabledItems: {C3949AC2-4B17-43ee-B4F1-D26B9D42404D}:15.0.5
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011/07/19 18:34:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2012/09/15 23:59:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/15 10:59:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/15 10:59:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/02 16:15:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/02 16:16:06 | 000,000,000 | ---D | M]

[2012/05/03 21:43:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TVG\AppData\Roaming\mozilla\Extensions
[2012/05/03 21:43:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TVG\AppData\Roaming\mozilla\Firefox\Profiles\2l9ev7te.default\extensions
[2011/01/28 13:17:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/15 23:59:10 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\COFFPLGN_2010_9_0_6
[2011/07/19 18:34:03 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN
[2012/09/15 10:59:53 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/07/02 16:15:16 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U14 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Ask Toolbar = C:\Users\TVG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaandgknhidclennijgnchhaiefkmch\7.15.1.0_0\
CHR - Extension: YouTube = C:\Users\TVG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\TVG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\TVG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\TVG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/28 15:08:32 | 000,000,019 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.2\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1054761977-1931963178-3629848000-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (LSI Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe File not found
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe File not found
O4 - HKU\.DEFAULT..\Run: [edeebebecdefddct] "C:\ProgramData\edeebebecdefddct.exe" File not found
O4 - HKU\.DEFAULT..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
O4 - HKU\S-1-5-18..\Run: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe File not found
O4 - HKU\S-1-5-18..\Run: [edeebebecdefddct] "C:\ProgramData\edeebebecdefddct.exe" File not found
O4 - HKU\S-1-5-18..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\TD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{114CAE6B-B0E1-4F3C-8D03-DE2C9928B2D9}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{90901beb-a7ca-11df-a7e6-705ab6c4b1b4}\Shell - "" = AutoRun
O33 - MountPoints2\{90901beb-a7ca-11df-a7e6-705ab6c4b1b4}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{aa5988b4-59d6-11df-905e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{aa5988b4-59d6-11df-905e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\CTRun\Start.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative64)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2012/09/20 21:52:09 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\TVG\Desktop\aswMBR.exe
[2012/09/20 21:52:09 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\TVG\Desktop\OTL.exe
[2012/09/15 17:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/15 17:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/09/15 17:35:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/15 14:21:41 | 000,000,000 | ---D | C] -- C:\Users\TVG\AppData\Roaming\Tific
[2012/09/15 14:21:37 | 000,000,000 | ---D | C] -- C:\Users\TVG\AppData\Local\Symantec
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/20 19:43:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/20 19:43:30 | 3018,596,352 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/20 19:39:10 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\TVG\Desktop\aswMBR.exe
[2012/09/16 08:40:19 | 000,783,220 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/09/16 08:40:19 | 000,663,238 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/09/16 08:40:19 | 000,122,106 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/09/16 07:36:39 | 517,639,083 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/09/16 00:06:22 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\TVG\Desktop\OTL.exe
[2012/09/16 00:02:15 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/15 23:59:39 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/15 23:19:47 | 000,016,304 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/15 23:19:47 | 000,016,304 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/15 22:20:44 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At43.job
[2012/09/15 20:45:01 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At41.job
[2012/09/15 19:45:01 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At39.job
[2012/09/15 18:45:01 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At37.job
[2012/09/15 18:28:44 | 003,032,664 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/09/15 17:51:18 | 000,000,208 | ---- | M] () -- C:\windows\SysNative\MRT.INI
[2012/09/15 17:45:10 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At35.job
[2012/09/15 17:41:16 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/15 17:04:26 | 000,002,355 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/09/15 16:45:02 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At33.job
[2012/09/15 15:45:16 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At31.job
[2012/09/15 14:45:12 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At29.job
[2012/09/15 11:45:05 | 000,000,344 | ---- | M] () -- C:\windows\tasks\At23.job
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/16 07:37:25 | 000,091,136 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected]
[2012/09/16 07:37:25 | 000,077,824 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected]
[2012/09/16 07:37:24 | 000,002,048 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected]
[2012/09/16 07:37:24 | 000,001,632 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected]
[2012/09/15 23:29:51 | 000,232,960 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected]
[2012/09/15 23:29:50 | 000,000,804 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\L\[email protected]
[2012/09/15 23:29:49 | 000,016,896 | ---- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected]
[2012/09/15 17:41:16 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/16 14:07:35 | 000,000,769 | ---- | C] () -- C:\ProgramData\SMRBackup300.dat
[2012/04/01 07:41:19 | 000,000,112 | ---- | C] () -- C:\ProgramData\wfj18L.dat
[2012/03/06 18:24:50 | 000,777,610 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/11 12:58:56 | 000,002,048 | -HS- | C] () -- C:\windows\SysWOW64\config\systemprofile\AppData\Local\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@
[2012/01/11 12:58:56 | 000,002,048 | -HS- | C] () -- C:\windows\System32\config\systemprofile\AppData\Local\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@
[2012/01/11 12:58:56 | 000,002,048 | -HS- | C] () -- C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@
[2011/04/17 14:47:31 | 000,073,220 | ---- | C] () -- C:\windows\SysWow64\EPPICPrinterDB.dat
[2011/04/17 14:47:31 | 000,031,053 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern131.dat
[2011/04/17 14:47:31 | 000,029,114 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern1.dat
[2011/04/17 14:47:31 | 000,027,417 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern121.dat
[2011/04/17 14:47:31 | 000,021,021 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern3.dat
[2011/04/17 14:47:31 | 000,015,670 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern5.dat
[2011/04/17 14:47:31 | 000,013,280 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern2.dat
[2011/04/17 14:47:31 | 000,010,673 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern4.dat
[2011/04/17 14:47:31 | 000,004,943 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern6.dat
[2011/04/17 14:47:31 | 000,001,140 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_PT.dat
[2011/04/17 14:47:31 | 000,001,140 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_BP.dat
[2011/04/17 14:47:31 | 000,001,137 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_ES.dat
[2011/04/17 14:47:31 | 000,001,130 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_FR.dat
[2011/04/17 14:47:31 | 000,001,130 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_CF.dat
[2011/04/17 14:47:31 | 000,001,104 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_EN.dat
[2011/04/17 14:47:31 | 000,000,097 | ---- | C] () -- C:\windows\SysWow64\PICSDK.ini
[2011/04/17 14:40:17 | 000,000,051 | ---- | C] () -- C:\windows\EPART725.ini
[2010/07/13 16:23:05 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/12 16:20:52 | 000,000,000 | ---- | C] () -- C:\Users\TVG\AppData\Roaming\wklnhst.dat

========== LOP Check ==========

[2012/05/22 17:14:52 | 000,000,000 | ---D | M] -- C:\Users\DTG\AppData\Roaming\Epson
[2012/05/22 18:44:38 | 000,000,000 | ---D | M] -- C:\Users\DTG\AppData\Roaming\Toshiba
[2012/04/28 11:19:43 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Epson
[2012/04/28 11:22:06 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Toshiba
[2011/03/06 12:14:20 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Barnes & Noble
[2012/09/15 10:55:05 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Dropbox
[2011/04/17 15:36:41 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Epson
[2012/04/28 12:03:34 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Systweak
[2010/07/13 18:33:58 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Template
[2012/08/13 11:09:10 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Tific
[2010/09/19 03:37:31 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\Toshiba
[2011/05/25 22:47:45 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\WildTangent
[2010/07/16 11:57:34 | 000,000,000 | ---D | M] -- C:\Users\TD\AppData\Roaming\WinBatch
[2011/05/26 10:12:00 | 000,000,000 | ---D | M] -- C:\Users\TVG\AppData\Roaming\Epson
[2012/04/28 13:11:28 | 000,000,000 | ---D | M] -- C:\Users\TVG\AppData\Roaming\Systweak
[2010/07/12 16:21:06 | 000,000,000 | ---D | M] -- C:\Users\TVG\AppData\Roaming\Template
[2012/09/15 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\TVG\AppData\Roaming\Tific
[2012/03/31 08:13:39 | 000,000,000 | ---D | M] -- C:\Users\TVG\AppData\Roaming\Toshiba
[2010/07/12 17:48:44 | 000,000,000 | ---D | M] -- C:\Users\TVG\AppData\Roaming\WinBatch
[2012/08/15 08:54:10 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At1.job
[2012/08/14 08:50:40 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At11.job
[2012/08/14 08:50:40 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At13.job
[2012/08/14 08:50:40 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At15.job
[2012/08/14 08:50:40 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At17.job
[2012/08/15 09:45:00 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At19.job
[2012/08/15 10:45:01 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At21.job
[2012/09/15 11:45:05 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At23.job
[2012/08/15 13:40:50 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At25.job
[2012/08/15 13:45:00 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At27.job
[2012/09/15 14:45:12 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At29.job
[2012/08/15 08:54:10 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At3.job
[2012/09/15 15:45:16 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At31.job
[2012/09/15 16:45:02 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At33.job
[2012/09/15 17:45:10 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At35.job
[2012/09/15 18:45:01 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At37.job
[2012/09/15 19:45:01 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At39.job
[2012/09/15 20:45:01 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At41.job
[2012/09/15 22:20:44 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At43.job
[2012/08/15 08:54:10 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At45.job
[2012/08/15 08:54:10 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At47.job
[2012/08/15 08:54:10 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At5.job
[2012/08/15 09:07:36 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At7.job
[2012/08/12 06:54:27 | 000,000,344 | ---- | M] () -- C:\windows\Tasks\At9.job
[2012/07/08 00:42:39 | 000,032,644 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 08:25:40 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
No service found with a name of BITS
No service found with a name of BFE
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/04/24 00:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/04/23 23:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 08:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 07:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 01:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
No service found with a name of SharedAccess
SRV:64bit: - [2010/11/20 08:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2010/11/20 08:27:22 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 08:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 08:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV:64bit: - [2010/11/20 08:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 08:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 07:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 08:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 08:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 07:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 08:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 08:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 08:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 08:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV:64bit: - [2010/11/20 08:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
No service found with a name of MpsSvc
SRV:64bit: - [2010/11/20 08:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 08:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 07:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
No service found with a name of wuauserv
SRV:64bit: - [2010/11/20 08:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 08:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2011/01/16 15:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\TVG\AppData\Local\Temp\RarSFX1\procs\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2005/08/16 01:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\TVG\AppData\Local\Temp\RarSFX1\h\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\windows\SysNative\qmgr.dll
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\system64\qmgr.dll
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\system64\drivers\etc\services
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=014A9CB92514E27C0107614DF764BC06 -- C:\windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=014A9CB92514E27C0107614DF764BC06 -- C:\Windows\system64\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\SysNative\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system64\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.JS >
[2011/02/09 12:11:18 | 000,018,691 | ---- | M] () MD5=A29A268BD513B6BC07270653DD48774C -- C:\Program Files (x86)\Barnes & Noble\BNDesktopReader\HTML\js\services.js

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\TD\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\system64\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\system64\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\system64\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\system64\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:45 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=2CEFF13ACE25A40BD8D97654944297CD -- C:\Windows\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\system64\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\TVG\AppData\Local\Temp\RarSFX1\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\system64\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\system64\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\TVG\AppData\Local\Temp\RarSFX1\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\windows\system64] -> \systemroot\system32 -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >
  • 0

#5
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
These are the results from the other scan.

Attached Files


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK you have zero access

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {345D233A-5623-436C-AEC2-AD1EB2D5D80C}
    IE - HKLM\..\SearchScopes,DefaultScope = {345D233A-5623-436C-AEC2-AD1EB2D5D80C}
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {345D233A-5623-436C-AEC2-AD1EB2D5D80C}
    O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.2\dealioToolbarIE.dll (Spigot, Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.2\dealioToolbarIE.dll (Spigot, Inc.)
    O4 - HKLM..\Run: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe File not found
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKU\.DEFAULT..\Run: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe File not found
    O4 - HKU\.DEFAULT..\Run: [edeebebecdefddct] "C:\ProgramData\edeebebecdefddct.exe" File not found
    O4 - HKU\.DEFAULT..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
    O4 - HKU\S-1-5-18..\Run: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe File not found
    O4 - HKU\S-1-5-18..\Run: [edeebebecdefddct] "C:\ProgramData\edeebebecdefddct.exe" File not found
    O4 - HKU\S-1-5-18..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
    O4 - HKU\S-1-5-19..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
    O4 - HKU\S-1-5-20..\Run: [Update] rundll32.exe "C:\windows\TEMP\",DllRegisterServer File not found
    [2012/09/15 17:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    
    :Reg
    [HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32] 
    ""="%systemroot%\system32\wbem\wbemess.dll" 
    [-HKCU\Software\Classes\clsid\{12d0253a-7c96-815c-11e0-3034bbd97cc0}] 
    
    :Files
    C:\Program Files (x86)\Dealio Toolbar
    C:\Program Files (x86)\Common Files\Spigot
    C:\windows\tasks\At*.job
    C:\windows\Installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}
    C:\windows\SysWOW64\config\systemprofile\AppData\Local\{92fa28bf-84db-e36c-4a5c-94c008f958a7}
    C:\windows\System32\config\systemprofile\AppData\Local\{92fa28bf-84db-e36c-4a5c-94c008f958a7}
    ipconfig /flushdns /c
    netsh int ip reset c:\resetlog.txt  /c
    ipconfig /release /c
    ipconfig /renew /c
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

FINALLY

run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0

#7
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
The data from running the OTL is attached. I got a blue screen error message when trying to run the ComboFix. I did follow the instruction to the letter. I did not try to rerun it as noted in the instructions. I am awaiting further instructions. thanks
Attached File  OTL.Txt   109.37KB   34 downloads
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK we will try a different tack

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#9
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
These are the results from running the TDSSkiller.There were two items that came up where cure was not available. I could only skip,delete or quarantine. i skipped them.


08:49:06.0790 2168 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:49:06.0821 2168 ============================================================
08:49:06.0821 2168 Current date / time: 2012/09/22 08:49:06.0821
08:49:06.0821 2168 SystemInfo:
08:49:06.0821 2168
08:49:06.0821 2168 OS Version: 6.1.7601 ServicePack: 1.0
08:49:06.0821 2168 Product type: Workstation
08:49:06.0821 2168 ComputerName: TVG-PC
08:49:06.0821 2168 UserName: TVG
08:49:06.0821 2168 Windows directory: C:\windows
08:49:06.0821 2168 System windows directory: C:\windows
08:49:06.0821 2168 Running under WOW64
08:49:06.0821 2168 Processor architecture: Intel x64
08:49:06.0821 2168 Number of processors: 2
08:49:06.0821 2168 Page size: 0x1000
08:49:06.0821 2168 Boot type: Safe boot with network
08:49:06.0821 2168 ============================================================
08:49:08.0256 2168 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:49:08.0256 2168 Drive \Device\Harddisk1\DR2 - Size: 0x1DDB60000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:49:08.0256 2168 ============================================================
08:49:08.0256 2168 \Device\Harddisk0\DR0:
08:49:08.0256 2168 MBR partitions:
08:49:08.0256 2168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F65800
08:49:08.0256 2168 \Device\Harddisk1\DR2:
08:49:08.0256 2168 MBR partitions:
08:49:08.0256 2168 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEEBB80
08:49:08.0256 2168 ============================================================
08:49:08.0287 2168 C: <-> \Device\Harddisk0\DR0\Partition1
08:49:08.0287 2168 ============================================================
08:49:08.0287 2168 Initialize success
08:49:08.0287 2168 ============================================================
08:50:14.0665 2736 ============================================================
08:50:14.0665 2736 Scan started
08:50:14.0665 2736 Mode: Manual; SigCheck; TDLFS;
08:50:14.0665 2736 ============================================================
08:50:14.0915 2736 ================ Scan system memory ========================
08:50:14.0915 2736 System memory - ok
08:50:14.0915 2736 ================ Scan services =============================
08:50:15.0087 2736 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:50:15.0274 2736 1394ohci - ok
08:50:15.0336 2736 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:50:15.0352 2736 ACPI - ok
08:50:15.0399 2736 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:50:15.0477 2736 AcpiPmi - ok
08:50:15.0508 2736 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\windows\system32\drivers\adfs.sys
08:50:15.0523 2736 adfs - ok
08:50:15.0586 2736 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
08:50:15.0601 2736 adp94xx - ok
08:50:15.0617 2736 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
08:50:15.0633 2736 adpahci - ok
08:50:15.0679 2736 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
08:50:15.0695 2736 adpu320 - ok
08:50:15.0757 2736 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:50:15.0898 2736 AeLookupSvc - ok
08:50:15.0945 2736 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
08:50:16.0007 2736 AFD - ok
08:50:16.0069 2736 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
08:50:16.0132 2736 AgereModemAudio - ok
08:50:16.0179 2736 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
08:50:16.0225 2736 AgereSoftModem - ok
08:50:16.0272 2736 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
08:50:16.0272 2736 agp440 - ok
08:50:16.0319 2736 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
08:50:16.0366 2736 ALG - ok
08:50:16.0397 2736 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
08:50:16.0413 2736 aliide - ok
08:50:16.0444 2736 [ 98A2774D3F18C107874C8C1163EBE484 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
08:50:16.0522 2736 AMD External Events Utility - ok
08:50:16.0569 2736 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
08:50:16.0569 2736 amdide - ok
08:50:16.0600 2736 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
08:50:16.0631 2736 AmdK8 - ok
08:50:16.0647 2736 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
08:50:16.0693 2736 AmdPPM - ok
08:50:16.0725 2736 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:50:16.0740 2736 amdsata - ok
08:50:16.0771 2736 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
08:50:16.0787 2736 amdsbs - ok
08:50:16.0803 2736 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:50:16.0818 2736 amdxata - ok
08:50:16.0849 2736 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
08:50:17.0005 2736 AppID - ok
08:50:17.0021 2736 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:50:17.0083 2736 AppIDSvc - ok
08:50:17.0115 2736 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
08:50:17.0161 2736 Appinfo - ok
08:50:17.0286 2736 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:50:17.0302 2736 Apple Mobile Device - ok
08:50:17.0395 2736 [ 0805ECF10476A091999E4D59D0DB71A2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
08:50:17.0427 2736 Application Updater - ok
08:50:17.0458 2736 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
08:50:17.0473 2736 arc - ok
08:50:17.0489 2736 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
08:50:17.0505 2736 arcsas - ok
08:50:17.0629 2736 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:50:17.0645 2736 aspnet_state - ok
08:50:17.0676 2736 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:50:17.0739 2736 AsyncMac - ok
08:50:17.0754 2736 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
08:50:17.0770 2736 atapi - ok
08:50:17.0910 2736 [ 173F4C05F87085E9BDA3F7037BC9F40E ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
08:50:18.0082 2736 atikmdag - ok
08:50:18.0129 2736 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
08:50:18.0129 2736 AtiPcie - ok
08:50:18.0175 2736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:50:18.0253 2736 AudioEndpointBuilder - ok
08:50:18.0300 2736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
08:50:18.0331 2736 AudioSrv - ok
08:50:18.0378 2736 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
08:50:18.0409 2736 AxInstSV - ok
08:50:18.0456 2736 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
08:50:18.0487 2736 b06bdrv - ok
08:50:18.0519 2736 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:50:18.0581 2736 b57nd60a - ok
08:50:18.0753 2736 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:50:18.0846 2736 BBSvc - ok
08:50:18.0909 2736 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:50:18.0924 2736 BBUpdate - ok
08:50:18.0971 2736 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
08:50:19.0002 2736 BDESVC - ok
08:50:19.0049 2736 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
08:50:19.0096 2736 Beep - ok
08:50:19.0299 2736 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120803.001\BHDrvx64.sys
08:50:19.0470 2736 BHDrvx64 - ok
08:50:19.0501 2736 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
08:50:19.0517 2736 blbdrive - ok
08:50:19.0595 2736 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:50:19.0611 2736 Bonjour Service - ok
08:50:19.0642 2736 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:50:19.0673 2736 bowser - ok
08:50:19.0704 2736 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
08:50:19.0735 2736 BrFiltLo - ok
08:50:19.0751 2736 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
08:50:19.0767 2736 BrFiltUp - ok
08:50:19.0813 2736 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
08:50:19.0845 2736 Browser - ok
08:50:19.0891 2736 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:50:19.0923 2736 Brserid - ok
08:50:19.0969 2736 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:50:20.0001 2736 BrSerWdm - ok
08:50:20.0047 2736 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:50:20.0079 2736 BrUsbMdm - ok
08:50:20.0079 2736 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:50:20.0094 2736 BrUsbSer - ok
08:50:20.0125 2736 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
08:50:20.0141 2736 BTHMODEM - ok
08:50:20.0188 2736 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
08:50:20.0250 2736 bthserv - ok
08:50:20.0344 2736 [ 37F1BAEC39B505B3B51893A35C8337EA ] ccHP C:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
08:50:20.0375 2736 ccHP - ok
08:50:20.0406 2736 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:50:20.0469 2736 cdfs - ok
08:50:20.0500 2736 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
08:50:20.0531 2736 cdrom - ok
08:50:20.0578 2736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
08:50:20.0640 2736 CertPropSvc - ok
08:50:20.0734 2736 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
08:50:20.0749 2736 cfWiMAXService - ok
08:50:20.0765 2736 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
08:50:20.0796 2736 circlass - ok
08:50:20.0843 2736 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
08:50:20.0859 2736 CLFS - ok
08:50:20.0937 2736 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:20.0952 2736 clr_optimization_v2.0.50727_32 - ok
08:50:20.0983 2736 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:50:20.0999 2736 clr_optimization_v2.0.50727_64 - ok
08:50:21.0077 2736 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:50:21.0264 2736 clr_optimization_v4.0.30319_32 - ok
08:50:21.0264 2736 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:50:21.0405 2736 clr_optimization_v4.0.30319_64 - ok
08:50:21.0436 2736 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
08:50:21.0467 2736 CmBatt - ok
08:50:21.0498 2736 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
08:50:21.0514 2736 cmdide - ok
08:50:21.0576 2736 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
08:50:21.0592 2736 CNG - ok
08:50:21.0639 2736 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
08:50:21.0654 2736 Compbatt - ok
08:50:21.0701 2736 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
08:50:21.0732 2736 CompositeBus - ok
08:50:21.0732 2736 COMSysApp - ok
08:50:21.0779 2736 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
08:50:21.0779 2736 ConfigFree Gadget Service - ok
08:50:21.0810 2736 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
08:50:21.0826 2736 ConfigFree Service - ok
08:50:21.0857 2736 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
08:50:21.0857 2736 crcdisk - ok
08:50:21.0904 2736 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
08:50:21.0951 2736 CryptSvc - ok
08:50:22.0013 2736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
08:50:22.0107 2736 DcomLaunch - ok
08:50:22.0138 2736 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
08:50:22.0185 2736 defragsvc - ok
08:50:22.0231 2736 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:50:22.0278 2736 DfsC - ok
08:50:22.0325 2736 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
08:50:22.0387 2736 Dhcp - ok
08:50:22.0419 2736 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
08:50:22.0465 2736 discache - ok
08:50:22.0512 2736 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
08:50:22.0528 2736 Disk - ok
08:50:22.0575 2736 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:50:22.0621 2736 Dnscache - ok
08:50:22.0668 2736 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
08:50:22.0715 2736 dot3svc - ok
08:50:22.0777 2736 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
08:50:22.0824 2736 DPS - ok
08:50:22.0871 2736 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:50:22.0902 2736 drmkaud - ok
08:50:22.0965 2736 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:50:22.0996 2736 DXGKrnl - ok
08:50:23.0027 2736 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
08:50:23.0074 2736 EapHost - ok
08:50:23.0183 2736 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
08:50:23.0323 2736 ebdrv - ok
08:50:23.0401 2736 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:50:23.0417 2736 eeCtrl - ok
08:50:23.0448 2736 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
08:50:23.0479 2736 EFS - ok
08:50:23.0589 2736 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:50:23.0651 2736 ehRecvr - ok
08:50:23.0682 2736 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
08:50:23.0713 2736 ehSched - ok
08:50:23.0776 2736 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
08:50:23.0791 2736 elxstor - ok
08:50:23.0838 2736 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
08:50:23.0869 2736 EPSON_EB_RPCV4_04 - ok
08:50:23.0901 2736 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
08:50:23.0916 2736 EPSON_PM_RPCV4_04 - ok
08:50:24.0010 2736 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:50:24.0010 2736 EraserUtilRebootDrv - ok
08:50:24.0057 2736 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
08:50:24.0088 2736 ErrDev - ok
08:50:24.0150 2736 esgiguard - ok
08:50:24.0213 2736 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
08:50:24.0275 2736 EventSystem - ok
08:50:24.0306 2736 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
08:50:24.0369 2736 exfat - ok
08:50:24.0400 2736 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
08:50:24.0462 2736 fastfat - ok
08:50:24.0509 2736 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
08:50:24.0540 2736 Fax - ok
08:50:24.0571 2736 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
08:50:24.0603 2736 fdc - ok
08:50:24.0634 2736 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
08:50:24.0712 2736 fdPHost - ok
08:50:24.0727 2736 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
08:50:24.0774 2736 FDResPub - ok
08:50:24.0805 2736 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:50:24.0821 2736 FileInfo - ok
08:50:24.0837 2736 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:50:24.0899 2736 Filetrace - ok
08:50:24.0946 2736 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:50:24.0961 2736 FLEXnet Licensing Service - ok
08:50:25.0024 2736 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:50:25.0039 2736 FLEXnet Licensing Service 64 - ok
08:50:25.0071 2736 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
08:50:25.0102 2736 flpydisk - ok
08:50:25.0133 2736 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:50:25.0149 2736 FltMgr - ok
08:50:25.0211 2736 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
08:50:25.0258 2736 FontCache - ok
08:50:25.0336 2736 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:50:25.0336 2736 FontCache3.0.0.0 - ok
08:50:25.0367 2736 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:50:25.0383 2736 FsDepends - ok
08:50:25.0414 2736 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
08:50:25.0429 2736 fssfltr - ok
08:50:25.0539 2736 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:50:25.0570 2736 fsssvc - ok
08:50:25.0632 2736 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:50:25.0648 2736 Fs_Rec - ok
08:50:25.0695 2736 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:50:25.0726 2736 fvevol - ok
08:50:25.0741 2736 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
08:50:25.0757 2736 gagp30kx - ok
08:50:25.0819 2736 [ 4FBCCBDD99A75C9EFBC90392CF32AF61 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
08:50:25.0819 2736 GameConsoleService - ok
08:50:25.0866 2736 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:50:25.0882 2736 GEARAspiWDM - ok
08:50:25.0913 2736 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
08:50:25.0975 2736 gpsvc - ok
08:50:26.0069 2736 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:26.0069 2736 gupdate - ok
08:50:26.0085 2736 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:26.0085 2736 gupdatem - ok
08:50:26.0147 2736 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:50:26.0163 2736 gusvc - ok
08:50:26.0194 2736 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:50:26.0225 2736 hcw85cir - ok
08:50:26.0256 2736 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:50:26.0303 2736 HdAudAddService - ok
08:50:26.0334 2736 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
08:50:26.0365 2736 HDAudBus - ok
08:50:26.0397 2736 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
08:50:26.0443 2736 HidBatt - ok
08:50:26.0475 2736 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
08:50:26.0521 2736 HidBth - ok
08:50:26.0537 2736 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
08:50:26.0584 2736 HidIr - ok
08:50:26.0615 2736 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
08:50:26.0677 2736 hidserv - ok
08:50:26.0709 2736 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
08:50:26.0724 2736 HidUsb - ok
08:50:26.0755 2736 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
08:50:26.0818 2736 hkmsvc - ok
08:50:26.0880 2736 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:50:26.0911 2736 HomeGroupListener - ok
08:50:26.0958 2736 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:50:26.0989 2736 HomeGroupProvider - ok
08:50:27.0021 2736 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:50:27.0021 2736 HpSAMD - ok
08:50:27.0067 2736 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:50:27.0145 2736 HTTP - ok
08:50:27.0177 2736 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:50:27.0192 2736 hwpolicy - ok
08:50:27.0223 2736 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
08:50:27.0239 2736 i8042prt - ok
08:50:27.0270 2736 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:50:27.0286 2736 iaStorV - ok
08:50:27.0348 2736 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:50:27.0379 2736 idsvc - ok
08:50:27.0535 2736 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120914.001\IDSvia64.sys
08:50:27.0629 2736 IDSVia64 - ok
08:50:27.0645 2736 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
08:50:27.0660 2736 iirsp - ok
08:50:27.0738 2736 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
08:50:27.0769 2736 IKEEXT - ok
08:50:27.0847 2736 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:50:27.0925 2736 IntcAzAudAddService - ok
08:50:27.0941 2736 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
08:50:27.0957 2736 intelide - ok
08:50:27.0988 2736 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:50:28.0019 2736 intelppm - ok
08:50:28.0050 2736 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:50:28.0097 2736 IPBusEnum - ok
08:50:28.0144 2736 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:50:28.0206 2736 IpFilterDriver - ok
08:50:28.0253 2736 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:50:28.0253 2736 IPMIDRV - ok
08:50:28.0284 2736 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:50:28.0331 2736 IPNAT - ok
08:50:28.0425 2736 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:50:28.0440 2736 iPod Service - ok
08:50:28.0487 2736 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
08:50:28.0549 2736 IRENUM - ok
08:50:28.0768 2736 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:50:28.0768 2736 isapnp - ok
08:50:28.0830 2736 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:50:28.0846 2736 iScsiPrt - ok
08:50:28.0893 2736 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
08:50:28.0893 2736 kbdclass - ok
08:50:28.0908 2736 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:50:28.0971 2736 kbdhid - ok
08:50:28.0986 2736 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
08:50:29.0002 2736 KeyIso - ok
08:50:29.0033 2736 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:50:29.0033 2736 KSecDD - ok
08:50:29.0080 2736 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:50:29.0095 2736 KSecPkg - ok
08:50:29.0111 2736 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:50:29.0158 2736 ksthunk - ok
08:50:29.0205 2736 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
08:50:29.0267 2736 KtmRm - ok
08:50:29.0314 2736 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
08:50:29.0361 2736 LanmanServer - ok
08:50:29.0423 2736 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:50:29.0470 2736 LanmanWorkstation - ok
08:50:29.0517 2736 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:50:29.0579 2736 lltdio - ok
08:50:29.0610 2736 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
08:50:29.0673 2736 lltdsvc - ok
08:50:29.0688 2736 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
08:50:29.0719 2736 lmhosts - ok
08:50:29.0751 2736 [ 16679269303613C4CE7C8FF03413410F ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
08:50:29.0766 2736 LPCFilter - ok
08:50:29.0782 2736 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
08:50:29.0797 2736 LSI_FC - ok
08:50:29.0829 2736 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
08:50:29.0844 2736 LSI_SAS - ok
08:50:29.0860 2736 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
08:50:29.0875 2736 LSI_SAS2 - ok
08:50:29.0891 2736 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
08:50:29.0907 2736 LSI_SCSI - ok
08:50:29.0938 2736 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
08:50:29.0985 2736 luafv - ok
08:50:30.0031 2736 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:50:30.0047 2736 Mcx2Svc - ok
08:50:30.0094 2736 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
08:50:30.0094 2736 megasas - ok
08:50:30.0125 2736 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
08:50:30.0141 2736 MegaSR - ok
08:50:30.0234 2736 Microsoft SharePoint Workspace Audit Service - ok
08:50:30.0250 2736 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
08:50:30.0312 2736 MMCSS - ok
08:50:30.0328 2736 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
08:50:30.0390 2736 Modem - ok
08:50:30.0421 2736 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:50:30.0453 2736 monitor - ok
08:50:30.0499 2736 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
08:50:30.0499 2736 mouclass - ok
08:50:30.0562 2736 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:50:30.0593 2736 mouhid - ok
08:50:30.0640 2736 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:50:30.0655 2736 mountmgr - ok
08:50:30.0702 2736 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
08:50:30.0718 2736 mpio - ok
08:50:30.0765 2736 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:50:30.0796 2736 mpsdrv - ok
08:50:30.0827 2736 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:50:30.0858 2736 MRxDAV - ok
08:50:30.0921 2736 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:50:31.0014 2736 mrxsmb - ok
08:50:31.0045 2736 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:50:31.0077 2736 mrxsmb10 - ok
08:50:31.0108 2736 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:50:31.0123 2736 mrxsmb20 - ok
08:50:31.0170 2736 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
08:50:31.0186 2736 msahci - ok
08:50:31.0217 2736 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:50:31.0233 2736 msdsm - ok
08:50:31.0264 2736 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
08:50:31.0295 2736 MSDTC - ok
08:50:31.0342 2736 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:50:31.0373 2736 Msfs - ok
08:50:31.0389 2736 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:50:31.0435 2736 mshidkmdf - ok
08:50:31.0482 2736 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:50:31.0498 2736 msisadrv - ok
08:50:31.0513 2736 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:50:31.0576 2736 MSiSCSI - ok
08:50:31.0591 2736 msiserver - ok
08:50:31.0623 2736 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:50:31.0669 2736 MSKSSRV - ok
08:50:31.0701 2736 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:50:31.0747 2736 MSPCLOCK - ok
08:50:31.0779 2736 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:50:31.0841 2736 MSPQM - ok
08:50:31.0888 2736 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:50:31.0903 2736 MsRPC - ok
08:50:31.0935 2736 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
08:50:31.0950 2736 mssmbios - ok
08:50:31.0981 2736 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:50:32.0044 2736 MSTEE - ok
08:50:32.0059 2736 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
08:50:32.0091 2736 MTConfig - ok
08:50:32.0122 2736 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
08:50:32.0122 2736 Mup - ok
08:50:32.0184 2736 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
08:50:32.0247 2736 napagent - ok
08:50:32.0309 2736 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:50:32.0356 2736 NativeWifiP - ok
08:50:32.0434 2736 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\ENG64.SYS
08:50:32.0434 2736 NAVENG - ok
08:50:32.0512 2736 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\EX64.SYS
08:50:32.0590 2736 NAVEX15 - ok
08:50:32.0637 2736 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
08:50:32.0668 2736 NDIS - ok
08:50:32.0699 2736 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:50:32.0746 2736 NdisCap - ok
08:50:32.0761 2736 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:50:32.0824 2736 NdisTapi - ok
08:50:32.0871 2736 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:50:32.0917 2736 Ndisuio - ok
08:50:32.0964 2736 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:50:33.0011 2736 NdisWan - ok
08:50:33.0042 2736 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:50:33.0073 2736 NDProxy - ok
08:50:33.0105 2736 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:50:33.0167 2736 NetBIOS - ok
08:50:33.0214 2736 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:50:33.0245 2736 NetBT - ok
08:50:33.0261 2736 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
08:50:33.0261 2736 Netlogon - ok
08:50:33.0292 2736 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
08:50:33.0354 2736 Netman - ok
08:50:33.0401 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0448 2736 NetMsmqActivator - ok
08:50:33.0463 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0479 2736 NetPipeActivator - ok
08:50:33.0526 2736 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
08:50:33.0588 2736 netprofm - ok
08:50:33.0635 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0651 2736 NetTcpActivator - ok
08:50:33.0651 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0666 2736 NetTcpPortSharing - ok
08:50:33.0697 2736 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
08:50:33.0713 2736 nfrd960 - ok
08:50:33.0791 2736 [ B4187346F54E362DAFFE647B25A58D50 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
08:50:33.0807 2736 NIS - ok
08:50:33.0853 2736 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
08:50:33.0900 2736 NlaSvc - ok
08:50:33.0931 2736 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
08:50:33.0963 2736 Npfs - ok
08:50:34.0009 2736 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
08:50:34.0072 2736 nsi - ok
08:50:34.0103 2736 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:50:34.0150 2736 nsiproxy - ok
08:50:34.0228 2736 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:50:34.0275 2736 Ntfs - ok
08:50:34.0290 2736 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
08:50:34.0321 2736 Null - ok
08:50:34.0337 2736 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
08:50:34.0353 2736 nvraid - ok
08:50:34.0399 2736 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
08:50:34.0415 2736 nvstor - ok
08:50:34.0462 2736 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:50:34.0477 2736 nv_agp - ok
08:50:34.0509 2736 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:50:34.0540 2736 ohci1394 - ok
08:50:34.0618 2736 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:50:34.0618 2736 ose - ok
08:50:34.0774 2736 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:50:35.0008 2736 osppsvc - ok
08:50:35.0070 2736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:50:35.0101 2736 p2pimsvc - ok
08:50:35.0133 2736 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
08:50:35.0148 2736 p2psvc - ok
08:50:35.0179 2736 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
08:50:35.0179 2736 Parport - ok
08:50:35.0211 2736 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
08:50:35.0226 2736 partmgr - ok
08:50:35.0242 2736 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
08:50:35.0289 2736 PcaSvc - ok
08:50:35.0320 2736 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
08:50:35.0335 2736 pci - ok
08:50:35.0351 2736 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
08:50:35.0367 2736 pciide - ok
08:50:35.0398 2736 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
08:50:35.0413 2736 pcmcia - ok
08:50:35.0429 2736 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
08:50:35.0445 2736 pcw - ok
08:50:35.0476 2736 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:50:35.0538 2736 PEAUTH - ok
08:50:35.0616 2736 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
08:50:35.0679 2736 PerfHost - ok
08:50:35.0725 2736 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
08:50:35.0741 2736 PGEffect - ok
08:50:35.0803 2736 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
08:50:35.0866 2736 pla - ok
08:50:35.0944 2736 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:50:35.0991 2736 PlugPlay - ok
08:50:36.0022 2736 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:50:36.0037 2736 PNRPAutoReg - ok
08:50:36.0069 2736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:50:36.0084 2736 PNRPsvc - ok
08:50:36.0131 2736 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:50:36.0178 2736 PolicyAgent - ok
08:50:36.0225 2736 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
08:50:36.0287 2736 Power - ok
08:50:36.0318 2736 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:50:36.0381 2736 PptpMiniport - ok
08:50:36.0412 2736 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
08:50:36.0443 2736 Processor - ok
08:50:36.0490 2736 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
08:50:36.0521 2736 ProfSvc - ok
08:50:36.0552 2736 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
08:50:36.0552 2736 ProtectedStorage - ok
08:50:36.0599 2736 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:50:36.0646 2736 Psched - ok
08:50:36.0708 2736 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
08:50:36.0755 2736 ql2300 - ok
08:50:36.0771 2736 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
08:50:36.0786 2736 ql40xx - ok
08:50:36.0864 2736 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
08:50:36.0895 2736 QWAVE - ok
08:50:36.0927 2736 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:50:36.0942 2736 QWAVEdrv - ok
08:50:36.0958 2736 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:50:37.0020 2736 RasAcd - ok
08:50:37.0067 2736 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:50:37.0098 2736 RasAgileVpn - ok
08:50:37.0114 2736 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
08:50:37.0176 2736 RasAuto - ok
08:50:37.0207 2736 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:50:37.0270 2736 Rasl2tp - ok
08:50:37.0301 2736 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
08:50:37.0348 2736 RasMan - ok
08:50:37.0379 2736 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:50:37.0426 2736 RasPppoe - ok
08:50:37.0457 2736 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:50:37.0504 2736 RasSstp - ok
08:50:37.0551 2736 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:50:37.0613 2736 rdbss - ok
08:50:37.0644 2736 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
08:50:37.0675 2736 rdpbus - ok
08:50:37.0691 2736 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:50:37.0753 2736 RDPCDD - ok
08:50:37.0785 2736 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:50:37.0831 2736 RDPENCDD - ok
08:50:37.0863 2736 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:50:37.0894 2736 RDPREFMP - ok
08:50:37.0941 2736 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:50:37.0956 2736 RDPWD - ok
08:50:37.0987 2736 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:50:38.0003 2736 rdyboost - ok
08:50:38.0050 2736 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
08:50:38.0112 2736 RemoteAccess - ok
08:50:38.0190 2736 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:50:38.0221 2736 RemoteRegistry - ok
08:50:38.0237 2736 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:50:38.0299 2736 RpcEptMapper - ok
08:50:38.0331 2736 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
08:50:38.0362 2736 RpcLocator - ok
08:50:38.0424 2736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
08:50:38.0455 2736 RpcSs - ok
08:50:38.0502 2736 RSELSVC - ok
08:50:38.0533 2736 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:50:38.0580 2736 rspndr - ok
08:50:38.0627 2736 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
08:50:38.0658 2736 RSUSBSTOR - ok
08:50:38.0705 2736 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:50:38.0752 2736 RTL8167 - ok
08:50:38.0799 2736 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
08:50:38.0814 2736 rtl8192se - ok
08:50:38.0830 2736 RtsUIR - ok
08:50:38.0845 2736 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
08:50:38.0861 2736 SamSs - ok
08:50:38.0923 2736 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:50:38.0939 2736 sbp2port - ok
08:50:38.0970 2736 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
08:50:39.0033 2736 SCardSvr - ok
08:50:39.0064 2736 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:50:39.0095 2736 scfilter - ok
08:50:39.0142 2736 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
08:50:39.0204 2736 Schedule - ok
08:50:39.0251 2736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
08:50:39.0282 2736 SCPolicySvc - ok
08:50:39.0329 2736 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:50:39.0360 2736 SDRSVC - ok
08:50:39.0407 2736 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:50:39.0438 2736 secdrv - ok
08:50:39.0485 2736 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
08:50:39.0532 2736 seclogon - ok
08:50:39.0579 2736 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
08:50:39.0641 2736 SENS - ok
08:50:39.0657 2736 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
08:50:39.0688 2736 SensrSvc - ok
08:50:39.0703 2736 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
08:50:39.0750 2736 Serenum - ok
08:50:39.0781 2736 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
08:50:39.0797 2736 Serial - ok
08:50:39.0828 2736 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
08:50:39.0844 2736 sermouse - ok
08:50:39.0891 2736 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
08:50:39.0937 2736 SessionEnv - ok
08:50:39.0984 2736 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:50:40.0015 2736 sffdisk - ok
08:50:40.0047 2736 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:50:40.0093 2736 sffp_mmc - ok
08:50:40.0109 2736 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:50:40.0140 2736 sffp_sd - ok
08:50:40.0171 2736 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
08:50:40.0218 2736 sfloppy - ok
08:50:40.0265 2736 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:50:40.0327 2736 ShellHWDetection - ok
08:50:40.0374 2736 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
08:50:40.0374 2736 SiSRaid2 - ok
08:50:40.0405 2736 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
08:50:40.0421 2736 SiSRaid4 - ok
08:50:40.0546 2736 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:50:40.0546 2736 SkypeUpdate - ok
08:50:40.0577 2736 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:50:40.0608 2736 Smb - ok
08:50:40.0639 2736 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:50:40.0671 2736 SNMPTRAP - ok
08:50:40.0717 2736 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
08:50:40.0717 2736 spldr - ok
08:50:40.0780 2736 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
08:50:40.0795 2736 Spooler - ok
08:50:40.0889 2736 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
08:50:41.0029 2736 sppsvc - ok
08:50:41.0092 2736 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:50:41.0123 2736 sppuinotify - ok
08:50:41.0232 2736 [ 96BABC4906ECDB1C69D1176F8647AD8E ] SRTSP C:\windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
08:50:41.0248 2736 SRTSP - ok
08:50:41.0263 2736 [ C7F491A290E0E4222F5CDCD50EEB8167 ] SRTSPX C:\windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
08:50:41.0279 2736 SRTSPX - ok
08:50:41.0326 2736 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
08:50:41.0373 2736 srv - ok
08:50:41.0404 2736 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:50:41.0451 2736 srv2 - ok
08:50:41.0466 2736 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:50:41.0482 2736 srvnet - ok
08:50:41.0529 2736 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:50:41.0575 2736 SSDPSRV - ok
08:50:41.0591 2736 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
08:50:41.0622 2736 SstpSvc - ok
08:50:41.0653 2736 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
08:50:41.0653 2736 stexstor - ok
08:50:41.0716 2736 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
08:50:41.0763 2736 stisvc - ok
08:50:41.0794 2736 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
08:50:41.0809 2736 swenum - ok
08:50:41.0950 2736 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
08:50:42.0075 2736 swprv - ok
08:50:42.0121 2736 [ 659B227A72B76115975A6A9491B2FE1F ] SymDS C:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
08:50:42.0137 2736 SymDS - ok
08:50:42.0184 2736 [ 9F5783A4A03D0091CDBDAA858B566926 ] SymEFA C:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
08:50:42.0199 2736 SymEFA - ok
08:50:42.0231 2736 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
08:50:42.0231 2736 SymEvent - ok
08:50:42.0293 2736 [ F57588546E738DB1583981D8F44E9BC2 ] SymIRON C:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
08:50:42.0293 2736 SymIRON - ok
08:50:42.0324 2736 [ 3ADFB72F0797AE3832509FE030755E21 ] SYMTDIv C:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
08:50:42.0340 2736 SYMTDIv - ok
08:50:42.0371 2736 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:50:42.0387 2736 SynTP - ok
08:50:42.0465 2736 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
08:50:42.0527 2736 SysMain - ok
08:50:42.0589 2736 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
08:50:42.0621 2736 TabletInputService - ok
08:50:42.0652 2736 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
08:50:42.0714 2736 TapiSrv - ok
08:50:42.0745 2736 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
08:50:42.0777 2736 TBS - ok
08:50:42.0855 2736 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:50:42.0901 2736 Tcpip - ok
08:50:42.0948 2736 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:50:42.0979 2736 TCPIP6 - ok
08:50:43.0042 2736 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:50:43.0089 2736 tcpipreg - ok
08:50:43.0120 2736 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:50:43.0135 2736 tdcmdpst - ok
08:50:43.0151 2736 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:50:43.0182 2736 TDPIPE - ok
08:50:43.0229 2736 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:50:43.0260 2736 TDTCP - ok
08:50:43.0307 2736 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:50:43.0354 2736 tdx - ok
08:50:43.0385 2736 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
08:50:43.0401 2736 TermDD - ok
08:50:43.0432 2736 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
08:50:43.0479 2736 TermService - ok
08:50:43.0525 2736 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
08:50:43.0572 2736 Themes - ok
08:50:43.0603 2736 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
08:50:43.0635 2736 THREADORDER - ok
08:50:43.0697 2736 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:50:43.0728 2736 TMachInfo - ok
08:50:43.0759 2736 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
08:50:43.0759 2736 TODDSrv - ok
08:50:43.0806 2736 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:50:43.0837 2736 TosCoSrv - ok
08:50:43.0884 2736 [ 707800855AFBD7648375EFB1519B8D6D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:50:43.0900 2736 TOSHIBA eco Utility Service - ok
08:50:43.0931 2736 [ EDA12E9BC9A0F104C24101720EEC4785 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:50:43.0947 2736 TOSHIBA HDD SSD Alert Service - ok
08:50:43.0978 2736 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
08:50:43.0993 2736 tos_sps64 - ok
08:50:44.0071 2736 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:50:44.0087 2736 TPCHSrv - ok
08:50:44.0134 2736 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
08:50:44.0181 2736 TrkWks - ok
08:50:44.0227 2736 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:50:44.0290 2736 TrustedInstaller - ok
08:50:44.0321 2736 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:50:44.0368 2736 tssecsrv - ok
08:50:44.0415 2736 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:50:44.0446 2736 TsUsbFlt - ok
08:50:44.0493 2736 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:50:44.0539 2736 tunnel - ok
08:50:44.0586 2736 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:50:44.0602 2736 TVALZ - ok
08:50:44.0633 2736 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:50:44.0649 2736 TVALZFL - ok
08:50:44.0695 2736 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
08:50:44.0711 2736 uagp35 - ok
08:50:44.0758 2736 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:50:44.0820 2736 udfs - ok
08:50:44.0867 2736 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:50:44.0883 2736 UI0Detect - ok
08:50:44.0914 2736 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:50:44.0929 2736 uliagpkx - ok
08:50:44.0961 2736 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
08:50:44.0992 2736 umbus - ok
08:50:45.0023 2736 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
08:50:45.0054 2736 UmPass - ok
08:50:45.0101 2736 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
08:50:45.0132 2736 upnphost - ok
08:50:45.0163 2736 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
08:50:45.0195 2736 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
08:50:45.0195 2736 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
08:50:45.0241 2736 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:50:45.0304 2736 usbccgp - ok
08:50:45.0335 2736 USBCCID - ok
08:50:45.0366 2736 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
08:50:45.0382 2736 usbcir - ok
08:50:45.0429 2736 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
08:50:45.0444 2736 usbehci - ok
08:50:45.0460 2736 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:50:45.0491 2736 usbhub - ok
08:50:45.0522 2736 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
08:50:45.0553 2736 usbohci - ok
08:50:45.0585 2736 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
08:50:45.0631 2736 usbprint - ok
08:50:45.0663 2736 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
08:50:45.0694 2736 usbscan - ok
08:50:45.0741 2736 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:50:45.0772 2736 USBSTOR - ok
08:50:45.0803 2736 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:50:45.0819 2736 usbuhci - ok
08:50:45.0865 2736 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
08:50:45.0881 2736 usbvideo - ok
08:50:45.0912 2736 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
08:50:45.0959 2736 UxSms - ok
08:50:45.0975 2736 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
08:50:45.0990 2736 VaultSvc - ok
08:50:46.0037 2736 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:50:46.0037 2736 vdrvroot - ok
08:50:46.0099 2736 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
08:50:46.0146 2736 vds - ok
08:50:46.0177 2736 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:50:46.0193 2736 vga - ok
08:50:46.0209 2736 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
08:50:46.0255 2736 VgaSave - ok
08:50:46.0302 2736 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:50:46.0318 2736 vhdmp - ok
08:50:46.0333 2736 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
08:50:46.0349 2736 viaide - ok
08:50:46.0365 2736 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:50:46.0380 2736 volmgr - ok
08:50:46.0427 2736 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:50:46.0443 2736 volmgrx - ok
08:50:46.0489 2736 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
08:50:46.0505 2736 volsnap - ok
08:50:46.0536 2736 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
08:50:46.0552 2736 vsmraid - ok
08:50:46.0630 2736 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
08:50:46.0692 2736 VSS - ok
08:50:46.0739 2736 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:50:46.0770 2736 vwifibus - ok
08:50:46.0801 2736 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:50:46.0833 2736 vwififlt - ok
08:50:46.0864 2736 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:50:46.0895 2736 vwifimp - ok
08:50:46.0942 2736 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
08:50:46.0989 2736 W32Time - ok
08:50:47.0004 2736 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
08:50:47.0035 2736 WacomPen - ok
08:50:47.0082 2736 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:50:47.0145 2736 WANARP - ok
08:50:47.0145 2736 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:50:47.0176 2736 Wanarpv6 - ok
08:50:47.0238 2736 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:50:47.0269 2736 WatAdminSvc - ok
08:50:47.0332 2736 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
08:50:47.0363 2736 wbengine - ok
08:50:47.0394 2736 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:50:47.0410 2736 WbioSrvc - ok
08:50:47.0457 2736 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
08:50:47.0472 2736 wcncsvc - ok
08:50:47.0519 2736 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:50:47.0519 2736 WcsPlugInService - ok
08:50:47.0550 2736 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
08:50:47.0566 2736 Wd - ok
08:50:47.0597 2736 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:50:47.0613 2736 Wdf01000 - ok
08:50:47.0628 2736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
08:50:47.0675 2736 WdiServiceHost - ok
08:50:47.0675 2736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
08:50:47.0691 2736 WdiSystemHost - ok
08:50:47.0737 2736 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
08:50:47.0769 2736 WebClient - ok
08:50:47.0815 2736 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
08:50:47.0847 2736 Wecsvc - ok
08:50:47.0878 2736 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:50:47.0925 2736 wercplsupport - ok
08:50:47.0971 2736 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
08:50:48.0034 2736 WerSvc - ok
08:50:48.0065 2736 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:50:48.0096 2736 WfpLwf - ok
08:50:48.0112 2736 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:50:48.0127 2736 WIMMount - ok
08:50:48.0159 2736 WinHttpAutoProxySvc - ok
08:50:48.0190 2736 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:50:48.0252 2736 Winmgmt - ok
08:50:48.0330 2736 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
08:50:48.0424 2736 WinRM - ok
08:50:48.0471 2736 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
08:50:48.0502 2736 WinUsb - ok
08:50:48.0580 2736 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
08:50:48.0627 2736 Wlansvc - ok
08:50:48.0705 2736 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:50:48.0720 2736 wlcrasvc - ok
08:50:48.0829 2736 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:50:48.0954 2736 wlidsvc - ok
08:50:48.0970 2736 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:50:49.0017 2736 WmiAcpi - ok
08:50:49.0048 2736 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:50:49.0079 2736 wmiApSrv - ok
08:50:49.0126 2736 WMPNetworkSvc - ok
08:50:49.0188 2736 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
08:50:49.0204 2736 WMZuneComm - ok
08:50:49.0219 2736 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
08:50:49.0235 2736 WPCSvc - ok
08:50:49.0282 2736 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:50:49.0282 2736 WPDBusEnum - ok
08:50:49.0329 2736 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:50:49.0360 2736 ws2ifsl - ok
08:50:49.0391 2736 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
08:50:49.0422 2736 WSDPrintDevice - ok
08:50:49.0469 2736 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
08:50:49.0485 2736 WSDScan - ok
08:50:49.0485 2736 WSearch - ok
08:50:49.0516 2736 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:50:49.0563 2736 WudfPf - ok
08:50:49.0609 2736 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:50:49.0672 2736 WUDFRd - ok
08:50:49.0703 2736 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:50:49.0734 2736 wudfsvc - ok
08:50:49.0765 2736 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
08:50:49.0812 2736 WwanSvc - ok
08:50:49.0906 2736 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:50:49.0921 2736 YahooAUService - ok
08:50:50.0124 2736 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
08:50:50.0421 2736 ZuneNetworkSvc - ok
08:50:50.0467 2736 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
08:50:50.0483 2736 ZuneWlanCfgSvc - ok
08:50:50.0499 2736 ================ Scan global ===============================
08:50:50.0561 2736 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
08:50:50.0608 2736 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:50:50.0623 2736 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:50:50.0639 2736 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
08:50:50.0686 2736 [ 014A9CB92514E27C0107614DF764BC06 ] C:\windows\system32\services.exe
08:50:50.0686 2736 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
08:50:50.0686 2736 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
08:50:50.0686 2736 ================ Scan MBR ==================================
08:50:50.0701 2736 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
08:50:50.0717 2736 Suspicious mbr (Forged): \Device\Harddisk0\DR0
08:50:50.0764 2736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
08:50:50.0764 2736 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
08:50:50.0795 2736 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:50:50.0795 2736 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:50:50.0795 2736 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR2
08:50:51.0466 2736 \Device\Harddisk1\DR2 - ok
08:50:51.0466 2736 ================ Scan VBR ==================================
08:50:51.0481 2736 [ 97C9AD973F7BC30BB325429C5183FCCC ] \Device\Harddisk0\DR0\Partition1
08:50:51.0481 2736 \Device\Harddisk0\DR0\Partition1 - ok
08:50:51.0497 2736 [ 0BB139AE08E7CECE540E0EC3D0C7AC9C ] \Device\Harddisk1\DR2\Partition1
08:50:51.0497 2736 \Device\Harddisk1\DR2\Partition1 - ok
08:50:51.0497 2736 ============================================================
08:50:51.0497 2736 Scan finished
08:50:51.0497 2736 ============================================================
08:50:51.0513 3000 Detected object count: 4
08:50:51.0513 3000 Actual detected object count: 4
08:54:18.0931 3000 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
08:54:18.0931 3000 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:54:19.0024 3000 C:\windows\system32\services.exe - copied to quarantine
08:54:19.0726 3000 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
08:54:19.0726 3000 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
08:54:20.0335 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@ - copied to quarantine
08:54:20.0335 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\L\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:58.0383 3000 Backup copy found, using it..
08:54:58.0414 3000 C:\windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
08:54:58.0414 3000 C:\windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@ - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\n - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\8000[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0477 3000 C:\windows\system32\services.exe - will be cured on reboot
08:54:58.0477 3000 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
08:54:59.0288 3000 \Device\Harddisk0\DR0\# - copied to quarantine
08:54:59.0288 3000 \Device\Harddisk0\DR0 - copied to quarantine
08:54:59.0381 3000 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:54:59.0381 3000 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:54:59.0397 3000 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
08:54:59.0397 3000 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:54:59.0444 3000 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
08:54:59.0475 3000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
08:54:59.0475 3000 \Device\Harddisk0\DR0 - ok
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip08:49:06.0790 2168 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:49:06.0821 2168 ============================================================
08:49:06.0821 2168 Current date / time: 2012/09/22 08:49:06.0821
08:49:06.0821 2168 SystemInfo:
08:49:06.0821 2168
08:49:06.0821 2168 OS Version: 6.1.7601 ServicePack: 1.0
08:49:06.0821 2168 Product type: Workstation
08:49:06.0821 2168 ComputerName: TVG-PC
08:49:06.0821 2168 UserName: TVG
08:49:06.0821 2168 Windows directory: C:\windows
08:49:06.0821 2168 System windows directory: C:\windows
08:49:06.0821 2168 Running under WOW64
08:49:06.0821 2168 Processor architecture: Intel x64
08:49:06.0821 2168 Number of processors: 2
08:49:06.0821 2168 Page size: 0x1000
08:49:06.0821 2168 Boot type: Safe boot with network
08:49:06.0821 2168 ============================================================
08:49:08.0256 2168 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:49:08.0256 2168 Drive \Device\Harddisk1\DR2 - Size: 0x1DDB60000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:49:08.0256 2168 ============================================================
08:49:08.0256 2168 \Device\Harddisk0\DR0:
08:49:08.0256 2168 MBR partitions:
08:49:08.0256 2168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F65800
08:49:08.0256 2168 \Device\Harddisk1\DR2:
08:49:08.0256 2168 MBR partitions:
08:49:08.0256 2168 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEEBB80
08:49:08.0256 2168 ============================================================
08:49:08.0287 2168 C: <-> \Device\Harddisk0\DR0\Partition1
08:49:08.0287 2168 ============================================================
08:49:08.0287 2168 Initialize success
08:49:08.0287 2168 ============================================================
08:50:14.0665 2736 ============================================================
08:50:14.0665 2736 Scan started
08:50:14.0665 2736 Mode: Manual; SigCheck; TDLFS;
08:50:14.0665 2736 ============================================================
08:50:14.0915 2736 ================ Scan system memory ========================
08:50:14.0915 2736 System memory - ok
08:50:14.0915 2736 ================ Scan services =============================
08:50:15.0087 2736 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:50:15.0274 2736 1394ohci - ok
08:50:15.0336 2736 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:50:15.0352 2736 ACPI - ok
08:50:15.0399 2736 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:50:15.0477 2736 AcpiPmi - ok
08:50:15.0508 2736 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\windows\system32\drivers\adfs.sys
08:50:15.0523 2736 adfs - ok
08:50:15.0586 2736 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
08:50:15.0601 2736 adp94xx - ok
08:50:15.0617 2736 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
08:50:15.0633 2736 adpahci - ok
08:50:15.0679 2736 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
08:50:15.0695 2736 adpu320 - ok
08:50:15.0757 2736 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:50:15.0898 2736 AeLookupSvc - ok
08:50:15.0945 2736 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
08:50:16.0007 2736 AFD - ok
08:50:16.0069 2736 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
08:50:16.0132 2736 AgereModemAudio - ok
08:50:16.0179 2736 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
08:50:16.0225 2736 AgereSoftModem - ok
08:50:16.0272 2736 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
08:50:16.0272 2736 agp440 - ok
08:50:16.0319 2736 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
08:50:16.0366 2736 ALG - ok
08:50:16.0397 2736 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
08:50:16.0413 2736 aliide - ok
08:50:16.0444 2736 [ 98A2774D3F18C107874C8C1163EBE484 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
08:50:16.0522 2736 AMD External Events Utility - ok
08:50:16.0569 2736 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
08:50:16.0569 2736 amdide - ok
08:50:16.0600 2736 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
08:50:16.0631 2736 AmdK8 - ok
08:50:16.0647 2736 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
08:50:16.0693 2736 AmdPPM - ok
08:50:16.0725 2736 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:50:16.0740 2736 amdsata - ok
08:50:16.0771 2736 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
08:50:16.0787 2736 amdsbs - ok
08:50:16.0803 2736 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:50:16.0818 2736 amdxata - ok
08:50:16.0849 2736 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
08:50:17.0005 2736 AppID - ok
08:50:17.0021 2736 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:50:17.0083 2736 AppIDSvc - ok
08:50:17.0115 2736 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
08:50:17.0161 2736 Appinfo - ok
08:50:17.0286 2736 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:50:17.0302 2736 Apple Mobile Device - ok
08:50:17.0395 2736 [ 0805ECF10476A091999E4D59D0DB71A2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
08:50:17.0427 2736 Application Updater - ok
08:50:17.0458 2736 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
08:50:17.0473 2736 arc - ok
08:50:17.0489 2736 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
08:50:17.0505 2736 arcsas - ok
08:50:17.0629 2736 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:50:17.0645 2736 aspnet_state - ok
08:50:17.0676 2736 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:50:17.0739 2736 AsyncMac - ok
08:50:17.0754 2736 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
08:50:17.0770 2736 atapi - ok
08:50:17.0910 2736 [ 173F4C05F87085E9BDA3F7037BC9F40E ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
08:50:18.0082 2736 atikmdag - ok
08:50:18.0129 2736 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
08:50:18.0129 2736 AtiPcie - ok
08:50:18.0175 2736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:50:18.0253 2736 AudioEndpointBuilder - ok
08:50:18.0300 2736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
08:50:18.0331 2736 AudioSrv - ok
08:50:18.0378 2736 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
08:50:18.0409 2736 AxInstSV - ok
08:50:18.0456 2736 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
08:50:18.0487 2736 b06bdrv - ok
08:50:18.0519 2736 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:50:18.0581 2736 b57nd60a - ok
08:50:18.0753 2736 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:50:18.0846 2736 BBSvc - ok
08:50:18.0909 2736 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:50:18.0924 2736 BBUpdate - ok
08:50:18.0971 2736 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
08:50:19.0002 2736 BDESVC - ok
08:50:19.0049 2736 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
08:50:19.0096 2736 Beep - ok
08:50:19.0299 2736 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120803.001\BHDrvx64.sys
08:50:19.0470 2736 BHDrvx64 - ok
08:50:19.0501 2736 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
08:50:19.0517 2736 blbdrive - ok
08:50:19.0595 2736 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:50:19.0611 2736 Bonjour Service - ok
08:50:19.0642 2736 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:50:19.0673 2736 bowser - ok
08:50:19.0704 2736 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
08:50:19.0735 2736 BrFiltLo - ok
08:50:19.0751 2736 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
08:50:19.0767 2736 BrFiltUp - ok
08:50:19.0813 2736 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
08:50:19.0845 2736 Browser - ok
08:50:19.0891 2736 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:50:19.0923 2736 Brserid - ok
08:50:19.0969 2736 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:50:20.0001 2736 BrSerWdm - ok
08:50:20.0047 2736 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:50:20.0079 2736 BrUsbMdm - ok
08:50:20.0079 2736 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:50:20.0094 2736 BrUsbSer - ok
08:50:20.0125 2736 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
08:50:20.0141 2736 BTHMODEM - ok
08:50:20.0188 2736 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
08:50:20.0250 2736 bthserv - ok
08:50:20.0344 2736 [ 37F1BAEC39B505B3B51893A35C8337EA ] ccHP C:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
08:50:20.0375 2736 ccHP - ok
08:50:20.0406 2736 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:50:20.0469 2736 cdfs - ok
08:50:20.0500 2736 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
08:50:20.0531 2736 cdrom - ok
08:50:20.0578 2736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
08:50:20.0640 2736 CertPropSvc - ok
08:50:20.0734 2736 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
08:50:20.0749 2736 cfWiMAXService - ok
08:50:20.0765 2736 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
08:50:20.0796 2736 circlass - ok
08:50:20.0843 2736 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
08:50:20.0859 2736 CLFS - ok
08:50:20.0937 2736 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:20.0952 2736 clr_optimization_v2.0.50727_32 - ok
08:50:20.0983 2736 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:50:20.0999 2736 clr_optimization_v2.0.50727_64 - ok
08:50:21.0077 2736 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:50:21.0264 2736 clr_optimization_v4.0.30319_32 - ok
08:50:21.0264 2736 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:50:21.0405 2736 clr_optimization_v4.0.30319_64 - ok
08:50:21.0436 2736 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
08:50:21.0467 2736 CmBatt - ok
08:50:21.0498 2736 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
08:50:21.0514 2736 cmdide - ok
08:50:21.0576 2736 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
08:50:21.0592 2736 CNG - ok
08:50:21.0639 2736 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
08:50:21.0654 2736 Compbatt - ok
08:50:21.0701 2736 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
08:50:21.0732 2736 CompositeBus - ok
08:50:21.0732 2736 COMSysApp - ok
08:50:21.0779 2736 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
08:50:21.0779 2736 ConfigFree Gadget Service - ok
08:50:21.0810 2736 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
08:50:21.0826 2736 ConfigFree Service - ok
08:50:21.0857 2736 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
08:50:21.0857 2736 crcdisk - ok
08:50:21.0904 2736 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
08:50:21.0951 2736 CryptSvc - ok
08:50:22.0013 2736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
08:50:22.0107 2736 DcomLaunch - ok
08:50:22.0138 2736 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
08:50:22.0185 2736 defragsvc - ok
08:50:22.0231 2736 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:50:22.0278 2736 DfsC - ok
08:50:22.0325 2736 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
08:50:22.0387 2736 Dhcp - ok
08:50:22.0419 2736 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
08:50:22.0465 2736 discache - ok
08:50:22.0512 2736 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
08:50:22.0528 2736 Disk - ok
08:50:22.0575 2736 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:50:22.0621 2736 Dnscache - ok
08:50:22.0668 2736 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
08:50:22.0715 2736 dot3svc - ok
08:50:22.0777 2736 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
08:50:22.0824 2736 DPS - ok
08:50:22.0871 2736 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:50:22.0902 2736 drmkaud - ok
08:50:22.0965 2736 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:50:22.0996 2736 DXGKrnl - ok
08:50:23.0027 2736 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
08:50:23.0074 2736 EapHost - ok
08:50:23.0183 2736 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
08:50:23.0323 2736 ebdrv - ok
08:50:23.0401 2736 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:50:23.0417 2736 eeCtrl - ok
08:50:23.0448 2736 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
08:50:23.0479 2736 EFS - ok
08:50:23.0589 2736 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:50:23.0651 2736 ehRecvr - ok
08:50:23.0682 2736 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
08:50:23.0713 2736 ehSched - ok
08:50:23.0776 2736 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
08:50:23.0791 2736 elxstor - ok
08:50:23.0838 2736 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
08:50:23.0869 2736 EPSON_EB_RPCV4_04 - ok
08:50:23.0901 2736 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
08:50:23.0916 2736 EPSON_PM_RPCV4_04 - ok
08:50:24.0010 2736 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:50:24.0010 2736 EraserUtilRebootDrv - ok
08:50:24.0057 2736 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
08:50:24.0088 2736 ErrDev - ok
08:50:24.0150 2736 esgiguard - ok
08:50:24.0213 2736 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
08:50:24.0275 2736 EventSystem - ok
08:50:24.0306 2736 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
08:50:24.0369 2736 exfat - ok
08:50:24.0400 2736 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
08:50:24.0462 2736 fastfat - ok
08:50:24.0509 2736 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
08:50:24.0540 2736 Fax - ok
08:50:24.0571 2736 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
08:50:24.0603 2736 fdc - ok
08:50:24.0634 2736 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
08:50:24.0712 2736 fdPHost - ok
08:50:24.0727 2736 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
08:50:24.0774 2736 FDResPub - ok
08:50:24.0805 2736 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:50:24.0821 2736 FileInfo - ok
08:50:24.0837 2736 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:50:24.0899 2736 Filetrace - ok
08:50:24.0946 2736 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:50:24.0961 2736 FLEXnet Licensing Service - ok
08:50:25.0024 2736 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:50:25.0039 2736 FLEXnet Licensing Service 64 - ok
08:50:25.0071 2736 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
08:50:25.0102 2736 flpydisk - ok
08:50:25.0133 2736 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:50:25.0149 2736 FltMgr - ok
08:50:25.0211 2736 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
08:50:25.0258 2736 FontCache - ok
08:50:25.0336 2736 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:50:25.0336 2736 FontCache3.0.0.0 - ok
08:50:25.0367 2736 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:50:25.0383 2736 FsDepends - ok
08:50:25.0414 2736 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
08:50:25.0429 2736 fssfltr - ok
08:50:25.0539 2736 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:50:25.0570 2736 fsssvc - ok
08:50:25.0632 2736 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:50:25.0648 2736 Fs_Rec - ok
08:50:25.0695 2736 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:50:25.0726 2736 fvevol - ok
08:50:25.0741 2736 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
08:50:25.0757 2736 gagp30kx - ok
08:50:25.0819 2736 [ 4FBCCBDD99A75C9EFBC90392CF32AF61 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
08:50:25.0819 2736 GameConsoleService - ok
08:50:25.0866 2736 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:50:25.0882 2736 GEARAspiWDM - ok
08:50:25.0913 2736 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
08:50:25.0975 2736 gpsvc - ok
08:50:26.0069 2736 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:26.0069 2736 gupdate - ok
08:50:26.0085 2736 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:26.0085 2736 gupdatem - ok
08:50:26.0147 2736 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:50:26.0163 2736 gusvc - ok
08:50:26.0194 2736 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:50:26.0225 2736 hcw85cir - ok
08:50:26.0256 2736 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:50:26.0303 2736 HdAudAddService - ok
08:50:26.0334 2736 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
08:50:26.0365 2736 HDAudBus - ok
08:50:26.0397 2736 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
08:50:26.0443 2736 HidBatt - ok
08:50:26.0475 2736 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
08:50:26.0521 2736 HidBth - ok
08:50:26.0537 2736 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
08:50:26.0584 2736 HidIr - ok
08:50:26.0615 2736 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
08:50:26.0677 2736 hidserv - ok
08:50:26.0709 2736 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
08:50:26.0724 2736 HidUsb - ok
08:50:26.0755 2736 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
08:50:26.0818 2736 hkmsvc - ok
08:50:26.0880 2736 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:50:26.0911 2736 HomeGroupListener - ok
08:50:26.0958 2736 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:50:26.0989 2736 HomeGroupProvider - ok
08:50:27.0021 2736 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:50:27.0021 2736 HpSAMD - ok
08:50:27.0067 2736 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:50:27.0145 2736 HTTP - ok
08:50:27.0177 2736 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:50:27.0192 2736 hwpolicy - ok
08:50:27.0223 2736 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
08:50:27.0239 2736 i8042prt - ok
08:50:27.0270 2736 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:50:27.0286 2736 iaStorV - ok
08:50:27.0348 2736 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:50:27.0379 2736 idsvc - ok
08:50:27.0535 2736 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120914.001\IDSvia64.sys
08:50:27.0629 2736 IDSVia64 - ok
08:50:27.0645 2736 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
08:50:27.0660 2736 iirsp - ok
08:50:27.0738 2736 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
08:50:27.0769 2736 IKEEXT - ok
08:50:27.0847 2736 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:50:27.0925 2736 IntcAzAudAddService - ok
08:50:27.0941 2736 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
08:50:27.0957 2736 intelide - ok
08:50:27.0988 2736 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:50:28.0019 2736 intelppm - ok
08:50:28.0050 2736 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:50:28.0097 2736 IPBusEnum - ok
08:50:28.0144 2736 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:50:28.0206 2736 IpFilterDriver - ok
08:50:28.0253 2736 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:50:28.0253 2736 IPMIDRV - ok
08:50:28.0284 2736 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:50:28.0331 2736 IPNAT - ok
08:50:28.0425 2736 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:50:28.0440 2736 iPod Service - ok
08:50:28.0487 2736 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
08:50:28.0549 2736 IRENUM - ok
08:50:28.0768 2736 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:50:28.0768 2736 isapnp - ok
08:50:28.0830 2736 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:50:28.0846 2736 iScsiPrt - ok
08:50:28.0893 2736 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
08:50:28.0893 2736 kbdclass - ok
08:50:28.0908 2736 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:50:28.0971 2736 kbdhid - ok
08:50:28.0986 2736 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
08:50:29.0002 2736 KeyIso - ok
08:50:29.0033 2736 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:50:29.0033 2736 KSecDD - ok
08:50:29.0080 2736 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:50:29.0095 2736 KSecPkg - ok
08:50:29.0111 2736 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:50:29.0158 2736 ksthunk - ok
08:50:29.0205 2736 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
08:50:29.0267 2736 KtmRm - ok
08:50:29.0314 2736 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
08:50:29.0361 2736 LanmanServer - ok
08:50:29.0423 2736 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:50:29.0470 2736 LanmanWorkstation - ok
08:50:29.0517 2736 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:50:29.0579 2736 lltdio - ok
08:50:29.0610 2736 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
08:50:29.0673 2736 lltdsvc - ok
08:50:29.0688 2736 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
08:50:29.0719 2736 lmhosts - ok
08:50:29.0751 2736 [ 16679269303613C4CE7C8FF03413410F ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
08:50:29.0766 2736 LPCFilter - ok
08:50:29.0782 2736 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
08:50:29.0797 2736 LSI_FC - ok
08:50:29.0829 2736 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
08:50:29.0844 2736 LSI_SAS - ok
08:50:29.0860 2736 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
08:50:29.0875 2736 LSI_SAS2 - ok
08:50:29.0891 2736 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
08:50:29.0907 2736 LSI_SCSI - ok
08:50:29.0938 2736 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
08:50:29.0985 2736 luafv - ok
08:50:30.0031 2736 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:50:30.0047 2736 Mcx2Svc - ok
08:50:30.0094 2736 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
08:50:30.0094 2736 megasas - ok
08:50:30.0125 2736 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
08:50:30.0141 2736 MegaSR - ok
08:50:30.0234 2736 Microsoft SharePoint Workspace Audit Service - ok
08:50:30.0250 2736 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
08:50:30.0312 2736 MMCSS - ok
08:50:30.0328 2736 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
08:50:30.0390 2736 Modem - ok
08:50:30.0421 2736 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:50:30.0453 2736 monitor - ok
08:50:30.0499 2736 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
08:50:30.0499 2736 mouclass - ok
08:50:30.0562 2736 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:50:30.0593 2736 mouhid - ok
08:50:30.0640 2736 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:50:30.0655 2736 mountmgr - ok
08:50:30.0702 2736 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
08:50:30.0718 2736 mpio - ok
08:50:30.0765 2736 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:50:30.0796 2736 mpsdrv - ok
08:50:30.0827 2736 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:50:30.0858 2736 MRxDAV - ok
08:50:30.0921 2736 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:50:31.0014 2736 mrxsmb - ok
08:50:31.0045 2736 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:50:31.0077 2736 mrxsmb10 - ok
08:50:31.0108 2736 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:50:31.0123 2736 mrxsmb20 - ok
08:50:31.0170 2736 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
08:50:31.0186 2736 msahci - ok
08:50:31.0217 2736 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:50:31.0233 2736 msdsm - ok
08:50:31.0264 2736 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
08:50:31.0295 2736 MSDTC - ok
08:50:31.0342 2736 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:50:31.0373 2736 Msfs - ok
08:50:31.0389 2736 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:50:31.0435 2736 mshidkmdf - ok
08:50:31.0482 2736 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:50:31.0498 2736 msisadrv - ok
08:50:31.0513 2736 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:50:31.0576 2736 MSiSCSI - ok
08:50:31.0591 2736 msiserver - ok
08:50:31.0623 2736 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:50:31.0669 2736 MSKSSRV - ok
08:50:31.0701 2736 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:50:31.0747 2736 MSPCLOCK - ok
08:50:31.0779 2736 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:50:31.0841 2736 MSPQM - ok
08:50:31.0888 2736 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:50:31.0903 2736 MsRPC - ok
08:50:31.0935 2736 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
08:50:31.0950 2736 mssmbios - ok
08:50:31.0981 2736 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:50:32.0044 2736 MSTEE - ok
08:50:32.0059 2736 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
08:50:32.0091 2736 MTConfig - ok
08:50:32.0122 2736 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
08:50:32.0122 2736 Mup - ok
08:50:32.0184 2736 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
08:50:32.0247 2736 napagent - ok
08:50:32.0309 2736 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:50:32.0356 2736 NativeWifiP - ok
08:50:32.0434 2736 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\ENG64.SYS
08:50:32.0434 2736 NAVENG - ok
08:50:32.0512 2736 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\EX64.SYS
08:50:32.0590 2736 NAVEX15 - ok
08:50:32.0637 2736 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
08:50:32.0668 2736 NDIS - ok
08:50:32.0699 2736 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:50:32.0746 2736 NdisCap - ok
08:50:32.0761 2736 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:50:32.0824 2736 NdisTapi - ok
08:50:32.0871 2736 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:50:32.0917 2736 Ndisuio - ok
08:50:32.0964 2736 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:50:33.0011 2736 NdisWan - ok
08:50:33.0042 2736 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:50:33.0073 2736 NDProxy - ok
08:50:33.0105 2736 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:50:33.0167 2736 NetBIOS - ok
08:50:33.0214 2736 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:50:33.0245 2736 NetBT - ok
08:50:33.0261 2736 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
08:50:33.0261 2736 Netlogon - ok
08:50:33.0292 2736 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
08:50:33.0354 2736 Netman - ok
08:50:33.0401 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0448 2736 NetMsmqActivator - ok
08:50:33.0463 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0479 2736 NetPipeActivator - ok
08:50:33.0526 2736 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
08:50:33.0588 2736 netprofm - ok
08:50:33.0635 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0651 2736 NetTcpActivator - ok
08:50:33.0651 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0666 2736 NetTcpPortSharing - ok
08:50:33.0697 2736 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
08:50:33.0713 2736 nfrd960 - ok
08:50:33.0791 2736 [ B4187346F54E362DAFFE647B25A58D50 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
08:50:33.0807 2736 NIS - ok
08:50:33.0853 2736 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
08:50:33.0900 2736 NlaSvc - ok
08:50:33.0931 2736 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
08:50:33.0963 2736 Npfs - ok
08:50:34.0009 2736 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
08:50:34.0072 2736 nsi - ok
08:50:34.0103 2736 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:50:34.0150 2736 nsiproxy - ok
08:50:34.0228 2736 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:50:34.0275 2736 Ntfs - ok
08:50:34.0290 2736 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
08:50:34.0321 2736 Null - ok
08:50:34.0337 2736 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
08:50:34.0353 2736 nvraid - ok
08:50:34.0399 2736 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
08:50:34.0415 2736 nvstor - ok
08:50:34.0462 2736 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:50:34.0477 2736 nv_agp - ok
08:50:34.0509 2736 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:50:34.0540 2736 ohci1394 - ok
08:50:34.0618 2736 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:50:34.0618 2736 ose - ok
08:50:34.0774 2736 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:50:35.0008 2736 osppsvc - ok
08:50:35.0070 2736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:50:35.0101 2736 p2pimsvc - ok
08:50:35.0133 2736 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
08:50:35.0148 2736 p2psvc - ok
08:50:35.0179 2736 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
08:50:35.0179 2736 Parport - ok
08:50:35.0211 2736 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
08:50:35.0226 2736 partmgr - ok
08:50:35.0242 2736 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
08:50:35.0289 2736 PcaSvc - ok
08:50:35.0320 2736 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
08:50:35.0335 2736 pci - ok
08:50:35.0351 2736 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
08:50:35.0367 2736 pciide - ok
08:50:35.0398 2736 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
08:50:35.0413 2736 pcmcia - ok
08:50:35.0429 2736 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
08:50:35.0445 2736 pcw - ok
08:50:35.0476 2736 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:50:35.0538 2736 PEAUTH - ok
08:50:35.0616 2736 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
08:50:35.0679 2736 PerfHost - ok
08:50:35.0725 2736 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
08:50:35.0741 2736 PGEffect - ok
08:50:35.0803 2736 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
08:50:35.0866 2736 pla - ok
08:50:35.0944 2736 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:50:35.0991 2736 PlugPlay - ok
08:50:36.0022 2736 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:50:36.0037 2736 PNRPAutoReg - ok
08:50:36.0069 2736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:50:36.0084 2736 PNRPsvc - ok
08:50:36.0131 2736 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:50:36.0178 2736 PolicyAgent - ok
08:50:36.0225 2736 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
08:50:36.0287 2736 Power - ok
08:50:36.0318 2736 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:50:36.0381 2736 PptpMiniport - ok
08:50:36.0412 2736 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
08:50:36.0443 2736 Processor - ok
08:50:36.0490 2736 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
08:50:36.0521 2736 ProfSvc - ok
08:50:36.0552 2736 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
08:50:36.0552 2736 ProtectedStorage - ok
08:50:36.0599 2736 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:50:36.0646 2736 Psched - ok
08:50:36.0708 2736 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
08:50:36.0755 2736 ql2300 - ok
08:50:36.0771 2736 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
08:50:36.0786 2736 ql40xx - ok
08:50:36.0864 2736 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
08:50:36.0895 2736 QWAVE - ok
08:50:36.0927 2736 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:50:36.0942 2736 QWAVEdrv - ok
08:50:36.0958 2736 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:50:37.0020 2736 RasAcd - ok
08:50:37.0067 2736 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:50:37.0098 2736 RasAgileVpn - ok
08:50:37.0114 2736 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
08:50:37.0176 2736 RasAuto - ok
08:50:37.0207 2736 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:50:37.0270 2736 Rasl2tp - ok
08:50:37.0301 2736 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
08:50:37.0348 2736 RasMan - ok
08:50:37.0379 2736 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:50:37.0426 2736 RasPppoe - ok
08:50:37.0457 2736 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:50:37.0504 2736 RasSstp - ok
08:50:37.0551 2736 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:50:37.0613 2736 rdbss - ok
08:50:37.0644 2736 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
08:50:37.0675 2736 rdpbus - ok
08:50:37.0691 2736 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:50:37.0753 2736 RDPCDD - ok
08:50:37.0785 2736 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:50:37.0831 2736 RDPENCDD - ok
08:50:37.0863 2736 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:50:37.0894 2736 RDPREFMP - ok
08:50:37.0941 2736 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:50:37.0956 2736 RDPWD - ok
08:50:37.0987 2736 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:50:38.0003 2736 rdyboost - ok
08:50:38.0050 2736 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
08:50:38.0112 2736 RemoteAccess - ok
08:50:38.0190 2736 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:50:38.0221 2736 RemoteRegistry - ok
08:50:38.0237 2736 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:50:38.0299 2736 RpcEptMapper - ok
08:50:38.0331 2736 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
08:50:38.0362 2736 RpcLocator - ok
08:50:38.0424 2736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
08:50:38.0455 2736 RpcSs - ok
08:50:38.0502 2736 RSELSVC - ok
08:50:38.0533 2736 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:50:38.0580 2736 rspndr - ok
08:50:38.0627 2736 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
08:50:38.0658 2736 RSUSBSTOR - ok
08:50:38.0705 2736 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:50:38.0752 2736 RTL8167 - ok
08:50:38.0799 2736 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
08:50:38.0814 2736 rtl8192se - ok
08:50:38.0830 2736 RtsUIR - ok
08:50:38.0845 2736 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
08:50:38.0861 2736 SamSs - ok
08:50:38.0923 2736 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:50:38.0939 2736 sbp2port - ok
08:50:38.0970 2736 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
08:50:39.0033 2736 SCardSvr - ok
08:50:39.0064 2736 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:50:39.0095 2736 scfilter - ok
08:50:39.0142 2736 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
08:50:39.0204 2736 Schedule - ok
08:50:39.0251 2736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
08:50:39.0282 2736 SCPolicySvc - ok
08:50:39.0329 2736 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:50:39.0360 2736 SDRSVC - ok
08:50:39.0407 2736 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:50:39.0438 2736 secdrv - ok
08:50:39.0485 2736 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
08:50:39.0532 2736 seclogon - ok
08:50:39.0579 2736 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
08:50:39.0641 2736 SENS - ok
08:50:39.0657 2736 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
08:50:39.0688 2736 SensrSvc - ok
08:50:39.0703 2736 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
08:50:39.0750 2736 Serenum - ok
08:50:39.0781 2736 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
08:50:39.0797 2736 Serial - ok
08:50:39.0828 2736 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
08:50:39.0844 2736 sermouse - ok
08:50:39.0891 2736 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
08:50:39.0937 2736 SessionEnv - ok
08:50:39.0984 2736 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:50:40.0015 2736 sffdisk - ok
08:50:40.0047 2736 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:50:40.0093 2736 sffp_mmc - ok
08:50:40.0109 2736 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:50:40.0140 2736 sffp_sd - ok
08:50:40.0171 2736 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
08:50:40.0218 2736 sfloppy - ok
08:50:40.0265 2736 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:50:40.0327 2736 ShellHWDetection - ok
08:50:40.0374 2736 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
08:50:40.0374 2736 SiSRaid2 - ok
08:50:40.0405 2736 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
08:50:40.0421 2736 SiSRaid4 - ok
08:50:40.0546 2736 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:50:40.0546 2736 SkypeUpdate - ok
08:50:40.0577 2736 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:50:40.0608 2736 Smb - ok
08:50:40.0639 2736 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:50:40.0671 2736 SNMPTRAP - ok
08:50:40.0717 2736 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
08:50:40.0717 2736 spldr - ok
08:50:40.0780 2736 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
08:50:40.0795 2736 Spooler - ok
08:50:40.0889 2736 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
08:50:41.0029 2736 sppsvc - ok
08:50:41.0092 2736 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:50:41.0123 2736 sppuinotify - ok
08:50:41.0232 2736 [ 96BABC4906ECDB1C69D1176F8647AD8E ] SRTSP C:\windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
08:50:41.0248 2736 SRTSP - ok
08:50:41.0263 2736 [ C7F491A290E0E4222F5CDCD50EEB8167 ] SRTSPX C:\windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
08:50:41.0279 2736 SRTSPX - ok
08:50:41.0326 2736 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
08:50:41.0373 2736 srv - ok
08:50:41.0404 2736 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:50:41.0451 2736 srv2 - ok
08:50:41.0466 2736 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:50:41.0482 2736 srvnet - ok
08:50:41.0529 2736 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:50:41.0575 2736 SSDPSRV - ok
08:50:41.0591 2736 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
08:50:41.0622 2736 SstpSvc - ok
08:50:41.0653 2736 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
08:50:41.0653 2736 stexstor - ok
08:50:41.0716 2736 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
08:50:41.0763 2736 stisvc - ok
08:50:41.0794 2736 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
08:50:41.0809 2736 swenum - ok
08:50:41.0950 2736 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
08:50:42.0075 2736 swprv - ok
08:50:42.0121 2736 [ 659B227A72B76115975A6A9491B2FE1F ] SymDS C:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
08:50:42.0137 2736 SymDS - ok
08:50:42.0184 2736 [ 9F5783A4A03D0091CDBDAA858B566926 ] SymEFA C:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
08:50:42.0199 2736 SymEFA - ok
08:50:42.0231 2736 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
08:50:42.0231 2736 SymEvent - ok
08:50:42.0293 2736 [ F57588546E738DB1583981D8F44E9BC2 ] SymIRON C:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
08:50:42.0293 2736 SymIRON - ok
08:50:42.0324 2736 [ 3ADFB72F0797AE3832509FE030755E21 ] SYMTDIv C:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
08:50:42.0340 2736 SYMTDIv - ok
08:50:42.0371 2736 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:50:42.0387 2736 SynTP - ok
08:50:42.0465 2736 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
08:50:42.0527 2736 SysMain - ok
08:50:42.0589 2736 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
08:50:42.0621 2736 TabletInputService - ok
08:50:42.0652 2736 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
08:50:42.0714 2736 TapiSrv - ok
08:50:42.0745 2736 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
08:50:42.0777 2736 TBS - ok
08:50:42.0855 2736 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:50:42.0901 2736 Tcpip - ok
08:50:42.0948 2736 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:50:42.0979 2736 TCPIP6 - ok
08:50:43.0042 2736 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:50:43.0089 2736 tcpipreg - ok
08:50:43.0120 2736 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:50:43.0135 2736 tdcmdpst - ok
08:50:43.0151 2736 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:50:43.0182 2736 TDPIPE - ok
08:50:43.0229 2736 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:50:43.0260 2736 TDTCP - ok
08:50:43.0307 2736 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:50:43.0354 2736 tdx - ok
08:50:43.0385 2736 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
08:50:43.0401 2736 TermDD - ok
08:50:43.0432 2736 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
08:50:43.0479 2736 TermService - ok
08:50:43.0525 2736 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
08:50:43.0572 2736 Themes - ok
08:50:43.0603 2736 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
08:50:43.0635 2736 THREADORDER - ok
08:50:43.0697 2736 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:50:43.0728 2736 TMachInfo - ok
08:50:43.0759 2736 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
08:50:43.0759 2736 TODDSrv - ok
08:50:43.0806 2736 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:50:43.0837 2736 TosCoSrv - ok
08:50:43.0884 2736 [ 707800855AFBD7648375EFB1519B8D6D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:50:43.0900 2736 TOSHIBA eco Utility Service - ok
08:50:43.0931 2736 [ EDA12E9BC9A0F104C24101720EEC4785 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:50:43.0947 2736 TOSHIBA HDD SSD Alert Service - ok
08:50:43.0978 2736 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
08:50:43.0993 2736 tos_sps64 - ok
08:50:44.0071 2736 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:50:44.0087 2736 TPCHSrv - ok
08:50:44.0134 2736 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
08:50:44.0181 2736 TrkWks - ok
08:50:44.0227 2736 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:50:44.0290 2736 TrustedInstaller - ok
08:50:44.0321 2736 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:50:44.0368 2736 tssecsrv - ok
08:50:44.0415 2736 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:50:44.0446 2736 TsUsbFlt - ok
08:50:44.0493 2736 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:50:44.0539 2736 tunnel - ok
08:50:44.0586 2736 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:50:44.0602 2736 TVALZ - ok
08:50:44.0633 2736 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:50:44.0649 2736 TVALZFL - ok
08:50:44.0695 2736 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
08:50:44.0711 2736 uagp35 - ok
08:50:44.0758 2736 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:50:44.0820 2736 udfs - ok
08:50:44.0867 2736 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:50:44.0883 2736 UI0Detect - ok
08:50:44.0914 2736 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:50:44.0929 2736 uliagpkx - ok
08:50:44.0961 2736 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
08:50:44.0992 2736 umbus - ok
08:50:45.0023 2736 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
08:50:45.0054 2736 UmPass - ok
08:50:45.0101 2736 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
08:50:45.0132 2736 upnphost - ok
08:50:45.0163 2736 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
08:50:45.0195 2736 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
08:50:45.0195 2736 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
08:50:45.0241 2736 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:50:45.0304 2736 usbccgp - ok
08:50:45.0335 2736 USBCCID - ok
08:50:45.0366 2736 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
08:50:45.0382 2736 usbcir - ok
08:50:45.0429 2736 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
08:50:45.0444 2736 usbehci - ok
08:50:45.0460 2736 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:50:45.0491 2736 usbhub - ok
08:50:45.0522 2736 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
08:50:45.0553 2736 usbohci - ok
08:50:45.0585 2736 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
08:50:45.0631 2736 usbprint - ok
08:50:45.0663 2736 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
08:50:45.0694 2736 usbscan - ok
08:50:45.0741 2736 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:50:45.0772 2736 USBSTOR - ok
08:50:45.0803 2736 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:50:45.0819 2736 usbuhci - ok
08:50:45.0865 2736 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
08:50:45.0881 2736 usbvideo - ok
08:50:45.0912 2736 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
08:50:45.0959 2736 UxSms - ok
08:50:45.0975 2736 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
08:50:45.0990 2736 VaultSvc - ok
08:50:46.0037 2736 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:50:46.0037 2736 vdrvroot - ok
08:50:46.0099 2736 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
08:50:46.0146 2736 vds - ok
08:50:46.0177 2736 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:50:46.0193 2736 vga - ok
08:50:46.0209 2736 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
08:50:46.0255 2736 VgaSave - ok
08:50:46.0302 2736 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:50:46.0318 2736 vhdmp - ok
08:50:46.0333 2736 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
08:50:46.0349 2736 viaide - ok
08:50:46.0365 2736 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:50:46.0380 2736 volmgr - ok
08:50:46.0427 2736 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:50:46.0443 2736 volmgrx - ok
08:50:46.0489 2736 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
08:50:46.0505 2736 volsnap - ok
08:50:46.0536 2736 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
08:50:46.0552 2736 vsmraid - ok
08:50:46.0630 2736 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
08:50:46.0692 2736 VSS - ok
08:50:46.0739 2736 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:50:46.0770 2736 vwifibus - ok
08:50:46.0801 2736 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:50:46.0833 2736 vwififlt - ok
08:50:46.0864 2736 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:50:46.0895 2736 vwifimp - ok
08:50:46.0942 2736 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
08:50:46.0989 2736 W32Time - ok
08:50:47.0004 2736 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
08:50:47.0035 2736 WacomPen - ok
08:50:47.0082 2736 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:50:47.0145 2736 WANARP - ok
08:50:47.0145 2736 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:50:47.0176 2736 Wanarpv6 - ok
08:50:47.0238 2736 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:50:47.0269 2736 WatAdminSvc - ok
08:50:47.0332 2736 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
08:50:47.0363 2736 wbengine - ok
08:50:47.0394 2736 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:50:47.0410 2736 WbioSrvc - ok
08:50:47.0457 2736 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
08:50:47.0472 2736 wcncsvc - ok
08:50:47.0519 2736 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:50:47.0519 2736 WcsPlugInService - ok
08:50:47.0550 2736 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
08:50:47.0566 2736 Wd - ok
08:50:47.0597 2736 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:50:47.0613 2736 Wdf01000 - ok
08:50:47.0628 2736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
08:50:47.0675 2736 WdiServiceHost - ok
08:50:47.0675 2736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
08:50:47.0691 2736 WdiSystemHost - ok
08:50:47.0737 2736 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
08:50:47.0769 2736 WebClient - ok
08:50:47.0815 2736 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
08:50:47.0847 2736 Wecsvc - ok
08:50:47.0878 2736 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:50:47.0925 2736 wercplsupport - ok
08:50:47.0971 2736 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
08:50:48.0034 2736 WerSvc - ok
08:50:48.0065 2736 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:50:48.0096 2736 WfpLwf - ok
08:50:48.0112 2736 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:50:48.0127 2736 WIMMount - ok
08:50:48.0159 2736 WinHttpAutoProxySvc - ok
08:50:48.0190 2736 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:50:48.0252 2736 Winmgmt - ok
08:50:48.0330 2736 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
08:50:48.0424 2736 WinRM - ok
08:50:48.0471 2736 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
08:50:48.0502 2736 WinUsb - ok
08:50:48.0580 2736 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
08:50:48.0627 2736 Wlansvc - ok
08:50:48.0705 2736 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:50:48.0720 2736 wlcrasvc - ok
08:50:48.0829 2736 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:50:48.0954 2736 wlidsvc - ok
08:50:48.0970 2736 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:50:49.0017 2736 WmiAcpi - ok
08:50:49.0048 2736 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:50:49.0079 2736 wmiApSrv - ok
08:50:49.0126 2736 WMPNetworkSvc - ok
08:50:49.0188 2736 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
08:50:49.0204 2736 WMZuneComm - ok
08:50:49.0219 2736 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
08:50:49.0235 2736 WPCSvc - ok
08:50:49.0282 2736 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:50:49.0282 2736 WPDBusEnum - ok
08:50:49.0329 2736 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:50:49.0360 2736 ws2ifsl - ok
08:50:49.0391 2736 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
08:50:49.0422 2736 WSDPrintDevice - ok
08:50:49.0469 2736 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
08:50:49.0485 2736 WSDScan - ok
08:50:49.0485 2736 WSearch - ok
08:50:49.0516 2736 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:50:49.0563 2736 WudfPf - ok
08:50:49.0609 2736 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:50:49.0672 2736 WUDFRd - ok
08:50:49.0703 2736 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:50:49.0734 2736 wudfsvc - ok
08:50:49.0765 2736 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
08:50:49.0812 2736 WwanSvc - ok
08:50:49.0906 2736 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:50:49.0921 2736 YahooAUService - ok
08:50:50.0124 2736 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
08:50:50.0421 2736 ZuneNetworkSvc - ok
08:50:50.0467 2736 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
08:50:50.0483 2736 ZuneWlanCfgSvc - ok
08:50:50.0499 2736 ================ Scan global ===============================
08:50:50.0561 2736 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
08:50:50.0608 2736 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:50:50.0623 2736 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:50:50.0639 2736 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
08:50:50.0686 2736 [ 014A9CB92514E27C0107614DF764BC06 ] C:\windows\system32\services.exe
08:50:50.0686 2736 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
08:50:50.0686 2736 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
08:50:50.0686 2736 ================ Scan MBR ==================================
08:50:50.0701 2736 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
08:50:50.0717 2736 Suspicious mbr (Forged): \Device\Harddisk0\DR0
08:50:50.0764 2736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
08:50:50.0764 2736 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
08:50:50.0795 2736 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:50:50.0795 2736 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:50:50.0795 2736 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR2
08:50:51.0466 2736 \Device\Harddisk1\DR2 - ok
08:50:51.0466 2736 ================ Scan VBR ==================================
08:50:51.0481 2736 [ 97C9AD973F7BC30BB325429C5183FCCC ] \Device\Harddisk0\DR0\Partition1
08:50:51.0481 2736 \Device\Harddisk0\DR0\Partition1 - ok
08:50:51.0497 2736 [ 0BB139AE08E7CECE540E0EC3D0C7AC9C ] \Device\Harddisk1\DR2\Partition1
08:50:51.0497 2736 \Device\Harddisk1\DR2\Partition1 - ok
08:50:51.0497 2736 ============================================================
08:50:51.0497 2736 Scan finished
08:50:51.0497 2736 ============================================================
08:50:51.0513 3000 Detected object count: 4
08:50:51.0513 3000 Actual detected object count: 4
08:54:18.0931 3000 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
08:54:18.0931 3000 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:54:19.0024 3000 C:\windows\system32\services.exe - copied to quarantine
08:54:19.0726 3000 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
08:54:19.0726 3000 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
08:54:20.0335 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@ - copied to quarantine
08:54:20.0335 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\L\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:58.0383 3000 Backup copy found, using it..
08:54:58.0414 3000 C:\windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
08:54:58.0414 3000 C:\windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@ - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\n - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0477 3000 C:\windows\system32\services.exe - will be cured on reboot
08:54:58.0477 3000 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
08:54:59.0288 3000 \Device\Harddisk0\DR0\# - copied to quarantine
08:54:59.0288 3000 \Device\Harddisk0\DR0 - copied to quarantine
08:54:59.0381 3000 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:54:59.0381 3000 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:54:59.0397 3000 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
08:54:59.0397 3000 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:54:59.0444 3000 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
08:54:59.0475 3000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
08:54:59.0475 3000 \Device\Harddisk0\DR0 - ok
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip08:49:06.0790 2168 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:49:06.0821 2168 ============================================================
08:49:06.0821 2168 Current date / time: 2012/09/22 08:49:06.0821
08:49:06.0821 2168 SystemInfo:
08:49:06.0821 2168
08:49:06.0821 2168 OS Version: 6.1.7601 ServicePack: 1.0
08:49:06.0821 2168 Product type: Workstation
08:49:06.0821 2168 ComputerName: TVG-PC
08:49:06.0821 2168 UserName: TVG
08:49:06.0821 2168 Windows directory: C:\windows
08:49:06.0821 2168 System windows directory: C:\windows
08:49:06.0821 2168 Running under WOW64
08:49:06.0821 2168 Processor architecture: Intel x64
08:49:06.0821 2168 Number of processors: 2
08:49:06.0821 2168 Page size: 0x1000
08:49:06.0821 2168 Boot type: Safe boot with network
08:49:06.0821 2168 ============================================================
08:49:08.0256 2168 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:49:08.0256 2168 Drive \Device\Harddisk1\DR2 - Size: 0x1DDB60000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:49:08.0256 2168 ============================================================
08:49:08.0256 2168 \Device\Harddisk0\DR0:
08:49:08.0256 2168 MBR partitions:
08:49:08.0256 2168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F65800
08:49:08.0256 2168 \Device\Harddisk1\DR2:
08:49:08.0256 2168 MBR partitions:
08:49:08.0256 2168 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEEBB80
08:49:08.0256 2168 ============================================================
08:49:08.0287 2168 C: <-> \Device\Harddisk0\DR0\Partition1
08:49:08.0287 2168 ============================================================
08:49:08.0287 2168 Initialize success
08:49:08.0287 2168 ============================================================
08:50:14.0665 2736 ============================================================
08:50:14.0665 2736 Scan started
08:50:14.0665 2736 Mode: Manual; SigCheck; TDLFS;
08:50:14.0665 2736 ============================================================
08:50:14.0915 2736 ================ Scan system memory ========================
08:50:14.0915 2736 System memory - ok
08:50:14.0915 2736 ================ Scan services =============================
08:50:15.0087 2736 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:50:15.0274 2736 1394ohci - ok
08:50:15.0336 2736 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:50:15.0352 2736 ACPI - ok
08:50:15.0399 2736 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:50:15.0477 2736 AcpiPmi - ok
08:50:15.0508 2736 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\windows\system32\drivers\adfs.sys
08:50:15.0523 2736 adfs - ok
08:50:15.0586 2736 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
08:50:15.0601 2736 adp94xx - ok
08:50:15.0617 2736 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
08:50:15.0633 2736 adpahci - ok
08:50:15.0679 2736 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
08:50:15.0695 2736 adpu320 - ok
08:50:15.0757 2736 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:50:15.0898 2736 AeLookupSvc - ok
08:50:15.0945 2736 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
08:50:16.0007 2736 AFD - ok
08:50:16.0069 2736 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
08:50:16.0132 2736 AgereModemAudio - ok
08:50:16.0179 2736 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
08:50:16.0225 2736 AgereSoftModem - ok
08:50:16.0272 2736 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
08:50:16.0272 2736 agp440 - ok
08:50:16.0319 2736 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
08:50:16.0366 2736 ALG - ok
08:50:16.0397 2736 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
08:50:16.0413 2736 aliide - ok
08:50:16.0444 2736 [ 98A2774D3F18C107874C8C1163EBE484 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
08:50:16.0522 2736 AMD External Events Utility - ok
08:50:16.0569 2736 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
08:50:16.0569 2736 amdide - ok
08:50:16.0600 2736 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
08:50:16.0631 2736 AmdK8 - ok
08:50:16.0647 2736 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
08:50:16.0693 2736 AmdPPM - ok
08:50:16.0725 2736 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:50:16.0740 2736 amdsata - ok
08:50:16.0771 2736 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
08:50:16.0787 2736 amdsbs - ok
08:50:16.0803 2736 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:50:16.0818 2736 amdxata - ok
08:50:16.0849 2736 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
08:50:17.0005 2736 AppID - ok
08:50:17.0021 2736 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:50:17.0083 2736 AppIDSvc - ok
08:50:17.0115 2736 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
08:50:17.0161 2736 Appinfo - ok
08:50:17.0286 2736 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:50:17.0302 2736 Apple Mobile Device - ok
08:50:17.0395 2736 [ 0805ECF10476A091999E4D59D0DB71A2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
08:50:17.0427 2736 Application Updater - ok
08:50:17.0458 2736 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
08:50:17.0473 2736 arc - ok
08:50:17.0489 2736 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
08:50:17.0505 2736 arcsas - ok
08:50:17.0629 2736 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:50:17.0645 2736 aspnet_state - ok
08:50:17.0676 2736 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:50:17.0739 2736 AsyncMac - ok
08:50:17.0754 2736 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
08:50:17.0770 2736 atapi - ok
08:50:17.0910 2736 [ 173F4C05F87085E9BDA3F7037BC9F40E ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
08:50:18.0082 2736 atikmdag - ok
08:50:18.0129 2736 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
08:50:18.0129 2736 AtiPcie - ok
08:50:18.0175 2736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:50:18.0253 2736 AudioEndpointBuilder - ok
08:50:18.0300 2736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
08:50:18.0331 2736 AudioSrv - ok
08:50:18.0378 2736 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
08:50:18.0409 2736 AxInstSV - ok
08:50:18.0456 2736 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
08:50:18.0487 2736 b06bdrv - ok
08:50:18.0519 2736 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:50:18.0581 2736 b57nd60a - ok
08:50:18.0753 2736 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:50:18.0846 2736 BBSvc - ok
08:50:18.0909 2736 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:50:18.0924 2736 BBUpdate - ok
08:50:18.0971 2736 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
08:50:19.0002 2736 BDESVC - ok
08:50:19.0049 2736 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
08:50:19.0096 2736 Beep - ok
08:50:19.0299 2736 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120803.001\BHDrvx64.sys
08:50:19.0470 2736 BHDrvx64 - ok
08:50:19.0501 2736 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
08:50:19.0517 2736 blbdrive - ok
08:50:19.0595 2736 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:50:19.0611 2736 Bonjour Service - ok
08:50:19.0642 2736 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:50:19.0673 2736 bowser - ok
08:50:19.0704 2736 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
08:50:19.0735 2736 BrFiltLo - ok
08:50:19.0751 2736 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
08:50:19.0767 2736 BrFiltUp - ok
08:50:19.0813 2736 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
08:50:19.0845 2736 Browser - ok
08:50:19.0891 2736 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:50:19.0923 2736 Brserid - ok
08:50:19.0969 2736 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:50:20.0001 2736 BrSerWdm - ok
08:50:20.0047 2736 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:50:20.0079 2736 BrUsbMdm - ok
08:50:20.0079 2736 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:50:20.0094 2736 BrUsbSer - ok
08:50:20.0125 2736 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
08:50:20.0141 2736 BTHMODEM - ok
08:50:20.0188 2736 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
08:50:20.0250 2736 bthserv - ok
08:50:20.0344 2736 [ 37F1BAEC39B505B3B51893A35C8337EA ] ccHP C:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
08:50:20.0375 2736 ccHP - ok
08:50:20.0406 2736 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:50:20.0469 2736 cdfs - ok
08:50:20.0500 2736 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
08:50:20.0531 2736 cdrom - ok
08:50:20.0578 2736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
08:50:20.0640 2736 CertPropSvc - ok
08:50:20.0734 2736 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
08:50:20.0749 2736 cfWiMAXService - ok
08:50:20.0765 2736 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
08:50:20.0796 2736 circlass - ok
08:50:20.0843 2736 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
08:50:20.0859 2736 CLFS - ok
08:50:20.0937 2736 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:20.0952 2736 clr_optimization_v2.0.50727_32 - ok
08:50:20.0983 2736 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:50:20.0999 2736 clr_optimization_v2.0.50727_64 - ok
08:50:21.0077 2736 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:50:21.0264 2736 clr_optimization_v4.0.30319_32 - ok
08:50:21.0264 2736 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:50:21.0405 2736 clr_optimization_v4.0.30319_64 - ok
08:50:21.0436 2736 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
08:50:21.0467 2736 CmBatt - ok
08:50:21.0498 2736 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
08:50:21.0514 2736 cmdide - ok
08:50:21.0576 2736 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
08:50:21.0592 2736 CNG - ok
08:50:21.0639 2736 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
08:50:21.0654 2736 Compbatt - ok
08:50:21.0701 2736 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
08:50:21.0732 2736 CompositeBus - ok
08:50:21.0732 2736 COMSysApp - ok
08:50:21.0779 2736 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
08:50:21.0779 2736 ConfigFree Gadget Service - ok
08:50:21.0810 2736 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
08:50:21.0826 2736 ConfigFree Service - ok
08:50:21.0857 2736 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
08:50:21.0857 2736 crcdisk - ok
08:50:21.0904 2736 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
08:50:21.0951 2736 CryptSvc - ok
08:50:22.0013 2736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
08:50:22.0107 2736 DcomLaunch - ok
08:50:22.0138 2736 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
08:50:22.0185 2736 defragsvc - ok
08:50:22.0231 2736 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:50:22.0278 2736 DfsC - ok
08:50:22.0325 2736 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
08:50:22.0387 2736 Dhcp - ok
08:50:22.0419 2736 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
08:50:22.0465 2736 discache - ok
08:50:22.0512 2736 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
08:50:22.0528 2736 Disk - ok
08:50:22.0575 2736 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:50:22.0621 2736 Dnscache - ok
08:50:22.0668 2736 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
08:50:22.0715 2736 dot3svc - ok
08:50:22.0777 2736 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
08:50:22.0824 2736 DPS - ok
08:50:22.0871 2736 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:50:22.0902 2736 drmkaud - ok
08:50:22.0965 2736 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:50:22.0996 2736 DXGKrnl - ok
08:50:23.0027 2736 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
08:50:23.0074 2736 EapHost - ok
08:50:23.0183 2736 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
08:50:23.0323 2736 ebdrv - ok
08:50:23.0401 2736 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:50:23.0417 2736 eeCtrl - ok
08:50:23.0448 2736 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
08:50:23.0479 2736 EFS - ok
08:50:23.0589 2736 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:50:23.0651 2736 ehRecvr - ok
08:50:23.0682 2736 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
08:50:23.0713 2736 ehSched - ok
08:50:23.0776 2736 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
08:50:23.0791 2736 elxstor - ok
08:50:23.0838 2736 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
08:50:23.0869 2736 EPSON_EB_RPCV4_04 - ok
08:50:23.0901 2736 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
08:50:23.0916 2736 EPSON_PM_RPCV4_04 - ok
08:50:24.0010 2736 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:50:24.0010 2736 EraserUtilRebootDrv - ok
08:50:24.0057 2736 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
08:50:24.0088 2736 ErrDev - ok
08:50:24.0150 2736 esgiguard - ok
08:50:24.0213 2736 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
08:50:24.0275 2736 EventSystem - ok
08:50:24.0306 2736 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
08:50:24.0369 2736 exfat - ok
08:50:24.0400 2736 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
08:50:24.0462 2736 fastfat - ok
08:50:24.0509 2736 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
08:50:24.0540 2736 Fax - ok
08:50:24.0571 2736 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
08:50:24.0603 2736 fdc - ok
08:50:24.0634 2736 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
08:50:24.0712 2736 fdPHost - ok
08:50:24.0727 2736 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
08:50:24.0774 2736 FDResPub - ok
08:50:24.0805 2736 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:50:24.0821 2736 FileInfo - ok
08:50:24.0837 2736 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:50:24.0899 2736 Filetrace - ok
08:50:24.0946 2736 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:50:24.0961 2736 FLEXnet Licensing Service - ok
08:50:25.0024 2736 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:50:25.0039 2736 FLEXnet Licensing Service 64 - ok
08:50:25.0071 2736 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
08:50:25.0102 2736 flpydisk - ok
08:50:25.0133 2736 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:50:25.0149 2736 FltMgr - ok
08:50:25.0211 2736 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
08:50:25.0258 2736 FontCache - ok
08:50:25.0336 2736 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:50:25.0336 2736 FontCache3.0.0.0 - ok
08:50:25.0367 2736 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:50:25.0383 2736 FsDepends - ok
08:50:25.0414 2736 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
08:50:25.0429 2736 fssfltr - ok
08:50:25.0539 2736 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:50:25.0570 2736 fsssvc - ok
08:50:25.0632 2736 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:50:25.0648 2736 Fs_Rec - ok
08:50:25.0695 2736 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:50:25.0726 2736 fvevol - ok
08:50:25.0741 2736 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
08:50:25.0757 2736 gagp30kx - ok
08:50:25.0819 2736 [ 4FBCCBDD99A75C9EFBC90392CF32AF61 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
08:50:25.0819 2736 GameConsoleService - ok
08:50:25.0866 2736 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:50:25.0882 2736 GEARAspiWDM - ok
08:50:25.0913 2736 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
08:50:25.0975 2736 gpsvc - ok
08:50:26.0069 2736 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:26.0069 2736 gupdate - ok
08:50:26.0085 2736 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:26.0085 2736 gupdatem - ok
08:50:26.0147 2736 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:50:26.0163 2736 gusvc - ok
08:50:26.0194 2736 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:50:26.0225 2736 hcw85cir - ok
08:50:26.0256 2736 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:50:26.0303 2736 HdAudAddService - ok
08:50:26.0334 2736 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
08:50:26.0365 2736 HDAudBus - ok
08:50:26.0397 2736 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
08:50:26.0443 2736 HidBatt - ok
08:50:26.0475 2736 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
08:50:26.0521 2736 HidBth - ok
08:50:26.0537 2736 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
08:50:26.0584 2736 HidIr - ok
08:50:26.0615 2736 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
08:50:26.0677 2736 hidserv - ok
08:50:26.0709 2736 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
08:50:26.0724 2736 HidUsb - ok
08:50:26.0755 2736 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
08:50:26.0818 2736 hkmsvc - ok
08:50:26.0880 2736 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:50:26.0911 2736 HomeGroupListener - ok
08:50:26.0958 2736 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:50:26.0989 2736 HomeGroupProvider - ok
08:50:27.0021 2736 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:50:27.0021 2736 HpSAMD - ok
08:50:27.0067 2736 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:50:27.0145 2736 HTTP - ok
08:50:27.0177 2736 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:50:27.0192 2736 hwpolicy - ok
08:50:27.0223 2736 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
08:50:27.0239 2736 i8042prt - ok
08:50:27.0270 2736 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:50:27.0286 2736 iaStorV - ok
08:50:27.0348 2736 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:50:27.0379 2736 idsvc - ok
08:50:27.0535 2736 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120914.001\IDSvia64.sys
08:50:27.0629 2736 IDSVia64 - ok
08:50:27.0645 2736 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
08:50:27.0660 2736 iirsp - ok
08:50:27.0738 2736 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
08:50:27.0769 2736 IKEEXT - ok
08:50:27.0847 2736 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:50:27.0925 2736 IntcAzAudAddService - ok
08:50:27.0941 2736 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
08:50:27.0957 2736 intelide - ok
08:50:27.0988 2736 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:50:28.0019 2736 intelppm - ok
08:50:28.0050 2736 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:50:28.0097 2736 IPBusEnum - ok
08:50:28.0144 2736 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:50:28.0206 2736 IpFilterDriver - ok
08:50:28.0253 2736 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:50:28.0253 2736 IPMIDRV - ok
08:50:28.0284 2736 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:50:28.0331 2736 IPNAT - ok
08:50:28.0425 2736 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:50:28.0440 2736 iPod Service - ok
08:50:28.0487 2736 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
08:50:28.0549 2736 IRENUM - ok
08:50:28.0768 2736 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:50:28.0768 2736 isapnp - ok
08:50:28.0830 2736 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:50:28.0846 2736 iScsiPrt - ok
08:50:28.0893 2736 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
08:50:28.0893 2736 kbdclass - ok
08:50:28.0908 2736 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:50:28.0971 2736 kbdhid - ok
08:50:28.0986 2736 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
08:50:29.0002 2736 KeyIso - ok
08:50:29.0033 2736 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:50:29.0033 2736 KSecDD - ok
08:50:29.0080 2736 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:50:29.0095 2736 KSecPkg - ok
08:50:29.0111 2736 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:50:29.0158 2736 ksthunk - ok
08:50:29.0205 2736 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
08:50:29.0267 2736 KtmRm - ok
08:50:29.0314 2736 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
08:50:29.0361 2736 LanmanServer - ok
08:50:29.0423 2736 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:50:29.0470 2736 LanmanWorkstation - ok
08:50:29.0517 2736 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:50:29.0579 2736 lltdio - ok
08:50:29.0610 2736 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
08:50:29.0673 2736 lltdsvc - ok
08:50:29.0688 2736 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
08:50:29.0719 2736 lmhosts - ok
08:50:29.0751 2736 [ 16679269303613C4CE7C8FF03413410F ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
08:50:29.0766 2736 LPCFilter - ok
08:50:29.0782 2736 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
08:50:29.0797 2736 LSI_FC - ok
08:50:29.0829 2736 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
08:50:29.0844 2736 LSI_SAS - ok
08:50:29.0860 2736 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
08:50:29.0875 2736 LSI_SAS2 - ok
08:50:29.0891 2736 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
08:50:29.0907 2736 LSI_SCSI - ok
08:50:29.0938 2736 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
08:50:29.0985 2736 luafv - ok
08:50:30.0031 2736 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:50:30.0047 2736 Mcx2Svc - ok
08:50:30.0094 2736 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
08:50:30.0094 2736 megasas - ok
08:50:30.0125 2736 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
08:50:30.0141 2736 MegaSR - ok
08:50:30.0234 2736 Microsoft SharePoint Workspace Audit Service - ok
08:50:30.0250 2736 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
08:50:30.0312 2736 MMCSS - ok
08:50:30.0328 2736 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
08:50:30.0390 2736 Modem - ok
08:50:30.0421 2736 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:50:30.0453 2736 monitor - ok
08:50:30.0499 2736 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
08:50:30.0499 2736 mouclass - ok
08:50:30.0562 2736 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:50:30.0593 2736 mouhid - ok
08:50:30.0640 2736 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:50:30.0655 2736 mountmgr - ok
08:50:30.0702 2736 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
08:50:30.0718 2736 mpio - ok
08:50:30.0765 2736 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:50:30.0796 2736 mpsdrv - ok
08:50:30.0827 2736 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:50:30.0858 2736 MRxDAV - ok
08:50:30.0921 2736 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:50:31.0014 2736 mrxsmb - ok
08:50:31.0045 2736 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:50:31.0077 2736 mrxsmb10 - ok
08:50:31.0108 2736 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:50:31.0123 2736 mrxsmb20 - ok
08:50:31.0170 2736 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
08:50:31.0186 2736 msahci - ok
08:50:31.0217 2736 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:50:31.0233 2736 msdsm - ok
08:50:31.0264 2736 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
08:50:31.0295 2736 MSDTC - ok
08:50:31.0342 2736 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:50:31.0373 2736 Msfs - ok
08:50:31.0389 2736 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:50:31.0435 2736 mshidkmdf - ok
08:50:31.0482 2736 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:50:31.0498 2736 msisadrv - ok
08:50:31.0513 2736 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:50:31.0576 2736 MSiSCSI - ok
08:50:31.0591 2736 msiserver - ok
08:50:31.0623 2736 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:50:31.0669 2736 MSKSSRV - ok
08:50:31.0701 2736 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:50:31.0747 2736 MSPCLOCK - ok
08:50:31.0779 2736 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:50:31.0841 2736 MSPQM - ok
08:50:31.0888 2736 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:50:31.0903 2736 MsRPC - ok
08:50:31.0935 2736 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
08:50:31.0950 2736 mssmbios - ok
08:50:31.0981 2736 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:50:32.0044 2736 MSTEE - ok
08:50:32.0059 2736 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
08:50:32.0091 2736 MTConfig - ok
08:50:32.0122 2736 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
08:50:32.0122 2736 Mup - ok
08:50:32.0184 2736 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
08:50:32.0247 2736 napagent - ok
08:50:32.0309 2736 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:50:32.0356 2736 NativeWifiP - ok
08:50:32.0434 2736 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\ENG64.SYS
08:50:32.0434 2736 NAVENG - ok
08:50:32.0512 2736 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120915.008\EX64.SYS
08:50:32.0590 2736 NAVEX15 - ok
08:50:32.0637 2736 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
08:50:32.0668 2736 NDIS - ok
08:50:32.0699 2736 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:50:32.0746 2736 NdisCap - ok
08:50:32.0761 2736 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:50:32.0824 2736 NdisTapi - ok
08:50:32.0871 2736 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:50:32.0917 2736 Ndisuio - ok
08:50:32.0964 2736 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:50:33.0011 2736 NdisWan - ok
08:50:33.0042 2736 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:50:33.0073 2736 NDProxy - ok
08:50:33.0105 2736 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:50:33.0167 2736 NetBIOS - ok
08:50:33.0214 2736 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:50:33.0245 2736 NetBT - ok
08:50:33.0261 2736 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
08:50:33.0261 2736 Netlogon - ok
08:50:33.0292 2736 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
08:50:33.0354 2736 Netman - ok
08:50:33.0401 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0448 2736 NetMsmqActivator - ok
08:50:33.0463 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0479 2736 NetPipeActivator - ok
08:50:33.0526 2736 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
08:50:33.0588 2736 netprofm - ok
08:50:33.0635 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0651 2736 NetTcpActivator - ok
08:50:33.0651 2736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:33.0666 2736 NetTcpPortSharing - ok
08:50:33.0697 2736 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
08:50:33.0713 2736 nfrd960 - ok
08:50:33.0791 2736 [ B4187346F54E362DAFFE647B25A58D50 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
08:50:33.0807 2736 NIS - ok
08:50:33.0853 2736 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
08:50:33.0900 2736 NlaSvc - ok
08:50:33.0931 2736 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
08:50:33.0963 2736 Npfs - ok
08:50:34.0009 2736 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
08:50:34.0072 2736 nsi - ok
08:50:34.0103 2736 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:50:34.0150 2736 nsiproxy - ok
08:50:34.0228 2736 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:50:34.0275 2736 Ntfs - ok
08:50:34.0290 2736 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
08:50:34.0321 2736 Null - ok
08:50:34.0337 2736 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
08:50:34.0353 2736 nvraid - ok
08:50:34.0399 2736 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
08:50:34.0415 2736 nvstor - ok
08:50:34.0462 2736 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:50:34.0477 2736 nv_agp - ok
08:50:34.0509 2736 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:50:34.0540 2736 ohci1394 - ok
08:50:34.0618 2736 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:50:34.0618 2736 ose - ok
08:50:34.0774 2736 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:50:35.0008 2736 osppsvc - ok
08:50:35.0070 2736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:50:35.0101 2736 p2pimsvc - ok
08:50:35.0133 2736 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
08:50:35.0148 2736 p2psvc - ok
08:50:35.0179 2736 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
08:50:35.0179 2736 Parport - ok
08:50:35.0211 2736 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
08:50:35.0226 2736 partmgr - ok
08:50:35.0242 2736 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
08:50:35.0289 2736 PcaSvc - ok
08:50:35.0320 2736 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
08:50:35.0335 2736 pci - ok
08:50:35.0351 2736 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
08:50:35.0367 2736 pciide - ok
08:50:35.0398 2736 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
08:50:35.0413 2736 pcmcia - ok
08:50:35.0429 2736 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
08:50:35.0445 2736 pcw - ok
08:50:35.0476 2736 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:50:35.0538 2736 PEAUTH - ok
08:50:35.0616 2736 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
08:50:35.0679 2736 PerfHost - ok
08:50:35.0725 2736 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
08:50:35.0741 2736 PGEffect - ok
08:50:35.0803 2736 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
08:50:35.0866 2736 pla - ok
08:50:35.0944 2736 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:50:35.0991 2736 PlugPlay - ok
08:50:36.0022 2736 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:50:36.0037 2736 PNRPAutoReg - ok
08:50:36.0069 2736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:50:36.0084 2736 PNRPsvc - ok
08:50:36.0131 2736 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:50:36.0178 2736 PolicyAgent - ok
08:50:36.0225 2736 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
08:50:36.0287 2736 Power - ok
08:50:36.0318 2736 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:50:36.0381 2736 PptpMiniport - ok
08:50:36.0412 2736 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
08:50:36.0443 2736 Processor - ok
08:50:36.0490 2736 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
08:50:36.0521 2736 ProfSvc - ok
08:50:36.0552 2736 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
08:50:36.0552 2736 ProtectedStorage - ok
08:50:36.0599 2736 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:50:36.0646 2736 Psched - ok
08:50:36.0708 2736 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
08:50:36.0755 2736 ql2300 - ok
08:50:36.0771 2736 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
08:50:36.0786 2736 ql40xx - ok
08:50:36.0864 2736 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
08:50:36.0895 2736 QWAVE - ok
08:50:36.0927 2736 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:50:36.0942 2736 QWAVEdrv - ok
08:50:36.0958 2736 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:50:37.0020 2736 RasAcd - ok
08:50:37.0067 2736 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:50:37.0098 2736 RasAgileVpn - ok
08:50:37.0114 2736 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
08:50:37.0176 2736 RasAuto - ok
08:50:37.0207 2736 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:50:37.0270 2736 Rasl2tp - ok
08:50:37.0301 2736 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
08:50:37.0348 2736 RasMan - ok
08:50:37.0379 2736 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:50:37.0426 2736 RasPppoe - ok
08:50:37.0457 2736 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:50:37.0504 2736 RasSstp - ok
08:50:37.0551 2736 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:50:37.0613 2736 rdbss - ok
08:50:37.0644 2736 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
08:50:37.0675 2736 rdpbus - ok
08:50:37.0691 2736 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:50:37.0753 2736 RDPCDD - ok
08:50:37.0785 2736 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:50:37.0831 2736 RDPENCDD - ok
08:50:37.0863 2736 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:50:37.0894 2736 RDPREFMP - ok
08:50:37.0941 2736 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:50:37.0956 2736 RDPWD - ok
08:50:37.0987 2736 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:50:38.0003 2736 rdyboost - ok
08:50:38.0050 2736 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
08:50:38.0112 2736 RemoteAccess - ok
08:50:38.0190 2736 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:50:38.0221 2736 RemoteRegistry - ok
08:50:38.0237 2736 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:50:38.0299 2736 RpcEptMapper - ok
08:50:38.0331 2736 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
08:50:38.0362 2736 RpcLocator - ok
08:50:38.0424 2736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
08:50:38.0455 2736 RpcSs - ok
08:50:38.0502 2736 RSELSVC - ok
08:50:38.0533 2736 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:50:38.0580 2736 rspndr - ok
08:50:38.0627 2736 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
08:50:38.0658 2736 RSUSBSTOR - ok
08:50:38.0705 2736 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:50:38.0752 2736 RTL8167 - ok
08:50:38.0799 2736 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
08:50:38.0814 2736 rtl8192se - ok
08:50:38.0830 2736 RtsUIR - ok
08:50:38.0845 2736 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
08:50:38.0861 2736 SamSs - ok
08:50:38.0923 2736 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:50:38.0939 2736 sbp2port - ok
08:50:38.0970 2736 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
08:50:39.0033 2736 SCardSvr - ok
08:50:39.0064 2736 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:50:39.0095 2736 scfilter - ok
08:50:39.0142 2736 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
08:50:39.0204 2736 Schedule - ok
08:50:39.0251 2736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
08:50:39.0282 2736 SCPolicySvc - ok
08:50:39.0329 2736 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:50:39.0360 2736 SDRSVC - ok
08:50:39.0407 2736 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:50:39.0438 2736 secdrv - ok
08:50:39.0485 2736 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
08:50:39.0532 2736 seclogon - ok
08:50:39.0579 2736 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
08:50:39.0641 2736 SENS - ok
08:50:39.0657 2736 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
08:50:39.0688 2736 SensrSvc - ok
08:50:39.0703 2736 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
08:50:39.0750 2736 Serenum - ok
08:50:39.0781 2736 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
08:50:39.0797 2736 Serial - ok
08:50:39.0828 2736 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
08:50:39.0844 2736 sermouse - ok
08:50:39.0891 2736 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
08:50:39.0937 2736 SessionEnv - ok
08:50:39.0984 2736 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:50:40.0015 2736 sffdisk - ok
08:50:40.0047 2736 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:50:40.0093 2736 sffp_mmc - ok
08:50:40.0109 2736 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:50:40.0140 2736 sffp_sd - ok
08:50:40.0171 2736 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
08:50:40.0218 2736 sfloppy - ok
08:50:40.0265 2736 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:50:40.0327 2736 ShellHWDetection - ok
08:50:40.0374 2736 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
08:50:40.0374 2736 SiSRaid2 - ok
08:50:40.0405 2736 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
08:50:40.0421 2736 SiSRaid4 - ok
08:50:40.0546 2736 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:50:40.0546 2736 SkypeUpdate - ok
08:50:40.0577 2736 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:50:40.0608 2736 Smb - ok
08:50:40.0639 2736 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:50:40.0671 2736 SNMPTRAP - ok
08:50:40.0717 2736 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
08:50:40.0717 2736 spldr - ok
08:50:40.0780 2736 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
08:50:40.0795 2736 Spooler - ok
08:50:40.0889 2736 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
08:50:41.0029 2736 sppsvc - ok
08:50:41.0092 2736 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:50:41.0123 2736 sppuinotify - ok
08:50:41.0232 2736 [ 96BABC4906ECDB1C69D1176F8647AD8E ] SRTSP C:\windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
08:50:41.0248 2736 SRTSP - ok
08:50:41.0263 2736 [ C7F491A290E0E4222F5CDCD50EEB8167 ] SRTSPX C:\windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
08:50:41.0279 2736 SRTSPX - ok
08:50:41.0326 2736 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
08:50:41.0373 2736 srv - ok
08:50:41.0404 2736 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:50:41.0451 2736 srv2 - ok
08:50:41.0466 2736 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:50:41.0482 2736 srvnet - ok
08:50:41.0529 2736 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:50:41.0575 2736 SSDPSRV - ok
08:50:41.0591 2736 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
08:50:41.0622 2736 SstpSvc - ok
08:50:41.0653 2736 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
08:50:41.0653 2736 stexstor - ok
08:50:41.0716 2736 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
08:50:41.0763 2736 stisvc - ok
08:50:41.0794 2736 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
08:50:41.0809 2736 swenum - ok
08:50:41.0950 2736 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
08:50:42.0075 2736 swprv - ok
08:50:42.0121 2736 [ 659B227A72B76115975A6A9491B2FE1F ] SymDS C:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
08:50:42.0137 2736 SymDS - ok
08:50:42.0184 2736 [ 9F5783A4A03D0091CDBDAA858B566926 ] SymEFA C:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
08:50:42.0199 2736 SymEFA - ok
08:50:42.0231 2736 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
08:50:42.0231 2736 SymEvent - ok
08:50:42.0293 2736 [ F57588546E738DB1583981D8F44E9BC2 ] SymIRON C:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
08:50:42.0293 2736 SymIRON - ok
08:50:42.0324 2736 [ 3ADFB72F0797AE3832509FE030755E21 ] SYMTDIv C:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
08:50:42.0340 2736 SYMTDIv - ok
08:50:42.0371 2736 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:50:42.0387 2736 SynTP - ok
08:50:42.0465 2736 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
08:50:42.0527 2736 SysMain - ok
08:50:42.0589 2736 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
08:50:42.0621 2736 TabletInputService - ok
08:50:42.0652 2736 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
08:50:42.0714 2736 TapiSrv - ok
08:50:42.0745 2736 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
08:50:42.0777 2736 TBS - ok
08:50:42.0855 2736 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:50:42.0901 2736 Tcpip - ok
08:50:42.0948 2736 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:50:42.0979 2736 TCPIP6 - ok
08:50:43.0042 2736 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:50:43.0089 2736 tcpipreg - ok
08:50:43.0120 2736 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:50:43.0135 2736 tdcmdpst - ok
08:50:43.0151 2736 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:50:43.0182 2736 TDPIPE - ok
08:50:43.0229 2736 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:50:43.0260 2736 TDTCP - ok
08:50:43.0307 2736 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:50:43.0354 2736 tdx - ok
08:50:43.0385 2736 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
08:50:43.0401 2736 TermDD - ok
08:50:43.0432 2736 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
08:50:43.0479 2736 TermService - ok
08:50:43.0525 2736 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
08:50:43.0572 2736 Themes - ok
08:50:43.0603 2736 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
08:50:43.0635 2736 THREADORDER - ok
08:50:43.0697 2736 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:50:43.0728 2736 TMachInfo - ok
08:50:43.0759 2736 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
08:50:43.0759 2736 TODDSrv - ok
08:50:43.0806 2736 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:50:43.0837 2736 TosCoSrv - ok
08:50:43.0884 2736 [ 707800855AFBD7648375EFB1519B8D6D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:50:43.0900 2736 TOSHIBA eco Utility Service - ok
08:50:43.0931 2736 [ EDA12E9BC9A0F104C24101720EEC4785 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:50:43.0947 2736 TOSHIBA HDD SSD Alert Service - ok
08:50:43.0978 2736 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
08:50:43.0993 2736 tos_sps64 - ok
08:50:44.0071 2736 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:50:44.0087 2736 TPCHSrv - ok
08:50:44.0134 2736 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
08:50:44.0181 2736 TrkWks - ok
08:50:44.0227 2736 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:50:44.0290 2736 TrustedInstaller - ok
08:50:44.0321 2736 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:50:44.0368 2736 tssecsrv - ok
08:50:44.0415 2736 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:50:44.0446 2736 TsUsbFlt - ok
08:50:44.0493 2736 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:50:44.0539 2736 tunnel - ok
08:50:44.0586 2736 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:50:44.0602 2736 TVALZ - ok
08:50:44.0633 2736 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:50:44.0649 2736 TVALZFL - ok
08:50:44.0695 2736 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
08:50:44.0711 2736 uagp35 - ok
08:50:44.0758 2736 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:50:44.0820 2736 udfs - ok
08:50:44.0867 2736 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:50:44.0883 2736 UI0Detect - ok
08:50:44.0914 2736 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:50:44.0929 2736 uliagpkx - ok
08:50:44.0961 2736 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
08:50:44.0992 2736 umbus - ok
08:50:45.0023 2736 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
08:50:45.0054 2736 UmPass - ok
08:50:45.0101 2736 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
08:50:45.0132 2736 upnphost - ok
08:50:45.0163 2736 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
08:50:45.0195 2736 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
08:50:45.0195 2736 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
08:50:45.0241 2736 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:50:45.0304 2736 usbccgp - ok
08:50:45.0335 2736 USBCCID - ok
08:50:45.0366 2736 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
08:50:45.0382 2736 usbcir - ok
08:50:45.0429 2736 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
08:50:45.0444 2736 usbehci - ok
08:50:45.0460 2736 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:50:45.0491 2736 usbhub - ok
08:50:45.0522 2736 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
08:50:45.0553 2736 usbohci - ok
08:50:45.0585 2736 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
08:50:45.0631 2736 usbprint - ok
08:50:45.0663 2736 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
08:50:45.0694 2736 usbscan - ok
08:50:45.0741 2736 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:50:45.0772 2736 USBSTOR - ok
08:50:45.0803 2736 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:50:45.0819 2736 usbuhci - ok
08:50:45.0865 2736 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
08:50:45.0881 2736 usbvideo - ok
08:50:45.0912 2736 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
08:50:45.0959 2736 UxSms - ok
08:50:45.0975 2736 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
08:50:45.0990 2736 VaultSvc - ok
08:50:46.0037 2736 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:50:46.0037 2736 vdrvroot - ok
08:50:46.0099 2736 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
08:50:46.0146 2736 vds - ok
08:50:46.0177 2736 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:50:46.0193 2736 vga - ok
08:50:46.0209 2736 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
08:50:46.0255 2736 VgaSave - ok
08:50:46.0302 2736 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:50:46.0318 2736 vhdmp - ok
08:50:46.0333 2736 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
08:50:46.0349 2736 viaide - ok
08:50:46.0365 2736 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:50:46.0380 2736 volmgr - ok
08:50:46.0427 2736 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:50:46.0443 2736 volmgrx - ok
08:50:46.0489 2736 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
08:50:46.0505 2736 volsnap - ok
08:50:46.0536 2736 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
08:50:46.0552 2736 vsmraid - ok
08:50:46.0630 2736 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
08:50:46.0692 2736 VSS - ok
08:50:46.0739 2736 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:50:46.0770 2736 vwifibus - ok
08:50:46.0801 2736 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:50:46.0833 2736 vwififlt - ok
08:50:46.0864 2736 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:50:46.0895 2736 vwifimp - ok
08:50:46.0942 2736 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
08:50:46.0989 2736 W32Time - ok
08:50:47.0004 2736 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
08:50:47.0035 2736 WacomPen - ok
08:50:47.0082 2736 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:50:47.0145 2736 WANARP - ok
08:50:47.0145 2736 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:50:47.0176 2736 Wanarpv6 - ok
08:50:47.0238 2736 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:50:47.0269 2736 WatAdminSvc - ok
08:50:47.0332 2736 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
08:50:47.0363 2736 wbengine - ok
08:50:47.0394 2736 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:50:47.0410 2736 WbioSrvc - ok
08:50:47.0457 2736 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
08:50:47.0472 2736 wcncsvc - ok
08:50:47.0519 2736 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:50:47.0519 2736 WcsPlugInService - ok
08:50:47.0550 2736 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
08:50:47.0566 2736 Wd - ok
08:50:47.0597 2736 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:50:47.0613 2736 Wdf01000 - ok
08:50:47.0628 2736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
08:50:47.0675 2736 WdiServiceHost - ok
08:50:47.0675 2736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
08:50:47.0691 2736 WdiSystemHost - ok
08:50:47.0737 2736 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
08:50:47.0769 2736 WebClient - ok
08:50:47.0815 2736 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
08:50:47.0847 2736 Wecsvc - ok
08:50:47.0878 2736 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:50:47.0925 2736 wercplsupport - ok
08:50:47.0971 2736 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
08:50:48.0034 2736 WerSvc - ok
08:50:48.0065 2736 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:50:48.0096 2736 WfpLwf - ok
08:50:48.0112 2736 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:50:48.0127 2736 WIMMount - ok
08:50:48.0159 2736 WinHttpAutoProxySvc - ok
08:50:48.0190 2736 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:50:48.0252 2736 Winmgmt - ok
08:50:48.0330 2736 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
08:50:48.0424 2736 WinRM - ok
08:50:48.0471 2736 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
08:50:48.0502 2736 WinUsb - ok
08:50:48.0580 2736 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
08:50:48.0627 2736 Wlansvc - ok
08:50:48.0705 2736 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:50:48.0720 2736 wlcrasvc - ok
08:50:48.0829 2736 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:50:48.0954 2736 wlidsvc - ok
08:50:48.0970 2736 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:50:49.0017 2736 WmiAcpi - ok
08:50:49.0048 2736 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:50:49.0079 2736 wmiApSrv - ok
08:50:49.0126 2736 WMPNetworkSvc - ok
08:50:49.0188 2736 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
08:50:49.0204 2736 WMZuneComm - ok
08:50:49.0219 2736 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
08:50:49.0235 2736 WPCSvc - ok
08:50:49.0282 2736 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:50:49.0282 2736 WPDBusEnum - ok
08:50:49.0329 2736 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:50:49.0360 2736 ws2ifsl - ok
08:50:49.0391 2736 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
08:50:49.0422 2736 WSDPrintDevice - ok
08:50:49.0469 2736 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
08:50:49.0485 2736 WSDScan - ok
08:50:49.0485 2736 WSearch - ok
08:50:49.0516 2736 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:50:49.0563 2736 WudfPf - ok
08:50:49.0609 2736 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:50:49.0672 2736 WUDFRd - ok
08:50:49.0703 2736 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:50:49.0734 2736 wudfsvc - ok
08:50:49.0765 2736 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
08:50:49.0812 2736 WwanSvc - ok
08:50:49.0906 2736 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:50:49.0921 2736 YahooAUService - ok
08:50:50.0124 2736 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
08:50:50.0421 2736 ZuneNetworkSvc - ok
08:50:50.0467 2736 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
08:50:50.0483 2736 ZuneWlanCfgSvc - ok
08:50:50.0499 2736 ================ Scan global ===============================
08:50:50.0561 2736 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
08:50:50.0608 2736 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:50:50.0623 2736 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:50:50.0639 2736 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
08:50:50.0686 2736 [ 014A9CB92514E27C0107614DF764BC06 ] C:\windows\system32\services.exe
08:50:50.0686 2736 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
08:50:50.0686 2736 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
08:50:50.0686 2736 ================ Scan MBR ==================================
08:50:50.0701 2736 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
08:50:50.0717 2736 Suspicious mbr (Forged): \Device\Harddisk0\DR0
08:50:50.0764 2736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
08:50:50.0764 2736 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
08:50:50.0795 2736 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:50:50.0795 2736 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:50:50.0795 2736 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR2
08:50:51.0466 2736 \Device\Harddisk1\DR2 - ok
08:50:51.0466 2736 ================ Scan VBR ==================================
08:50:51.0481 2736 [ 97C9AD973F7BC30BB325429C5183FCCC ] \Device\Harddisk0\DR0\Partition1
08:50:51.0481 2736 \Device\Harddisk0\DR0\Partition1 - ok
08:50:51.0497 2736 [ 0BB139AE08E7CECE540E0EC3D0C7AC9C ] \Device\Harddisk1\DR2\Partition1
08:50:51.0497 2736 \Device\Harddisk1\DR2\Partition1 - ok
08:50:51.0497 2736 ============================================================
08:50:51.0497 2736 Scan finished
08:50:51.0497 2736 ============================================================
08:50:51.0513 3000 Detected object count: 4
08:50:51.0513 3000 Actual detected object count: 4
08:54:18.0931 3000 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
08:54:18.0931 3000 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:54:19.0024 3000 C:\windows\system32\services.exe - copied to quarantine
08:54:19.0726 3000 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
08:54:19.0726 3000 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
08:54:20.0335 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@ - copied to quarantine
08:54:20.0335 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\L\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0350 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:20.0366 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - copied to quarantine
08:54:58.0383 3000 Backup copy found, using it..
08:54:58.0414 3000 C:\windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
08:54:58.0414 3000 C:\windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\@ - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\n - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0461 3000 C:\windows\installer\{92fa28bf-84db-e36c-4a5c-94c008f958a7}\U\[email protected] - will be deleted on reboot
08:54:58.0477 3000 C:\windows\system32\services.exe - will be cured on reboot
08:54:58.0477 3000 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
08:54:59.0288 3000 \Device\Harddisk0\DR0\# - copied to quarantine
08:54:59.0288 3000 \Device\Harddisk0\DR0 - copied to quarantine
08:54:59.0381 3000 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:54:59.0381 3000 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:54:59.0397 3000 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
08:54:59.0397 3000 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:54:59.0413 3000 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:54:59.0428 3000 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:54:59.0444 3000 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
08:54:59.0475 3000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
08:54:59.0475 3000 \Device\Harddisk0\DR0 - ok
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:54:59.0834 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Re-run TDSSKiller with the same parameters
Then when this element appears select delete :

\Device\Harddisk0\DR0 ( TDSS File System )

On completion please retry Combofix
  • 0

Advertisements


#11
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Here are the new results from Tdsskiller.

19:13:50.0812 5760 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:13:52.0824 5760 ============================================================
19:13:52.0824 5760 Current date / time: 2012/09/22 19:13:52.0824
19:13:52.0824 5760 SystemInfo:
19:13:52.0824 5760
19:13:52.0824 5760 OS Version: 6.1.7601 ServicePack: 1.0
19:13:52.0824 5760 Product type: Workstation
19:13:52.0824 5760 ComputerName: TVG-PC
19:13:52.0824 5760 UserName: TVG
19:13:52.0824 5760 Windows directory: C:\windows
19:13:52.0824 5760 System windows directory: C:\windows
19:13:52.0824 5760 Running under WOW64
19:13:52.0824 5760 Processor architecture: Intel x64
19:13:52.0824 5760 Number of processors: 2
19:13:52.0824 5760 Page size: 0x1000
19:13:52.0824 5760 Boot type: Normal boot
19:13:52.0824 5760 ============================================================
19:13:54.0338 5760 BG loaded
19:13:54.0837 5760 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:13:54.0852 5760 ============================================================
19:13:54.0852 5760 \Device\Harddisk0\DR0:
19:13:54.0852 5760 MBR partitions:
19:13:54.0852 5760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F65800
19:13:54.0852 5760 ============================================================
19:13:54.0868 5760 C: <-> \Device\Harddisk0\DR0\Partition1
19:13:54.0868 5760 ============================================================
19:13:54.0868 5760 Initialize success
19:13:54.0868 5760 ============================================================
19:14:22.0527 5884 ============================================================
19:14:22.0527 5884 Scan started
19:14:22.0527 5884 Mode: Manual; SigCheck; TDLFS;
19:14:22.0527 5884 ============================================================
19:14:23.0837 5884 ================ Scan system memory ========================
19:14:23.0837 5884 System memory - ok
19:14:23.0837 5884 ================ Scan services =============================
19:14:24.0024 5884 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:14:24.0165 5884 1394ohci - ok
19:14:24.0212 5884 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:14:24.0243 5884 ACPI - ok
19:14:24.0274 5884 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:14:24.0399 5884 AcpiPmi - ok
19:14:24.0446 5884 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\windows\system32\drivers\adfs.sys
19:14:24.0477 5884 adfs - ok
19:14:24.0539 5884 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:14:24.0570 5884 adp94xx - ok
19:14:24.0586 5884 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:14:24.0617 5884 adpahci - ok
19:14:24.0633 5884 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:14:24.0648 5884 adpu320 - ok
19:14:24.0711 5884 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:14:24.0851 5884 AeLookupSvc - ok
19:14:24.0898 5884 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:14:25.0023 5884 AFD - ok
19:14:25.0085 5884 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
19:14:25.0179 5884 AgereModemAudio - ok
19:14:25.0241 5884 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
19:14:25.0335 5884 AgereSoftModem - ok
19:14:25.0366 5884 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:14:25.0413 5884 agp440 - ok
19:14:25.0444 5884 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:14:25.0538 5884 ALG - ok
19:14:25.0569 5884 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:14:25.0584 5884 aliide - ok
19:14:25.0616 5884 [ 98A2774D3F18C107874C8C1163EBE484 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
19:14:25.0709 5884 AMD External Events Utility - ok
19:14:25.0756 5884 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:14:25.0803 5884 amdide - ok
19:14:25.0834 5884 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
19:14:25.0912 5884 AmdK8 - ok
19:14:25.0928 5884 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
19:14:25.0974 5884 AmdPPM - ok
19:14:26.0006 5884 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:14:26.0021 5884 amdsata - ok
19:14:26.0068 5884 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
19:14:26.0115 5884 amdsbs - ok
19:14:26.0146 5884 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:14:26.0193 5884 amdxata - ok
19:14:26.0224 5884 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:14:26.0411 5884 AppID - ok
19:14:26.0442 5884 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:14:26.0583 5884 AppIDSvc - ok
19:14:26.0630 5884 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:14:26.0692 5884 Appinfo - ok
19:14:26.0817 5884 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:14:26.0879 5884 Apple Mobile Device - ok
19:14:26.0973 5884 [ 0805ECF10476A091999E4D59D0DB71A2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
19:14:27.0051 5884 Application Updater - ok
19:14:27.0082 5884 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
19:14:27.0113 5884 arc - ok
19:14:27.0160 5884 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
19:14:27.0176 5884 arcsas - ok
19:14:27.0300 5884 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:14:27.0363 5884 aspnet_state - ok
19:14:27.0378 5884 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:14:27.0472 5884 AsyncMac - ok
19:14:27.0519 5884 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:14:27.0534 5884 atapi - ok
19:14:27.0690 5884 [ 173F4C05F87085E9BDA3F7037BC9F40E ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
19:14:27.0909 5884 atikmdag - ok
19:14:27.0956 5884 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
19:14:27.0971 5884 AtiPcie - ok
19:14:28.0034 5884 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:14:28.0158 5884 AudioEndpointBuilder - ok
19:14:28.0190 5884 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:14:28.0268 5884 AudioSrv - ok
19:14:28.0299 5884 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:14:28.0439 5884 AxInstSV - ok
19:14:28.0486 5884 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
19:14:28.0580 5884 b06bdrv - ok
19:14:28.0611 5884 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:14:28.0658 5884 b57nd60a - ok
19:14:28.0829 5884 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:14:28.0876 5884 BBSvc - ok
19:14:28.0970 5884 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:14:29.0032 5884 BBUpdate - ok
19:14:29.0063 5884 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:14:29.0188 5884 BDESVC - ok
19:14:29.0219 5884 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:14:29.0313 5884 Beep - ok
19:14:29.0500 5884 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
19:14:29.0578 5884 BHDrvx64 - ok
19:14:29.0594 5884 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:14:29.0640 5884 blbdrive - ok
19:14:29.0703 5884 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:14:29.0750 5884 Bonjour Service - ok
19:14:29.0796 5884 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:14:29.0828 5884 bowser - ok
19:14:29.0859 5884 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
19:14:29.0968 5884 BrFiltLo - ok
19:14:29.0999 5884 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
19:14:30.0015 5884 BrFiltUp - ok
19:14:30.0108 5884 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:14:30.0264 5884 Browser - ok
19:14:30.0311 5884 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:14:30.0389 5884 Brserid - ok
19:14:30.0405 5884 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:14:30.0436 5884 BrSerWdm - ok
19:14:30.0467 5884 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:14:30.0545 5884 BrUsbMdm - ok
19:14:30.0545 5884 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:14:30.0576 5884 BrUsbSer - ok
19:14:30.0608 5884 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:14:30.0686 5884 BTHMODEM - ok
19:14:30.0717 5884 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:14:30.0826 5884 bthserv - ok
19:14:30.0935 5884 [ 37F1BAEC39B505B3B51893A35C8337EA ] ccHP C:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
19:14:30.0982 5884 ccHP - ok
19:14:31.0013 5884 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:14:31.0076 5884 cdfs - ok
19:14:31.0107 5884 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
19:14:31.0154 5884 cdrom - ok
19:14:31.0216 5884 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:14:31.0310 5884 CertPropSvc - ok
19:14:31.0403 5884 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
19:14:31.0450 5884 cfWiMAXService - ok
19:14:31.0466 5884 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
19:14:31.0544 5884 circlass - ok
19:14:31.0559 5884 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:14:31.0606 5884 CLFS - ok
19:14:31.0668 5884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:14:31.0746 5884 clr_optimization_v2.0.50727_32 - ok
19:14:31.0793 5884 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:14:31.0824 5884 clr_optimization_v2.0.50727_64 - ok
19:14:31.0902 5884 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:14:31.0996 5884 clr_optimization_v4.0.30319_32 - ok
19:14:32.0027 5884 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:14:32.0105 5884 clr_optimization_v4.0.30319_64 - ok
19:14:32.0152 5884 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:14:32.0214 5884 CmBatt - ok
19:14:32.0246 5884 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:14:32.0277 5884 cmdide - ok
19:14:32.0308 5884 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
19:14:32.0355 5884 CNG - ok
19:14:32.0386 5884 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:14:32.0402 5884 Compbatt - ok
19:14:32.0448 5884 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
19:14:32.0526 5884 CompositeBus - ok
19:14:32.0526 5884 COMSysApp - ok
19:14:32.0573 5884 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
19:14:32.0620 5884 ConfigFree Gadget Service - ok
19:14:32.0636 5884 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
19:14:32.0667 5884 ConfigFree Service - ok
19:14:32.0698 5884 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
19:14:32.0760 5884 crcdisk - ok
19:14:32.0792 5884 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:14:32.0885 5884 CryptSvc - ok
19:14:32.0932 5884 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:14:33.0057 5884 DcomLaunch - ok
19:14:33.0104 5884 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:14:33.0197 5884 defragsvc - ok
19:14:33.0244 5884 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:14:33.0322 5884 DfsC - ok
19:14:33.0369 5884 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:14:33.0431 5884 Dhcp - ok
19:14:33.0478 5884 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:14:33.0634 5884 discache - ok
19:14:33.0681 5884 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
19:14:33.0728 5884 Disk - ok
19:14:33.0774 5884 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:14:33.0868 5884 Dnscache - ok
19:14:33.0899 5884 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:14:34.0040 5884 dot3svc - ok
19:14:34.0086 5884 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:14:34.0211 5884 DPS - ok
19:14:34.0242 5884 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:14:34.0320 5884 drmkaud - ok
19:14:34.0367 5884 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:14:34.0414 5884 DXGKrnl - ok
19:14:34.0445 5884 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:14:34.0523 5884 EapHost - ok
19:14:34.0632 5884 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
19:14:34.0773 5884 ebdrv - ok
19:14:34.0835 5884 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:14:34.0882 5884 eeCtrl - ok
19:14:34.0913 5884 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:14:34.0976 5884 EFS - ok
19:14:35.0054 5884 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:14:35.0163 5884 ehRecvr - ok
19:14:35.0225 5884 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:14:35.0568 5884 ehSched - ok
19:14:35.0631 5884 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:14:35.0678 5884 elxstor - ok
19:14:35.0724 5884 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
19:14:35.0818 5884 EPSON_EB_RPCV4_04 - ok
19:14:35.0834 5884 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
19:14:35.0880 5884 EPSON_PM_RPCV4_04 - ok
19:14:35.0974 5884 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:14:36.0005 5884 EraserUtilRebootDrv - ok
19:14:36.0036 5884 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:14:36.0083 5884 ErrDev - ok
19:14:36.0146 5884 esgiguard - ok
19:14:36.0192 5884 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:14:36.0333 5884 EventSystem - ok
19:14:36.0364 5884 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:14:36.0442 5884 exfat - ok
19:14:36.0489 5884 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:14:36.0629 5884 fastfat - ok
19:14:36.0676 5884 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:14:36.0754 5884 Fax - ok
19:14:36.0770 5884 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:14:36.0816 5884 fdc - ok
19:14:36.0848 5884 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:14:36.0910 5884 fdPHost - ok
19:14:36.0941 5884 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:14:37.0004 5884 FDResPub - ok
19:14:37.0035 5884 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:14:37.0082 5884 FileInfo - ok
19:14:37.0097 5884 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:14:37.0191 5884 Filetrace - ok
19:14:37.0238 5884 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:14:37.0300 5884 FLEXnet Licensing Service - ok
19:14:37.0362 5884 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:14:37.0409 5884 FLEXnet Licensing Service 64 - ok
19:14:37.0425 5884 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
19:14:37.0456 5884 flpydisk - ok
19:14:37.0503 5884 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:14:37.0534 5884 FltMgr - ok
19:14:37.0612 5884 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:14:37.0706 5884 FontCache - ok
19:14:37.0768 5884 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:14:37.0815 5884 FontCache3.0.0.0 - ok
19:14:37.0846 5884 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:14:37.0862 5884 FsDepends - ok
19:14:37.0908 5884 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
19:14:37.0924 5884 fssfltr - ok
19:14:38.0064 5884 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:14:38.0205 5884 fsssvc - ok
19:14:38.0236 5884 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:14:38.0314 5884 Fs_Rec - ok
19:14:38.0345 5884 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:14:38.0376 5884 fvevol - ok
19:14:38.0408 5884 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
19:14:38.0423 5884 gagp30kx - ok
19:14:38.0486 5884 [ 4FBCCBDD99A75C9EFBC90392CF32AF61 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
19:14:38.0548 5884 GameConsoleService - ok
19:14:38.0579 5884 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:14:38.0595 5884 GEARAspiWDM - ok
19:14:38.0642 5884 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:14:38.0782 5884 gpsvc - ok
19:14:38.0860 5884 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:14:39.0032 5884 gupdate - ok
19:14:39.0063 5884 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:14:39.0094 5884 gupdatem - ok
19:14:39.0141 5884 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:14:39.0188 5884 gusvc - ok
19:14:39.0234 5884 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:14:39.0328 5884 hcw85cir - ok
19:14:39.0359 5884 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:14:39.0406 5884 HdAudAddService - ok
19:14:39.0437 5884 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
19:14:39.0484 5884 HDAudBus - ok
19:14:39.0515 5884 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:14:39.0562 5884 HidBatt - ok
19:14:39.0593 5884 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:14:39.0656 5884 HidBth - ok
19:14:39.0687 5884 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:14:39.0749 5884 HidIr - ok
19:14:39.0796 5884 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
19:14:39.0874 5884 hidserv - ok
19:14:39.0921 5884 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:14:39.0936 5884 HidUsb - ok
19:14:39.0983 5884 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:14:40.0092 5884 hkmsvc - ok
19:14:40.0139 5884 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:14:40.0280 5884 HomeGroupListener - ok
19:14:40.0326 5884 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:14:40.0389 5884 HomeGroupProvider - ok
19:14:40.0420 5884 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:14:40.0436 5884 HpSAMD - ok
19:14:40.0498 5884 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:14:40.0607 5884 HTTP - ok
19:14:40.0732 5884 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:14:40.0763 5884 hwpolicy - ok
19:14:40.0810 5884 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
19:14:40.0826 5884 i8042prt - ok
19:14:40.0872 5884 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:14:40.0919 5884 iaStorV - ok
19:14:40.0997 5884 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:14:41.0060 5884 idsvc - ok
19:14:41.0184 5884 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120921.001\IDSvia64.sys
19:14:41.0231 5884 IDSVia64 - ok
19:14:41.0278 5884 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
19:14:41.0325 5884 iirsp - ok
19:14:41.0356 5884 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:14:41.0418 5884 IKEEXT - ok
19:14:41.0512 5884 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:14:41.0590 5884 IntcAzAudAddService - ok
19:14:41.0621 5884 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:14:41.0652 5884 intelide - ok
19:14:41.0668 5884 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:14:41.0715 5884 intelppm - ok
19:14:41.0762 5884 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:14:41.0840 5884 IPBusEnum - ok
19:14:41.0902 5884 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:14:41.0996 5884 IpFilterDriver - ok
19:14:42.0042 5884 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:14:42.0058 5884 IPMIDRV - ok
19:14:42.0120 5884 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:14:42.0214 5884 IPNAT - ok
19:14:42.0292 5884 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:14:42.0339 5884 iPod Service - ok
19:14:42.0386 5884 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:14:42.0479 5884 IRENUM - ok
19:14:42.0510 5884 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:14:42.0542 5884 isapnp - ok
19:14:42.0573 5884 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:14:42.0604 5884 iScsiPrt - ok
19:14:42.0635 5884 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
19:14:42.0651 5884 kbdclass - ok
19:14:42.0666 5884 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:14:42.0713 5884 kbdhid - ok
19:14:42.0744 5884 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:14:42.0760 5884 KeyIso - ok
19:14:42.0791 5884 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:14:42.0807 5884 KSecDD - ok
19:14:42.0854 5884 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:14:42.0869 5884 KSecPkg - ok
19:14:42.0900 5884 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:14:42.0994 5884 ksthunk - ok
19:14:43.0041 5884 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:14:43.0166 5884 KtmRm - ok
19:14:43.0197 5884 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
19:14:43.0275 5884 LanmanServer - ok
19:14:43.0322 5884 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:14:43.0431 5884 LanmanWorkstation - ok
19:14:43.0478 5884 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:14:43.0571 5884 lltdio - ok
19:14:43.0618 5884 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:14:43.0758 5884 lltdsvc - ok
19:14:43.0790 5884 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:14:43.0836 5884 lmhosts - ok
19:14:43.0852 5884 [ 16679269303613C4CE7C8FF03413410F ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
19:14:43.0868 5884 LPCFilter - ok
19:14:43.0899 5884 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
19:14:43.0914 5884 LSI_FC - ok
19:14:43.0946 5884 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
19:14:43.0961 5884 LSI_SAS - ok
19:14:43.0977 5884 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
19:14:44.0008 5884 LSI_SAS2 - ok
19:14:44.0024 5884 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
19:14:44.0039 5884 LSI_SCSI - ok
19:14:44.0055 5884 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:14:44.0195 5884 luafv - ok
19:14:44.0242 5884 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:14:44.0304 5884 Mcx2Svc - ok
19:14:44.0336 5884 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
19:14:44.0367 5884 megasas - ok
19:14:44.0382 5884 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
19:14:44.0414 5884 MegaSR - ok
19:14:44.0476 5884 Microsoft SharePoint Workspace Audit Service - ok
19:14:44.0507 5884 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:14:44.0616 5884 MMCSS - ok
19:14:44.0648 5884 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:14:44.0726 5884 Modem - ok
19:14:44.0741 5884 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:14:44.0788 5884 monitor - ok
19:14:44.0819 5884 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
19:14:44.0850 5884 mouclass - ok
19:14:44.0882 5884 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:14:44.0944 5884 mouhid - ok
19:14:44.0991 5884 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:14:45.0022 5884 mountmgr - ok
19:14:45.0069 5884 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:14:45.0084 5884 mpio - ok
19:14:45.0131 5884 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:14:45.0178 5884 mpsdrv - ok
19:14:45.0209 5884 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:14:45.0256 5884 MRxDAV - ok
19:14:45.0303 5884 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:14:45.0396 5884 mrxsmb - ok
19:14:45.0443 5884 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:14:45.0506 5884 mrxsmb10 - ok
19:14:45.0537 5884 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:14:45.0568 5884 mrxsmb20 - ok
19:14:45.0615 5884 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
19:14:45.0646 5884 msahci - ok
19:14:45.0677 5884 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:14:45.0724 5884 msdsm - ok
19:14:45.0755 5884 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:14:45.0802 5884 MSDTC - ok
19:14:45.0849 5884 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:14:45.0880 5884 Msfs - ok
19:14:45.0896 5884 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:14:45.0958 5884 mshidkmdf - ok
19:14:46.0005 5884 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:14:46.0052 5884 msisadrv - ok
19:14:46.0083 5884 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:14:46.0223 5884 MSiSCSI - ok
19:14:46.0223 5884 msiserver - ok
19:14:46.0254 5884 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:14:46.0317 5884 MSKSSRV - ok
19:14:46.0332 5884 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:14:46.0426 5884 MSPCLOCK - ok
19:14:46.0457 5884 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:14:46.0551 5884 MSPQM - ok
19:14:46.0598 5884 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:14:46.0691 5884 MsRPC - ok
19:14:46.0723 5884 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
19:14:46.0769 5884 mssmbios - ok
19:14:46.0785 5884 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:14:46.0863 5884 MSTEE - ok
19:14:46.0879 5884 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
19:14:46.0925 5884 MTConfig - ok
19:14:46.0941 5884 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:14:46.0972 5884 Mup - ok
19:14:47.0019 5884 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:14:47.0128 5884 napagent - ok
19:14:47.0159 5884 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:14:47.0222 5884 NativeWifiP - ok
19:14:47.0315 5884 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120921.033\ENG64.SYS
19:14:47.0331 5884 NAVENG - ok
19:14:47.0425 5884 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120921.033\EX64.SYS
19:14:47.0518 5884 NAVEX15 - ok
19:14:47.0581 5884 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
19:14:47.0659 5884 NDIS - ok
19:14:47.0690 5884 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:14:47.0768 5884 NdisCap - ok
19:14:47.0783 5884 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:14:47.0877 5884 NdisTapi - ok
19:14:47.0924 5884 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:14:48.0017 5884 Ndisuio - ok
19:14:48.0049 5884 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:14:48.0158 5884 NdisWan - ok
19:14:48.0189 5884 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:14:48.0220 5884 NDProxy - ok
19:14:48.0267 5884 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:14:48.0329 5884 NetBIOS - ok
19:14:48.0376 5884 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:14:48.0423 5884 NetBT - ok
19:14:48.0423 5884 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:14:48.0454 5884 Netlogon - ok
19:14:48.0485 5884 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:14:48.0548 5884 Netman - ok
19:14:48.0595 5884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:48.0657 5884 NetMsmqActivator - ok
19:14:48.0673 5884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:48.0704 5884 NetPipeActivator - ok
19:14:48.0735 5884 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:14:48.0860 5884 netprofm - ok
19:14:48.0891 5884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:48.0907 5884 NetTcpActivator - ok
19:14:48.0922 5884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:48.0938 5884 NetTcpPortSharing - ok
19:14:48.0969 5884 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
19:14:48.0985 5884 nfrd960 - ok
19:14:49.0078 5884 [ B4187346F54E362DAFFE647B25A58D50 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
19:14:49.0141 5884 NIS - ok
19:14:49.0172 5884 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
19:14:49.0250 5884 NlaSvc - ok
19:14:49.0265 5884 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:14:49.0312 5884 Npfs - ok
19:14:49.0343 5884 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:14:49.0421 5884 nsi - ok
19:14:49.0468 5884 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:14:49.0577 5884 nsiproxy - ok
19:14:49.0655 5884 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:14:49.0796 5884 Ntfs - ok
19:14:49.0811 5884 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:14:49.0858 5884 Null - ok
19:14:49.0874 5884 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:14:49.0905 5884 nvraid - ok
19:14:49.0936 5884 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:14:49.0967 5884 nvstor - ok
19:14:49.0999 5884 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:14:50.0030 5884 nv_agp - ok
19:14:50.0045 5884 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:14:50.0061 5884 ohci1394 - ok
19:14:50.0139 5884 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:50.0217 5884 ose - ok
19:14:50.0435 5884 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:14:50.0654 5884 osppsvc - ok
19:14:50.0685 5884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:14:50.0779 5884 p2pimsvc - ok
19:14:50.0981 5884 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:14:51.0091 5884 p2psvc - ok
19:14:51.0122 5884 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
19:14:51.0153 5884 Parport - ok
19:14:51.0200 5884 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:14:51.0215 5884 partmgr - ok
19:14:51.0247 5884 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:14:51.0293 5884 PcaSvc - ok
19:14:51.0340 5884 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:14:51.0356 5884 pci - ok
19:14:51.0371 5884 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
19:14:51.0387 5884 pciide - ok
19:14:51.0434 5884 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
19:14:51.0449 5884 pcmcia - ok
19:14:51.0465 5884 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:14:51.0496 5884 pcw - ok
19:14:51.0527 5884 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:14:51.0621 5884 PEAUTH - ok
19:14:51.0699 5884 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:14:51.0746 5884 PerfHost - ok
19:14:51.0793 5884 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
19:14:51.0902 5884 PGEffect - ok
19:14:51.0995 5884 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:14:52.0136 5884 pla - ok
19:14:52.0167 5884 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:14:52.0261 5884 PlugPlay - ok
19:14:52.0292 5884 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:14:52.0354 5884 PNRPAutoReg - ok
19:14:52.0417 5884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:14:52.0432 5884 PNRPsvc - ok
19:14:52.0479 5884 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:14:52.0604 5884 PolicyAgent - ok
19:14:52.0651 5884 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:14:52.0713 5884 Power - ok
19:14:52.0760 5884 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:14:52.0822 5884 PptpMiniport - ok
19:14:52.0853 5884 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
19:14:52.0916 5884 Processor - ok
19:14:52.0947 5884 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:14:53.0041 5884 ProfSvc - ok
19:14:53.0056 5884 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:14:53.0072 5884 ProtectedStorage - ok
19:14:53.0119 5884 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:14:53.0228 5884 Psched - ok
19:14:53.0337 5884 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
19:14:53.0399 5884 ql2300 - ok
19:14:53.0415 5884 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
19:14:53.0446 5884 ql40xx - ok
19:14:53.0493 5884 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:14:53.0602 5884 QWAVE - ok
19:14:53.0618 5884 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:14:53.0649 5884 QWAVEdrv - ok
19:14:53.0680 5884 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:14:53.0774 5884 RasAcd - ok
19:14:53.0836 5884 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:14:53.0899 5884 RasAgileVpn - ok
19:14:53.0930 5884 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:14:54.0039 5884 RasAuto - ok
19:14:54.0086 5884 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:14:54.0148 5884 Rasl2tp - ok
19:14:54.0211 5884 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:14:54.0320 5884 RasMan - ok
19:14:54.0367 5884 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:14:54.0429 5884 RasPppoe - ok
19:14:54.0460 5884 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:14:54.0523 5884 RasSstp - ok
19:14:54.0569 5884 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:14:54.0647 5884 rdbss - ok
19:14:54.0679 5884 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
19:14:54.0757 5884 rdpbus - ok
19:14:54.0772 5884 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:14:54.0850 5884 RDPCDD - ok
19:14:54.0881 5884 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:14:54.0959 5884 RDPENCDD - ok
19:14:54.0991 5884 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:14:55.0022 5884 RDPREFMP - ok
19:14:55.0069 5884 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:14:55.0209 5884 RDPWD - ok
19:14:55.0256 5884 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:14:55.0287 5884 rdyboost - ok
19:14:55.0334 5884 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:14:55.0443 5884 RemoteAccess - ok
19:14:55.0490 5884 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:14:55.0568 5884 RemoteRegistry - ok
19:14:55.0599 5884 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:14:55.0661 5884 RpcEptMapper - ok
19:14:55.0693 5884 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:14:55.0755 5884 RpcLocator - ok
19:14:55.0817 5884 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:14:55.0864 5884 RpcSs - ok
19:14:55.0911 5884 RSELSVC - ok
19:14:55.0942 5884 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:14:56.0036 5884 rspndr - ok
19:14:56.0067 5884 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
19:14:56.0129 5884 RSUSBSTOR - ok
19:14:56.0145 5884 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
19:14:56.0240 5884 RTL8167 - ok
19:14:56.0302 5884 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
19:14:56.0349 5884 rtl8192se - ok
19:14:56.0364 5884 RtsUIR - ok
19:14:56.0380 5884 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:14:56.0396 5884 SamSs - ok
19:14:56.0442 5884 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:14:56.0474 5884 sbp2port - ok
19:14:56.0505 5884 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:14:56.0645 5884 SCardSvr - ok
19:14:56.0676 5884 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:14:56.0723 5884 scfilter - ok
19:14:56.0770 5884 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:14:56.0910 5884 Schedule - ok
19:14:56.0957 5884 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:14:56.0988 5884 SCPolicySvc - ok
19:14:57.0035 5884 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:14:57.0160 5884 SDRSVC - ok
19:14:57.0191 5884 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:14:57.0238 5884 secdrv - ok
19:14:57.0269 5884 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:14:57.0378 5884 seclogon - ok
19:14:57.0425 5884 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
19:14:57.0503 5884 SENS - ok
19:14:57.0534 5884 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:14:57.0659 5884 SensrSvc - ok
19:14:57.0675 5884 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
19:14:57.0722 5884 Serenum - ok
19:14:57.0768 5884 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
19:14:57.0784 5884 Serial - ok
19:14:57.0815 5884 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
19:14:57.0846 5884 sermouse - ok
19:14:57.0893 5884 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:14:57.0987 5884 SessionEnv - ok
19:14:58.0034 5884 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:14:58.0080 5884 sffdisk - ok
19:14:58.0112 5884 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:14:58.0143 5884 sffp_mmc - ok
19:14:58.0174 5884 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:14:58.0236 5884 sffp_sd - ok
19:14:58.0268 5884 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
19:14:58.0330 5884 sfloppy - ok
19:14:58.0424 5884 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:14:58.0517 5884 ShellHWDetection - ok
19:14:58.0580 5884 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
19:14:58.0626 5884 SiSRaid2 - ok
19:14:58.0642 5884 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
19:14:58.0658 5884 SiSRaid4 - ok
19:14:58.0767 5884 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:14:58.0970 5884 SkypeUpdate - ok
19:14:59.0001 5884 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:14:59.0063 5884 Smb - ok
19:14:59.0094 5884 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:14:59.0141 5884 SNMPTRAP - ok
19:14:59.0172 5884 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:14:59.0235 5884 spldr - ok
19:14:59.0266 5884 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:14:59.0344 5884 Spooler - ok
19:14:59.0453 5884 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:14:59.0703 5884 sppsvc - ok
19:14:59.0750 5884 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:14:59.0843 5884 sppuinotify - ok
19:14:59.0937 5884 [ 96BABC4906ECDB1C69D1176F8647AD8E ] SRTSP C:\windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
19:14:59.0984 5884 SRTSP - ok
19:14:59.0999 5884 [ C7F491A290E0E4222F5CDCD50EEB8167 ] SRTSPX C:\windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
19:15:00.0015 5884 SRTSPX - ok
19:15:00.0062 5884 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:15:00.0171 5884 srv - ok
19:15:00.0202 5884 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:15:00.0233 5884 srv2 - ok
19:15:00.0280 5884 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:15:00.0296 5884 srvnet - ok
19:15:00.0358 5884 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:15:00.0420 5884 SSDPSRV - ok
19:15:00.0452 5884 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:15:00.0530 5884 SstpSvc - ok
19:15:00.0561 5884 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
19:15:00.0576 5884 stexstor - ok
19:15:00.0654 5884 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:15:00.0732 5884 stisvc - ok
19:15:00.0779 5884 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
19:15:00.0810 5884 swenum - ok
19:15:00.0857 5884 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:15:00.0982 5884 swprv - ok
19:15:01.0154 5884 [ 659B227A72B76115975A6A9491B2FE1F ] SymDS C:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
19:15:01.0264 5884 SymDS - ok
19:15:01.0311 5884 [ 9F5783A4A03D0091CDBDAA858B566926 ] SymEFA C:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
19:15:01.0342 5884 SymEFA - ok
19:15:01.0373 5884 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
19:15:01.0389 5884 SymEvent - ok
19:15:01.0435 5884 [ F57588546E738DB1583981D8F44E9BC2 ] SymIRON C:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
19:15:01.0482 5884 SymIRON - ok
19:15:01.0513 5884 [ 3ADFB72F0797AE3832509FE030755E21 ] SYMTDIv C:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
19:15:01.0529 5884 SYMTDIv - ok
19:15:01.0576 5884 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:15:01.0591 5884 SynTP - ok
19:15:01.0685 5884 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:15:01.0794 5884 SysMain - ok
19:15:01.0857 5884 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:15:01.0950 5884 TabletInputService - ok
19:15:01.0997 5884 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:15:02.0122 5884 TapiSrv - ok
19:15:02.0169 5884 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:15:02.0215 5884 TBS - ok
19:15:02.0293 5884 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:15:02.0356 5884 Tcpip - ok
19:15:02.0387 5884 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:15:02.0434 5884 TCPIP6 - ok
19:15:02.0465 5884 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:15:02.0527 5884 tcpipreg - ok
19:15:02.0543 5884 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
19:15:02.0574 5884 tdcmdpst - ok
19:15:02.0590 5884 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:15:02.0699 5884 TDPIPE - ok
19:15:02.0746 5884 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:15:02.0793 5884 TDTCP - ok
19:15:02.0839 5884 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:15:02.0917 5884 tdx - ok
19:15:02.0949 5884 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
19:15:02.0964 5884 TermDD - ok
19:15:03.0011 5884 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:15:03.0089 5884 TermService - ok
19:15:03.0136 5884 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:15:03.0183 5884 Themes - ok
19:15:03.0214 5884 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:15:03.0261 5884 THREADORDER - ok
19:15:03.0339 5884 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:15:03.0370 5884 TMachInfo - ok
19:15:03.0401 5884 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
19:15:03.0432 5884 TODDSrv - ok
19:15:03.0479 5884 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:15:03.0495 5884 TosCoSrv - ok
19:15:03.0541 5884 [ 707800855AFBD7648375EFB1519B8D6D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:15:03.0573 5884 TOSHIBA eco Utility Service - ok
19:15:03.0604 5884 [ EDA12E9BC9A0F104C24101720EEC4785 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:15:03.0635 5884 TOSHIBA HDD SSD Alert Service - ok
19:15:03.0666 5884 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
19:15:03.0682 5884 tos_sps64 - ok
19:15:03.0729 5884 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:15:03.0775 5884 TPCHSrv - ok
19:15:03.0807 5884 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:15:03.0869 5884 TrkWks - ok
19:15:03.0931 5884 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:15:03.0994 5884 TrustedInstaller - ok
19:15:04.0041 5884 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:15:04.0087 5884 tssecsrv - ok
19:15:04.0165 5884 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:15:04.0290 5884 TsUsbFlt - ok
19:15:04.0353 5884 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:15:04.0415 5884 tunnel - ok
19:15:04.0462 5884 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:15:04.0477 5884 TVALZ - ok
19:15:04.0524 5884 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
19:15:04.0540 5884 TVALZFL - ok
19:15:04.0571 5884 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
19:15:04.0602 5884 uagp35 - ok
19:15:04.0649 5884 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:15:04.0711 5884 udfs - ok
19:15:04.0758 5884 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:15:04.0774 5884 UI0Detect - ok
19:15:04.0821 5884 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:15:04.0836 5884 uliagpkx - ok
19:15:04.0867 5884 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
19:15:04.0914 5884 umbus - ok
19:15:04.0945 5884 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:15:04.0992 5884 UmPass - ok
19:15:05.0039 5884 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:15:05.0101 5884 upnphost - ok
19:15:05.0148 5884 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
19:15:05.0179 5884 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
19:15:05.0179 5884 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
19:15:05.0226 5884 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:15:05.0335 5884 usbccgp - ok
19:15:05.0335 5884 USBCCID - ok
19:15:05.0367 5884 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:15:05.0429 5884 usbcir - ok
19:15:05.0476 5884 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
19:15:05.0507 5884 usbehci - ok
19:15:05.0523 5884 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:15:05.0569 5884 usbhub - ok
19:15:05.0601 5884 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
19:15:05.0663 5884 usbohci - ok
19:15:05.0710 5884 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:15:05.0757 5884 usbprint - ok
19:15:05.0788 5884 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:15:05.0850 5884 usbscan - ok
19:15:05.0897 5884 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:15:05.0991 5884 USBSTOR - ok
19:15:06.0022 5884 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:15:06.0100 5884 usbuhci - ok
19:15:06.0131 5884 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
19:15:06.0209 5884 usbvideo - ok
19:15:06.0240 5884 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:15:06.0365 5884 UxSms - ok
19:15:06.0381 5884 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:15:06.0412 5884 VaultSvc - ok
19:15:06.0505 5884 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:15:06.0552 5884 vdrvroot - ok
19:15:06.0583 5884 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:15:06.0646 5884 vds - ok
19:15:06.0661 5884 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:15:06.0693 5884 vga - ok
19:15:06.0708 5884 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:15:06.0771 5884 VgaSave - ok
19:15:06.0817 5884 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:15:06.0864 5884 vhdmp - ok
19:15:06.0895 5884 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:15:06.0911 5884 viaide - ok
19:15:06.0927 5884 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:15:06.0958 5884 volmgr - ok
19:15:06.0989 5884 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:15:07.0020 5884 volmgrx - ok
19:15:07.0051 5884 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:15:07.0067 5884 volsnap - ok
19:15:07.0098 5884 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
19:15:07.0129 5884 vsmraid - ok
19:15:07.0207 5884 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:15:07.0301 5884 VSS - ok
19:15:07.0317 5884 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:15:07.0379 5884 vwifibus - ok
19:15:07.0410 5884 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:15:07.0473 5884 vwififlt - ok
19:15:07.0504 5884 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
19:15:07.0551 5884 vwifimp - ok
19:15:07.0597 5884 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:15:07.0660 5884 W32Time - ok
19:15:07.0691 5884 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
19:15:07.0738 5884 WacomPen - ok
19:15:07.0785 5884 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:15:07.0909 5884 WANARP - ok
19:15:07.0925 5884 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:15:07.0972 5884 Wanarpv6 - ok
19:15:08.0019 5884 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:15:08.0065 5884 WatAdminSvc - ok
19:15:08.0143 5884 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:15:08.0206 5884 wbengine - ok
19:15:08.0221 5884 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:15:08.0299 5884 WbioSrvc - ok
19:15:08.0331 5884 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:15:08.0362 5884 wcncsvc - ok
19:15:08.0393 5884 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:15:08.0487 5884 WcsPlugInService - ok
19:15:08.0502 5884 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
19:15:08.0533 5884 Wd - ok
19:15:08.0565 5884 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:15:08.0596 5884 Wdf01000 - ok
19:15:08.0611 5884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:15:08.0736 5884 WdiServiceHost - ok
19:15:08.0752 5884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:15:08.0783 5884 WdiSystemHost - ok
19:15:08.0830 5884 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:15:08.0955 5884 WebClient - ok
19:15:08.0986 5884 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:15:09.0095 5884 Wecsvc - ok
19:15:09.0111 5884 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:15:09.0189 5884 wercplsupport - ok
19:15:09.0220 5884 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:15:09.0313 5884 WerSvc - ok
19:15:09.0360 5884 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:15:09.0423 5884 WfpLwf - ok
19:15:09.0438 5884 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:15:09.0454 5884 WIMMount - ok
19:15:09.0469 5884 WinHttpAutoProxySvc - ok
19:15:09.0516 5884 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:15:09.0594 5884 Winmgmt - ok
19:15:09.0688 5884 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:15:09.0875 5884 WinRM - ok
19:15:09.0953 5884 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:15:10.0015 5884 WinUsb - ok
19:15:10.0093 5884 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:15:10.0171 5884 Wlansvc - ok
19:15:10.0249 5884 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:15:10.0265 5884 wlcrasvc - ok
19:15:10.0421 5884 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:15:10.0483 5884 wlidsvc - ok
19:15:10.0515 5884 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:15:10.0561 5884 WmiAcpi - ok
19:15:10.0608 5884 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:15:10.0671 5884 wmiApSrv - ok
19:15:10.0702 5884 WMPNetworkSvc - ok
19:15:10.0764 5884 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
19:15:10.0811 5884 WMZuneComm - ok
19:15:10.0827 5884 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:15:10.0936 5884 WPCSvc - ok
19:15:10.0983 5884 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:15:11.0061 5884 WPDBusEnum - ok
19:15:11.0123 5884 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:15:11.0185 5884 ws2ifsl - ok
19:15:11.0201 5884 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
19:15:11.0248 5884 WSDPrintDevice - ok
19:15:11.0295 5884 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
19:15:11.0310 5884 WSDScan - ok
19:15:11.0326 5884 WSearch - ok
19:15:11.0341 5884 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:15:11.0404 5884 WudfPf - ok
19:15:11.0451 5884 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:15:11.0560 5884 WUDFRd - ok
19:15:11.0591 5884 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:15:11.0638 5884 wudfsvc - ok
19:15:11.0669 5884 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:15:11.0731 5884 WwanSvc - ok
19:15:11.0825 5884 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:15:11.0919 5884 YahooAUService - ok
19:15:12.0153 5884 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
19:15:12.0511 5884 ZuneNetworkSvc - ok
19:15:12.0558 5884 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
19:15:12.0589 5884 ZuneWlanCfgSvc - ok
19:15:12.0589 5884 ================ Scan global ===============================
19:15:12.0667 5884 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:15:12.0699 5884 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:15:12.0714 5884 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:15:12.0745 5884 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:15:12.0792 5884 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:15:12.0792 5884 [Global] - ok
19:15:12.0792 5884 ================ Scan MBR ==================================
19:15:12.0823 5884 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:15:13.0900 5884 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:15:13.0900 5884 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:15:13.0900 5884 ================ Scan VBR ==================================
19:15:13.0947 5884 [ 97C9AD973F7BC30BB325429C5183FCCC ] \Device\Harddisk0\DR0\Partition1
19:15:13.0947 5884 \Device\Harddisk0\DR0\Partition1 - ok
19:15:13.0947 5884 ============================================================
19:15:13.0947 5884 Scan finished
19:15:13.0947 5884 ============================================================
19:15:13.0978 5876 Detected object count: 2
19:15:13.0978 5876 Actual detected object count: 2
19:16:40.0792 5876 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:16:40.0792 5876 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:16:41.0213 5876 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
19:16:41.0946 5876 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
19:16:42.0648 5876 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
19:16:43.0335 5876 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
19:16:43.0350 5876 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
19:16:44.0037 5876 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:16:45.0160 5876 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
19:16:45.0191 5876 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
19:16:45.0207 5876 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
19:16:45.0222 5876 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:16:45.0238 5876 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:16:45.0269 5876 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
19:16:45.0285 5876 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
19:16:45.0285 5876 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
19:16:45.0300 5876 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:16:45.0316 5876 \Device\Harddisk0\DR0\TDLFS - deleted
19:16:45.0316 5876 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete


These are the Combofix results

ComboFix 12-09-22.02 - TVG 09/22/2012 19:45:53.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.2411 [GMT -5:00]
Running from: c:\users\TVG\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Dealio Toolbar
c:\program files (x86)\Dealio Toolbar\FF\chrome.manifest
c:\program files (x86)\Dealio Toolbar\FF\chrome\chrome.jar
c:\program files (x86)\Dealio Toolbar\FF\install.rdf
c:\program files (x86)\Dealio Toolbar\IE\6.2\config.ini
c:\program files (x86)\Dealio Toolbar\IE\6.2\dealioToolbarIE.dll
c:\program files (x86)\Dealio Toolbar\Res\amazon.gif
c:\program files (x86)\Dealio Toolbar\Res\apple.gif
c:\program files (x86)\Dealio Toolbar\Res\barnes.gif
c:\program files (x86)\Dealio Toolbar\Res\bestbuy.gif
c:\program files (x86)\Dealio Toolbar\Res\dealio_logo.gif
c:\program files (x86)\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files (x86)\Dealio Toolbar\Res\ebay.gif
c:\program files (x86)\Dealio Toolbar\Res\facebook.gif
c:\program files (x86)\Dealio Toolbar\Res\googleplus.gif
c:\program files (x86)\Dealio Toolbar\Res\icon_settings.gif
c:\program files (x86)\Dealio Toolbar\Res\Lang\res1031.ini
c:\program files (x86)\Dealio Toolbar\Res\Lang\res1033.ini
c:\program files (x86)\Dealio Toolbar\Res\Lang\res1034.ini
c:\program files (x86)\Dealio Toolbar\Res\Lang\res1036.ini
c:\program files (x86)\Dealio Toolbar\Res\Lang\res1040.ini
c:\program files (x86)\Dealio Toolbar\Res\macys.gif
c:\program files (x86)\Dealio Toolbar\Res\newegg.gif
c:\program files (x86)\Dealio Toolbar\Res\overstock.gif
c:\program files (x86)\Dealio Toolbar\Res\radio-close.gif
c:\program files (x86)\Dealio Toolbar\Res\radio-minimize.gif
c:\program files (x86)\Dealio Toolbar\Res\radiobeta.gif
c:\program files (x86)\Dealio Toolbar\Res\search-button-hover.gif
c:\program files (x86)\Dealio Toolbar\Res\search-button.gif
c:\program files (x86)\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\Dealio Toolbar\Res\search-chevron.gif
c:\program files (x86)\Dealio Toolbar\Res\search_amazon.gif
c:\program files (x86)\Dealio Toolbar\Res\search_baidu.gif
c:\program files (x86)\Dealio Toolbar\Res\search_dealio.gif
c:\program files (x86)\Dealio Toolbar\Res\search_ebay.gif
c:\program files (x86)\Dealio Toolbar\Res\search_yahoo.gif
c:\program files (x86)\Dealio Toolbar\Res\search_yandex.gif
c:\program files (x86)\Dealio Toolbar\Res\target.gif
c:\program files (x86)\Dealio Toolbar\Res\twitter.gif
c:\program files (x86)\Dealio Toolbar\Res\walmart.gif
c:\program files (x86)\Dealio Toolbar\Res\widgets.xml
c:\program files (x86)\Dealio Toolbar\WidgiHelper.exe
c:\windows\svchost.exe
c:\windows\svchost.exe.vir
.
.
((((((((((((((((((((((((( Files Created from 2012-08-23 to 2012-09-23 )))))))))))))))))))))))))))))))
.
.
2012-09-23 01:11 . 2012-09-23 01:12 -------- d-----w- c:\users\TD\AppData\Local\temp
2012-09-23 01:11 . 2012-09-23 01:11 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-09-21 20:07 . 2012-09-21 20:07 -------- d-----w- C:\_OTL
2012-09-15 22:41 . 2012-08-21 18:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-15 22:40 . 2012-09-15 22:40 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-15 19:21 . 2012-09-15 19:21 -------- d-----w- c:\users\TVG\AppData\Roaming\Tific
2012-09-15 19:21 . 2012-09-15 19:21 -------- d-----w- c:\users\TVG\AppData\Local\Symantec
2012-09-15 16:25 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-09-15 16:25 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-09-15 16:24 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-09-15 16:24 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-09-15 16:24 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-09-15 16:24 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-09-15 16:24 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-09-15 16:24 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-09-15 16:24 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-09-15 16:24 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-09-15 16:24 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-09-15 16:24 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-09-15 16:20 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-15 16:20 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-15 16:20 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-15 16:19 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-15 16:19 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-22 14:08 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-31 05:43 . 2010-07-16 19:42 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 18:01 . 2011-05-22 04:19 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 18:01 . 2011-05-22 04:19 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-12 16:44 . 2012-08-12 16:44 122368 ----a-w- c:\programdata\Microsoft\Windows\DRM\A302.tmp.dat
2012-08-10 13:26 . 2012-03-30 02:20 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-10 13:26 . 2011-05-22 15:12 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-29 21:10 . 2012-07-29 21:10 111104 ----a-w- c:\programdata\Microsoft\Windows\DRM\128.tmp.dat
2012-07-27 14:29 . 2012-07-27 14:29 127488 ----a-w- c:\programdata\Microsoft\Windows\DRM\AE96.tmp.dat
2012-07-17 17:04 . 2012-07-17 17:04 115712 ----a-w- c:\programdata\Microsoft\Windows\DRM\E1DF.tmp.dat
2012-07-02 21:15 . 2011-12-05 18:25 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-07-02 21:15 . 2011-12-05 18:25 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-07 02:33 1519304 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-07 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-24 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-10 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-14 34088]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-11-21 2454840]
"NortonOnlineBackupReminder"="c:\program files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-08-10 529256]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-07 1564872]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-07-02 296096]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-07-27 1095560]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative64
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-26 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-31 222208]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-09-17 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-16 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2009-08-30 433200]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-09-05 1385120]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120921.001\IDSvia64.sys [2012-09-14 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 203264]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-07-27 794560]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
S2 RSELSVC;TOSHIBA Modem region select service;c:\program files\TOSHIBA\rselect\RSelSvc.exe [2009-07-07 65904]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-27 251760]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-15 138912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 21:13]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 21:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-29 7982112]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2008-09-25 195080]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 709976]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\TVG\AppData\Roaming\Mozilla\Firefox\Profiles\2l9ev7te.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6
FF - Ext: RealPlayer Browser Record Plugin: {C3949AC2-4B17-43ee-B4F1-D26B9D42404D} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKLM-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
Wow6432Node-HKU-Default-Run-edeebebecdefddct - c:\programdata\edeebebecdefddct.exe
SafeBoot-96465546.sys
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-Yahoo! BrowserPlus - c:\users\TVG\AppData\Local\Yahoo!\BrowserPlus\BrowserPlusUninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:7d,ae,5a,aa,2f,10,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
.
Completion time: 2012-09-22 20:25:34 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-23 01:25
.
Pre-Run: 224,899,448,832 bytes free
Post-Run: 231,109,001,216 bytes free
.
- - End Of File - - 371C2A53FE352383518B4B65809DA0D7
My system seems to be running fine. awaiting further instructions

I'm not sure if i got NIS completely disabled. I turned everything off that I saw. Thanks

Edited by debo79, 22 September 2012 - 07:57 PM.

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK time for the big question......... Are you experiencing any problems at all ?
  • 0

#13
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
It seems to be running ok. should i run a NIS scan?
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If you wish but first I will remove the tools and empty the quarantine to ensure that they do not get detected

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#15
debo79

debo79

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
After I ran NIS it found this:

tsk000.dta(trojan.Zeroaccess!inf4)
is found in tsk000 intdskiller


c:\tdsskiller_quarantine\22.09.2012_08.49.06\zasubsys0000\file0000\tsk0000.dta
____________________________
____________________________
On computer as of
9/22/2012 at 8:54:19 AM
Last Used:
9/23/2012 at 7:02:27 PM
Startup Item: No
Launched: No
____________________________
____________________________
Many Users
Tens of thousands of users in the Norton Community have used this file.
____________________________
High
This file risk is high.
____________________________
Threat Details
Programs that actively track and send personal or confidential information to third parties.
____________________________
Origin

Downloaded from Not Available
____________________________
URL Not Available
UNTESTED

Source
tsk0000.dta
____________________________
File Actions
Infected file: c:\tdsskiller_quarantine\22.09.2012_08.49.06\zasubsys0000\file0000\tsk0000.dta
Manual removal required
____________________________
File Thumbprint:
Not Available
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP